×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Researchers Say Flame and Stuxnet Share Common Authors

samzenpus posted about 2 years ago | from the who's-to-blame? dept.

Security 114

Trailrunner7 writes "Researchers digging through the code of the recently discovered Flame worm say they have come across a wealth of evidence that suggests Flame and the now-famous Stuxnet worm share a common origin. Researchers from Kaspersky Lab say that a critical module that the Flame worm used to spread is identical to a module used by Stuxnet.a, an early variant of the Stuxnet worm that began circulating in 2009, more than a year before a later variant of the worm was discovered by antivirus researchers at the Belarussian firm VirusBlokAda. The claims are the most direct, to date, that link the Flame malware, which attacked Iranian oil facilities, with Stuxnet, which is believed to have targeted Iran's uranium-enrichment facility at Natanz. If true, they suggest a widespread and multi-year campaign of offensive cyber attacks against multiple targets within that country."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

114 comments

Yeah, no shit (5, Insightful)

crazyjj (2598719) | about 2 years ago | (#40284429)

If true, they suggest a widespread and multi-year campaign of offensive cyber attacks against multiple targets within that country

What's next, researchers discovering that the recent spate of assassinations [cnn.com] of Iranian nuclear scientists are SOMEHOW connected?

Anyone who hasn't realized (or *claims* not to have realized) by now that there has been an elaborate, multi-year shadow war by the CIA/Mossad trying to sabotage the Iranian nuclear program is either willfully-blind, retarded, or a shill. Christ, Mossad and the CIA barely even bother to *HIDE* it anymore. Everyone in their right mind knew what was really going on the second Stuxnet was dissected. And they certainly realized it the first time mysterious guys on a motorcycle attached a magnetic bomb to the car of a guy who just happened to also be a prominent nuclear scientist in Iran.

Of course, some willfully-blind, retarded shill out there is going to reply to this and say that those scientists killed themselves and that Stuxnet and Flame were actually created by Iran in an incredibly convoluted attempt to gain world sympathy. Such is true delusion.

Re:Yeah, no shit (0, Flamebait)

Anonymous Coward | about 2 years ago | (#40284569)

Sir, I have read and pondered your post. At this time there is only one commentary which occurs to me: niggers.

Re:Yeah, no shit (1)

Anonymous Coward | about 2 years ago | (#40284573)

Yet we ignore/deny the Iranian "not so shadow" war in Eritria, Somalia, Iraq, Afghanistan, Syria, Lebanon and Palistine?

Re:Yeah, no shit (5, Funny)

ColdWetDog (752185) | about 2 years ago | (#40284577)

Christ, Mossad and the CIA barely even bother to *HIDE* it anymore

Wait. What?

OK, the CIA and Mossad I get. Fine. That's what they do.

But Jesus?

What's he doing getting into electronic warfare? I thought he was supposed to be a nice guy, turn the other cheek and all that?

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40284715)

I wish I had mod points. Thanks for the laugh.

Re:Yeah, no shit (-1)

Anonymous Coward | about 2 years ago | (#40285999)

Jesus was not a nice guy. He was a good man. There's a big difference. He was militant. When he went into the Temple at Passover, he used a whip to drive the money changers from the Temple. The money changers had guards, security, and a lot of cash on the table. They would not have been driven out and away from their cash lightly. So we have the image of a man who could, when it was called for, be incredibly fierce. Jesus was a warrior. Not a soldier, mind you -- but a warrior. Turning the other cheek, by the way, was an expression of defiance, not surrender.

Re:Yeah, no shit (3, Insightful)

LordLimecat (1103839) | about 2 years ago | (#40286089)

Ignorance abounds. If turn the other cheek was an expression of defiance, what about the immediately following verse of giving your cloak too?

Re:Yeah, no shit (2)

houghi (78078) | about 2 years ago | (#40286127)

But Jesus? What's he doing getting into electronic warfare?

I am not sure, but when I see how many politicians thank Him, I would guess a lot.

Re:Yeah, no shit (1)

Anonymous Coward | about 2 years ago | (#40286951)

Well, he was a Jewish carpenter. You could look at the death and resurrection story as a simple spy extraction.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40291169)

Well he is a Jew, from Judea, so maybe he was recruited into Mossad?

Re:Yeah, no shit (3, Interesting)

jandrese (485) | about 2 years ago | (#40284601)

I don't think there are too many people who are overly skeptical of who made Stuxnet and Flame. The primary arguments seemed to be "Israel or the US, or Israel AND the US?" It seems pretty clear that both of these were a backdoor solution to a problem they felt could not be solved by diplomatic or economic means. Nuclear nonproliferation is something the world as a whole has been very bad at in the past, this could be one of the few success stories.

Re:Yeah, no shit (1)

Anonymous Coward | about 2 years ago | (#40284651)

Is there any evidence that this has done anything but slow them down a tad? I haven't actually seen the proof that we've been able to stop them or even have the capability of permanently stopping them short of overthrowing the leadership or wiping out the country.

Re:Yeah, no shit (3, Informative)

jandrese (485) | about 2 years ago | (#40285417)

Slowing them down is more than the UN, NATO, economic sanctions, political posturing, or anything else has done. Slow down the program enough and maybe there will be time for political reform to bubble up from the bottom. The last elections in Iran drew a lot of anger from the populace, we can only hope that the latent anger eventually boils over and goes full Egypt given enough time. Direct military intervention (regime change) is just not practical, so you do what you can. Anything we can do to hold back the day when Jerusalem is a radioactive crater is a win in my book. Sure it's possible, and maybe even likely, that Mahmoud Ahmadinejad was just blowing smoke with his promises to wipe Israel off of the map, but it's a big gamble when you're talking about the lives of 7.5 million people are on the line.

Re:Yeah, no shit (1)

cayenne8 (626475) | about 2 years ago | (#40285579)

Didn't the US do this to the Soviets during the cold war too? Something embedded into the hardware sold to the Russians that messed up a factory or plant for nuclear power/weapons?

Re:Yeah, no shit (3, Informative)

ShanghaiBill (739463) | about 2 years ago | (#40285983)

Didn't the US do this to the Soviets during the cold war too? Something embedded into the hardware sold to the Russians that messed up a factory or plant for nuclear power/weapons?

Supposedly the CIA put a bug in some gas pipeline SCADA software that caused a major explosion in Siberia. There is some doubt about whether this really happened. More info here: Siberian Pipeline Sabotage [wikipedia.org].

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40287905)

Occams Razor on this one: I believe it more likely that obsolete Soviet industrial design, poor maintenance, and feckless human oversight were the cause of this situation.

Re:Yeah, no shit (1)

shiftless (410350) | about 2 years ago | (#40287869)

Slowing them down is more than the UN, NATO, economic sanctions, political posturing, or anything else has done.

At what cost?

Re:Yeah, no shit (1)

Will.Woodhull (1038600) | about 2 years ago | (#40291239)

At what cost?

Since we are talking about acts of war, both in Iran's stated objectives wrt USA and other nations, and the USA led response of imposing war time embargos on trade with Iran, the cost needs to be measured in the context of war.

Number of dead from these attacks (including attackers, defenders, and collateral deaths): minimal.

Amount of war material drawn from stockpiles or inventory needed to support this attack: minimal.

Cost of disruption of civilian economic activities of these attacks: For the attackers, minimal. For Iran, significant wrt computer techs and other assets needed to cleanse and defend infrastructure systems, but this is not the kind of expense that the typical Iranian civilian would see in an increase in cost of living, etc.

So, the short answer is that the cost of this program, if it is properly managed to keep it on target, is minimal to everything, except Iran's program to become a nuclear bully nation.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40287883)

It blew up a significant number of their centrifuges, so yes, it slowed them down. And often when one blew up it took other nearby ones with it, so all in all, this technique goes in the win column.

Re:Yeah, no shit (1)

Will.Woodhull (1038600) | about 2 years ago | (#40291167)

Well, stuxnet and Flame becoming public are really the first evidence that someone is putting teeth into the Nuclear Non-Proliferation Treaty (which is now something like 40 years old, with over 150 countries signing on to it).

If one or two more incidents like these happen over the next year or so, I think pragmatists in Iran's government and any other nation that is considering developing their own nuclear weapons program will make sure their governments do not waste any resources on an impossible objective. It would be one thing to spend a chunk of your GNP on gaining bragging rights as a nuclear power; it is something else again to throw that wealth into a black hole from which nothing of use will come forth.

If you want to look for the governments that put together the stuxnet-Flame cooperative, start by looking at the strongest proponents of the NNPT. The USA, Russia, the UK, France, etc.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40284687)

But what gives them the right to do this but have their own nuclear weapons?

Especially given the fact that doing all of this could really give a person a reason to hate you and want to nuke you. Say that in the end, it actually all just is for the energy and to be as independent from other countries as possible on energy needs, the damage that the US and Israel caused here (if they were both behind it) would for both those countries be plenty of reason to declare war on Iran and possibly nuke it.

well, DUH! (1)

Thud457 (234763) | about 2 years ago | (#40288153)

This is what we're paying the CIA for.
If the possibility existed and they didn't take advantage of it, then they'd wouldn't be doing their duty.
I take this as a rare sign that our guys are actually taking care of what needs to be done regardless of whatever manufactured distraction the politicians blather on about.

Re:Yeah, no shit (2)

Monchanger (637670) | about 2 years ago | (#40291069)

Doesn't evidence of a common developer on two different projects rule out the US government as a suspect?

Among the many reasons government software takes so long to build, the most painful to me as a programmer was that they still hadn't been required to consider code reuse.

Re:Yeah, no shit (1)

JoshuaZ (1134087) | about 2 years ago | (#40284661)

Obviously some sort of shadow war is going on here. But your assumptions about the agencies involved seems lacking. Both the US and Israel have relevant agencies other than the CIA and the Mossad. Similarly, it wouldn't surprise me much of Britain was involved in this.

Of course, some willfully-blind, retarded shill out there is going to reply to this and say that those scientists killed themselves and that Stuxnet and Flame were actually created by Iran in an incredibly convoluted attempt to gain world sympathy

This is possibly the most ridiculous strawman I've seen yet. Can you point to anyone who has claimed that Stuxnet was made by Iran?

Re:Yeah, no shit (1)

crazyjj (2598719) | about 2 years ago | (#40284829)

Go into any thread from the early days of Stuxnet and you'll find people claiming this and many other silly theories (to dismiss the obvious conclusion). Another one of the more prominent theories is that Russia and/or Saudi Arabia made it. Russia--because it was Russian contractors who infected the first PLC's in Iran. And Saudi Arabia because they supposedly have more to lose than Israel if Iran goes nuclear. Anything to absolve the most glaringly obvious culprits, of course. I suspect there was/is more than a little shilling going on in such threads.

Re:Yeah, no shit (2)

Baloroth (2370816) | about 2 years ago | (#40284955)

Trolls will do what trolls do, which is claim crazy theories to get attention and "argue" with people. It's better to ignore them (although the theory about Russia making it is certainly *possible*, just not likely).

Most people have realized from day 1 that the US and/or Israel was responsible, but their governments would never officially admit to it.

Re:Yeah, no shit (1)

ravenshrike (808508) | about 2 years ago | (#40287197)

WAS certainly possible, given Obama's election year "leaks" it's pretty much definitely the US and Israel.

intelligment design: (1)

Thud457 (234763) | about 2 years ago | (#40288245)

You don't believe that Jayzus caused Stuxnet to spontaneously generate in the bowels of the intarwebs because Jehova 1 didn't want Iran nuking his chosen people?

You probably also don't believe that the matrix has become sentient and is using stuxnet to communicate with the space aliens.

What a sad, gray world you inhabit.

Re:Yeah, no shit (1)

Raenex (947668) | about 2 years ago | (#40286321)

Go into any thread from the early days of Stuxnet and you'll find people claiming this and many other silly theories (to dismiss the obvious conclusion).

OK, here's an early story: http://it.slashdot.org/story/10/09/26/1736224/stuxnet-infects-30000-industrial-computers-in-iran [slashdot.org]

I looked at 40 comments rated 3 or higher, and not one mentioned that this was a false flag attack used to gain sympathy. About as close as it came was one person mentioning the possibility of dissidents within Iran.

Another one of the more prominent theories is that Russia and/or Saudi Arabia made it. Russia--because it was Russian contractors who infected the first PLC's in Iran. And Saudi Arabia because they supposedly have more to lose than Israel if Iran goes nuclear.

Now you're backpedalling. Those are at least plausible theories, unlike your ridiculous strawman: "Of course, some willfully-blind, retarded shill out there is going to reply to this and say that those scientists killed themselves and that Stuxnet and Flame were actually created by Iran in an incredibly convoluted attempt to gain world sympathy. Such is true delusion."

Re:Yeah, no shit (1)

Anonymous Coward | about 2 years ago | (#40286819)

it wouldn't surprise me much of Britain was involved in this.

The thing which bothers me most is that people seem so happy to put a Western bow on this and call it quits. The fact is, most every nation around Iran has secretly gone to the US, France, and Britain to bomb the shit out of Iran to prevent them from becoming a regional nuclear power. We know this because of the leaks provided by Wikileaks. The fact is, its far, far more rational to believe this is a large multinational ploy by some dozen countries or so, whereby the US and Isreal just happen to be some of the most prominent players.

Exactly which agencies are involved will likely never be known, but chances are, the number of countries involved far exceeds just the US and Isreal; be it directly or indirectly.

Re:Yeah, no shit (1)

JoshuaZ (1134087) | about 2 years ago | (#40287267)

Doubtful. Flame was in a lot of the neighboring countries not just Iran, which helps rule out most Middle-Eastern countries as being involved. Moreover, intelligence agencies don't like to spread things around that much because it makes leaks much more likely. The US and Israel would almost certainly not be willing to do that much with the various Islamic countries agencies simply because they won't trust them much. The technical capability involved in both Stuxnet and Flame are immense and it isn't clear that these other countries could offer the US and Israel much in the way of real assistance (the most likely such countries Egypt and Saudi Arabia just don't have that much in the way of high tech hackers). Of course those countries have likely provided the US intelligence which helped in the design of Stuxnet, but actual construction and delivery of the payload it is unlikely that any of them had much to do with it.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40287951)

> large multinational ploy by

The large multinational ploy was when everyone stood around saying, "Tut, tut, how deplorably HORRID" when it happened and trying not to look too pleased.

Waste of Time (0, Insightful)

Anonymous Coward | about 2 years ago | (#40284761)

They shouldn't be wasting time on deciphering the virus.

Just wait a few more months and the Obama Administration will leak the details

Re:Yeah, no shit (1)

Anonymous Coward | about 2 years ago | (#40284839)

Anyone who hasn't realized (or *claims* not to have realized) by now that there has been an elaborate, multi-year shadow war by the CIA/Mossad trying to sabotage the Iranian nuclear program is either willfully-blind, retarded, or a shill. Christ, Mossad and the CIA barely even bother to *HIDE* it anymore.

Actually, they hid their activities EXTREMELY well.

But the Obama administration made it public, probably as an election ploy.

Re:Yeah, no shit (0)

crazyjj (2598719) | about 2 years ago | (#40284885)

Actually, they hid their activities EXTREMELY well.

No they didn't. Everyone with half a functioning brain knew that Mossad and the U.S. have been behind these activities from the beginning.

Re:Yeah, no shit (0)

CanHasDIY (1672858) | about 2 years ago | (#40285319)

Actually, they hid their activities EXTREMELY well.

No they didn't. Everyone with half a functioning brain knew that Mossad and the U.S. have been behind these activities from the beginning.

You have obviously never dealt with people who still believe there's a difference between D and R, especially during an election year.

If R supporters think they can blame the D, no matter how insanely ridiculous the rationale, they will. Same goes for the inverse.


"Half a functioning brain" is giving them far too much credit.

Re:Yeah, no shit (1)

MrNJ (955045) | about 2 years ago | (#40285481)

Perhaps those with "half a functioning brain" do in fact treat their assumptions as facts. Especially when the assumptions agree with their prejudices.

The rest of us, i.e. those with a fully functioning brain, allow for multiple possible scenarios - at least until there's some proof to narrow them down.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40285629)

The rest of us, i.e. those with a fully functioning brain, allow for multiple possible scenarios - at least until there's some proof to narrow them down.

Nonsense, those women were obviously witches, which is why we burned them.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40286263)

Did they float?

Re:Yeah, no shit (1)

cayenne8 (626475) | about 2 years ago | (#40285663)

No they didn't. Everyone with half a functioning brain knew that Mossad and the U.S. have been behind these activities from the beginning.

Well, at least till security breaches in the US, there was at least plausible deny-ability...

Fscking govt. types in power today..have let enough information loose out there, pretty much destroy that.

What happened to the "loose lips sink ships" mentality to covert ops?

Re:Yeah, no shit (1)

Anonymous Coward | about 2 years ago | (#40286195)

>Mossad and the U.S. have been behind these activities from the beginning.

*citation needed

you super-believing its true doesnt make it any less of an unfounded statement than anything else.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40289255)

No they didn't. Everyone with half a functioning brain knew that Mossad and the U.S. have been behind these activities from the beginning.

It was suspected by many, but there was no actual proof.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40288065)

>But the Obama administration made it public

Wrong: after the press printed the story based on leaks (which are now being pursued quite vigorously, go read up on how pissed off the congressional intelligence committees are about this program being leak), the US was forced to comment and, knowing that the standard "neither confirm nor deny" wouldn't cut it, admitted what everybody thought was true. That is not the same as "making it public".

Re:Yeah, no shit (0)

sl4shd0rk (755837) | about 2 years ago | (#40285817)

Those scientists killed themselves and Stuxnet and Flame were actually created by Iran in an incredibly convoluted attempt to gain world sympathy.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40285949)

No need to make false claims. We killed those nuke whores who were providing for cash the knowledge necessary to attack the west in the name of Allah. We should be proud. This is war. Did you hear of courageous soldiers in WWII pulling off some risky mission, then being apologetic about it? No. There is an actual issue here. Is man endowed with rights from the Creator? Meant to be free? To develop fully and master the world? Or is man a worm subject to the psychotic fantasies of Sharia law and under the shadow of Satan-Allah?

Re:Yeah, no shit (0)

Maudib (223520) | about 2 years ago | (#40286599)

The assassinations appear to be the Mossad + MEK.

http://rockcenter.msnbc.msn.com/_news/2012/02/09/10354553-israel-teams-with-terror-group-to-kill-irans-nuclear-scientists-us-officials-tell-nbc-news?lite [msn.com]

I would be surprised if the CIA was involved with the MEK directly. My guess the U.S. provides intel and support with drones and looks the other way while Israel does the dirty work with Stuxnet/Flame/Assassinations.

Israel even seems to want credit for Stuxnet:
http://www.theatlanticwire.com/global/2012/06/israeli-spies-want-credit-stuxnet/53354/ [theatlanticwire.com]

Its a really nice surprise to see a competent covert operation against a target that deserves it. I honestly didn't think our government or Israel's had it in them anymore.

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40286761)

Wasnt the CIA, it was more likely the NSA....they are the US's civilian agency in-charge of cryptography and electronic surveillance ......

Re:Yeah, no shit (0)

Anonymous Coward | about 2 years ago | (#40288367)

To be fair everyone knows it was the US government.
But there is basically no hard proof.

Mexico's Banking Sector (2, Funny)

Anonymous Coward | about 2 years ago | (#40284497)

Based on an anagram of "Flame and Stuxnet", I expect the next target to be Mexico's banking sector: Tamale Funds Next.

Re:Mexico's Banking Sector (2)

sycodon (149926) | about 2 years ago | (#40284793)

Dumping my shares of The Tamale Funds now.

Too bad because they were pretty hot!

Re:Mexico's Banking Sector (1)

Culture20 (968837) | about 2 years ago | (#40286071)

There's another interpretation, and based in that, I'm eagerly awaiting a new NeXT. I may even learn Spanish if I have to.

Re:Mexico's Banking Sector (0)

Anonymous Coward | about 2 years ago | (#40284983)

"Named Flatus Next"?

The two big differences... (2)

jd (1658) | about 2 years ago | (#40284543)

...between germ warfare and malware warfare is that the anthrax bombs tested out in Scotland never affected areas outside the impact crater and it costs a lot to genetically modify a bacterium.

In contrast, most of the world's true psychopaths have access to coders capable of modifying Stuxnet or Flame to do things never intended by the original author, and both have been found globally.

Re:The two big differences... (0)

Anonymous Coward | about 2 years ago | (#40287161)

This is just plain stupid. Even assuming you have the sample to work with, the disassembly effort would take upwards of a year very easily (probably much longer [do you have any idea how long it takes to make sense of 20Mb of binary code with no source code?]). Why on earth would a 'gobermint' capable of doing this waste time disassembling the code, so see if there are portions they can salvage for their own nefarious purposes, when they could use that time to actually write one of their own - one where they know what each individual piece actually does?
Rest assured, the only source of future non-trivial Stuxnet/Flame variants is the authors themselves (until the source code becomes available at least - and something tells me that's unlikely).

Re:The two big differences... (1)

jd (1658) | about 2 years ago | (#40288101)

I'll list your inanites. I won't bother replying to them, since you're too braindead to comprehend.

1. Since when are the competent hackers in government?
2. Since when are paranoid populaces immune to wanting to do something destructive?
3. Since when have to-source disassemblers (been around for 20+ years) magically vanished?
4. Since when have competent assembly coders needed disassemblers anyway? (20 megs is very small - a couple week's work with no distractions)
5. Since when have Black Hats ever given a damn about whether they're producing non-trivial variants of something, if a trivial variant does whatever job they want to do?
6. Why the hell are there so many stupid people in the world?! For chrissakes, it's replies like yours that make me wish the legal minimum IQ for procreation was 150.

Obviously (2)

StripedCow (776465) | about 2 years ago | (#40284805)

They all copied the code from Oracle. They'd better be prepared for a huge fine or a sales ban.

Re:Obviously (4, Funny)

ColdWetDog (752185) | about 2 years ago | (#40285167)

They all copied the code from Oracle. They'd better be prepared for a huge fine or a sales ban.

No they didn't. Stuxnet and Flame actually work.

QED.

Re:Obviously (0)

Anonymous Coward | about 2 years ago | (#40289043)

No, they copied it all from SCO.

Common authorship, or open source code? (0)

Anonymous Coward | about 2 years ago | (#40284941)

Crowdleaks is claiming to have decompiled the Stuxnet source code - albeit quite awhile after Flame is said to have been found in the wild.

US Government connection (2)

cdrguru (88047) | about 2 years ago | (#40284959)

It seems that a lot of people are trying to pin Stuxnet firmly on the US Government, current administration. So far it seems to be mostly "unnamed knowledgable sources" which could be BS - but things could get more credible.

At some point our friends in Iran are likely to decide that Stuxnet cost them millions of dollars and years of work and the US is responsible. If, or when, they come to this conclusion I would expect something quite overt from Iran to show up. Possibly as a retalitory cyber attack, possibly something as crude as blowing up a few buildings full of people. Something that is assured to cost the US more than a few million dollars. Obviously there is very little that can be done to stop such an attack - especially if it came in the form of something like Weather Bug with people clamoring to figure out how to install it in spite of what ever controls, warning and blocks put in their way. Ever seen someone in a business with all locked-down users (no Admin rights) call the help desk to ask if they could have someone install Weather Bug for them? Yeah, like that.

My guess is that the US isn't backpedaling fast enough to convince the world that it isn't responsible for Stuxnet... so I'd expect retaliation before the end of the year. What would be the point of doing it to a lame-duck president? So probably before November. Of course Iran might decide that Obama is preferrable to Romney and wait until after the election assuming (rightly so) that a successful attack would bring down the government.

Re:US Government connection (1)

ColdWetDog (752185) | about 2 years ago | (#40285311)

It seems that a lot of people are trying to pin Stuxnet firmly on the US Government, current administration. So far it seems to be mostly "unnamed knowledgable sources" which could be BS - but things could get more credible.

Somebody lock you in the closet again? It's been out for weeks [www.cbc.ca].**

Possibly as a retalitory cyber attack, possibly something as crude as blowing up a few buildings full of people. Something that is assured to cost the US more than a few million dollars. Obviously there is very little that can be done to stop such an attack - especially if it came in the form of something like Weather Bug with people clamoring to figure out how to install it in spite of what ever controls, warning and blocks put in their way. Ever seen someone in a business with all locked-down users (no Admin rights) call the help desk to ask if they could have someone install Weather Bug for them? Yeah, like that.

You do realize that there are many, many folks - in the US, in Israel, in Saudi Arabia and all over the world who are simply drooling with pleasure over the mere thought of an Iranian first strike. That opens the floodgates for all sorts of nastyness and it will be all the fault of the Iranians. In fact, if one were so disposed, one could argue that all of the posturing and bluffing we're doing is largely to get Iran to frizzle bad enough to lash out.

** random citation - do a quick search and find this and more including some really entertaining counter-counter-conspiracy tales

Re:US Government connection (1)

Mabhatter (126906) | about 2 years ago | (#40285437)

This is the problem with government too big for its britches. You can't entirely blame Obama. Bush and Cheney made a focused effort to rig the security structure for twenty years... Huge numbers only have their jobs because Bush pulled strings and they only got them by being "true believers". The President gets the options the armed forces give him... The "whole truth" is only what you can prove.

So much of what the US security structure is paranoid about exists only in their own minds. They have SO MANY black ops in the shadows trying to find secret ways around international treaties and running shadowops they don't REALLY have any clue what the "real world" is any more. They are so focused on boogiemen of their OWN inventions they can't just play by the rules anymore.

Re:US Government connection (1)

Nidi62 (1525137) | about 2 years ago | (#40285597)

This is the problem with government too big for its britches. You can't entirely blame Obama. Bush and Cheney made a focused effort to rig the security structure for twenty years...

Uhh, if you're going back 20 years, then you're forgetting a name in there. I'll give you a hint: it starts with C and chases about as many women as Hugh Heffner

You scapegoating is out of date (0)

publiclurker (952615) | about 2 years ago | (#40286111)

teabaggers stopped the "but, but, but Clinton" blather as soon as they figured out that they could blame a minority for all of their troubles. I take it you haven't been watching your daily indoctrination from Fox.

The really scary thing (1)

Lulu of the Lotus-Ea (3441) | about 2 years ago | (#40284997)

I'm not actually much concerned about Iran's nuclear program. Deterrence and MAD actually worked pretty well during the Cold War, and if Iran had nukes (which there isn't any evidence they are actually developing, but there's just enough of a hint of that to have some possible deterrent effect) the chance of Israel launching a war of aggression would be less.

But it scares the shit out of me to think that Iran is running WINDOWS on sensitive installations, for Uranium processing (even for reactors it is not exactly *safe* material) or other important security/safety functions. If this stupidity exists elsewhere in the world, we live in a VERY SCARY world (like most of the people in the world, probably, I don't live that many miles from a nuclear plant).

Re:The really scary thing (1, Insightful)

i.r.id10t (595143) | about 2 years ago | (#40285173)

MAD only works when all parties involved are relatively sane, and when there is proper security to keep the goodies out of the hands of folks who aren't sane...

IOW, I don't think that MAD is a good deterrent for an extremist religious fundie...

Re:The really scary thing (3, Insightful)

cpu6502 (1960974) | about 2 years ago | (#40285323)

To describe 10 million Iranians as "insane" smacks of anti-persian racism. It's the same kind of nonsense people said about blacks during WW2 ("They are not sane or intelligent enough to handle big equipment like tanks or planes.").

Re:The really scary thing (1)

Anonymous Coward | about 2 years ago | (#40285525)

I thought he was referring to the leadership, not every single citizen of the country. But hey, your prejudice can blind you just as much as anyone else.

Re:The really scary thing (0)

Anonymous Coward | about 2 years ago | (#40285617)

To describe 10 million Iranians as "insane" smacks of anti-persian racism.

And when you make baseless accusations against i.r.id10t? What would that be? Probably makes you appear Forest Gump stupid [slashdot.org] or something like that.

Tell me, would you have accused i.r.id10t of some sort of anti-Russian racism if we were talking about Russia losing nukes [google.com]?

Re:The really scary thing (1)

nedlohs (1335013) | about 2 years ago | (#40285755)

You think it takes 10 million agreeing to do something for it to happen? Why 10 million? How do you think they'll pick them?

I guess in your strange fantasy world where it takes the agreement of 10 million people for anything to be done, then sure nothing is likely to happen. In the real world though there's a handful of religious leaders at the top and a handful of military leaders under them who can do things without getting 10 million people to agree.

Re:The really scary thing (1)

cpu6502 (1960974) | about 2 years ago | (#40287299)

Except the leaders (both the president and the higher-level Ayatollah) have both started they have no interest in attacking Israel..... probably because they know it would be suicide (mutually assured destruction). We also have religious people running Pakistan and India, but I don't see them nuking one another. The MAD Stalemate works.

Re:The really scary thing (0)

Anonymous Coward | about 2 years ago | (#40286443)

To describe 10 million Iranians as "insane" smacks of anti-persian racism.

I don't think that the parent was saying that, however in this case, the shoe does fit.

You may not be aware, but they hate us (non-muslims, Westerners). I don't necessarily blame them - I've seen photos of the Middle East. It looks like it sucks balls over there. If I lived there, I'd be pissed off all of the time too.

Re:The really scary thing (1)

JDG1980 (2438906) | about 2 years ago | (#40285787)

MAD only works when all parties involved are relatively sane, and when there is proper security to keep the goodies out of the hands of folks who aren't sane...

It worked against Stalin and Mao. I think it's a fairly high burden of proof to claim that a national leader is crazier and/or more evil than those two.

Re:The really scary thing (1)

cpu6502 (1960974) | about 2 years ago | (#40287405)

>>>I don't think that MAD is a good deterrent for an extremist religious fundie...

We have "extremist religious fundies" running Pakistan and India, but I don't see them nuking one another. You claim the MAD Stalemate does not work in that case, but clearly it's working just fine.

Re:The really scary thing (1)

ColdWetDog (752185) | about 2 years ago | (#40285373)

we live in a VERY SCARY world

You're just coming to this conclusion now?

Did your doctor stop one of your meds or something?

Re:The really scary thing (2)

bobbied (2522392) | about 2 years ago | (#40285901)

But it scares the shit out of me to think that Iran is running WINDOWS on sensitive installations, for Uranium processing (even for reactors it is not exactly *safe* material) or other important security/safety functions. If this stupidity exists elsewhere in the world, we live in a VERY SCARY world (like most of the people in the world, probably, I don't live that many miles from a nuclear plant).

Iran is free to use Windows for what ever they choose and it's fine by me. Just don't run Windows to control the nuke plant in my backyard.

The really scary thing is that folks actually believe that MAD (a Cold War stance) is a good strategy for dealing with Iran... The US generally already has the ability to turn the bulk of Iran in to glass and it doesn't seem to be bothering them. Now you are suggesting that we simply allow them to develop the ability to do the same to the US? Doesn't seem like a good idea to me, given their rhetoric (not to mention their actual activity) in the region and the US's obvious disinterest in engaging IRAN beyond just disrupting their nuclear progress.

But who are we kidding... Iran is destine to be as relevant as North Korea if the sanctions now in place are continued for a few years. (A big IF). Yea, it would be a huge mess if a war started, but could the outcome be in question? The longer we can keep sanctions working, the less of a mess it becomes, so while I'm not a MAD proponent, I am a "wait and see" advocate, assuming Iran doesn't do something stupid, like shooting at some aircraft carrier going though the straights or trying to shutdown oil shipping.

I think the Iranians know that a full out war with the US would not end well for them, so they have so far only threatened to escalate the conflict. The wild card here is Israel. If Israel decides that the risk of a nuclear blast over Tel Aviv is getting to great for them, you can bet that Iran will soon loose the ability by direct strikes if necessary. The risk being that the whole middle east would come apart at the seams and the US would get drawn into a wider conflict. This is my greatest worry, not that they choose to run Windows based computers

Kaspersky (3, Interesting)

FlynnMP3 (33498) | about 2 years ago | (#40285647)

Isn't anybody else besides Kaspersky discovering these things? On the one hand, it is in their best interest to find out as much as they can about this new kind of virus. On the other hand, I get a bit nervous when there appears to be only 1 source for information.

Re:Kaspersky (1)

Anonymous Coward | about 2 years ago | (#40285843)

I would imagine that it was to do with the fact that Kaspersky is a Russian company. If you were a country with a malware infestation that wasn't on friendly terms with the US you probably would not want to bring an American company in to look at the problems you're having.

Re:Kaspersky (0)

Anonymous Coward | about 2 years ago | (#40286795)

Kaspersky came public with it first. They were directly contacted by the Iranian oil ministry when a computer mysteriously erased critical files.

Symantec and other companies have all released interim analysis's of it.

Re:Kaspersky (0)

Anonymous Coward | about 2 years ago | (#40287301)

I'm sure the NSA knows, why don't you ask them?

Re:Kaspersky (1)

Anonymous Coward | about 2 years ago | (#40287691)

Soon after 9/11 I remember some thread on a virus by the FBI based on code from a rogue virus (I forgot the name but may be Magic or Lantis or something like that). At that time several major companies like Norton and McAfee were asked to ignore it.

They may have received similar requests regarding the latest viruses. Think of how many alternative methods are still unused or unactivated. It would be unusual for the people behind Flame to disable it without having several back-up plans.

In the coming years our desktops will be less and less secure because of such practices. Bad guys and malaware writers can code too...

Re:Kaspersky (1)

Alarash (746254) | about 2 years ago | (#40288401)

What I'm wondering about is: if one of the component of Flame was a known variant of Stuxnet, why didn't the Kaspersky AV engine, or anybody else's that sell AV or IPS to the affected countries, detect it?

Re:Kaspersky (2)

Mia'cova (691309) | about 2 years ago | (#40288667)

It was hiding in plain sight. It was signed with valid certificates which essentially white listed it.

Doesn't work though (1)

aaaaaaargh! (1150173) | about 2 years ago | (#40285711)

As noble as the underlying motives might be, I simply find it hard to believe that bullying souvereign nation states or their governments can have positive net effects in the long turn.

Re:Doesn't work though (0)

Anonymous Coward | about 2 years ago | (#40287383)

In that case the US should stop doing that and use their money more effectively.

Coincidence? (2, Funny)

Anonymous Coward | about 2 years ago | (#40286329)

A primary focus for Bill Gates in years just prior to his retirement: Windows vulnerabilities. Bill Gates retired from Microsoft in June 2008 at the ripe old age of 52. Stuxnet and Flame were released shortly afterward. What did he know and when did he know it?

less credible every time they speak... (0)

Anonymous Coward | about 2 years ago | (#40286709)

The connection between Duqu and Stuxnet is still dubious for the same reason as this one: code re-use does not mean common authorship. Kaspersky is completely out on a limb (still) with the last Duqu-Stuxnet connection, and this one is total conjecture.

Vague connection from the use of the similar tools for similar kinds of attack? Yeah.
Common code? Some.
Common aims? No.
Common targets? No, only a possible regional commonality.
Common skills in development? No.
Common timelines? No.
Same developers? Hardly.
Same operators? Are you high?

Killing it with fire! (1)

modi123 (750470) | about 2 years ago | (#40288217)

Man... how awesome was this picture [imgfarm.com] for the meme world? He's going all "Prometheus" on that side of a dock!

Thank you to the news staffers who decided to insert that image!

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...