The Cellar  

Go Back   The Cellar > Main > Technology

Technology Computing, programming, science, electronics, telecommunications, etc.

Reply
 
Thread Tools Display Modes
Old 09-28-2010, 12:15 AM   #16
xoxoxoBruce
The future is unwritten
 
Join Date: Oct 2002
Posts: 71,105
Running off half cocked again.

sexobon's "surgical strike was referring to using this dedicated worm/virus to ferret out how much Siemens' equipment they have, and how it's distributed. We already know what type of processes use which Siemens' gear and software.
__________________
The descent of man ~ Nixon, Friedman, Reagan, Trump.
xoxoxoBruce is offline   Reply With Quote
Old 09-28-2010, 06:42 AM   #17
sexobon
I love it when a plan comes together.
 
Join Date: Oct 2009
Posts: 9,793
Exactly.

[T]w, xoB interpreted my post as I intended for it to be understood. When I said "A surgical strike of this nature", I was referring to the virtual attack using the narrow spectrum Stuxnet.

I gather from the following quote that you'd agree we have the ability to benefit from their internal communications "fallout."

Quote:
Originally Posted by tw View Post
...negotiation now made so much more effective since America has restored relations with Russia, Turkey, some Caspian Sea nations, and other 'much more at risk' nations. That also means we have intelligence and covert options due to cooperation both inside and surrounding Iran.
That's why I'm suggesting the primary reason for the attack may have been reconnaissance rather than disruption.
sexobon is offline   Reply With Quote
Old 09-28-2010, 08:29 AM   #18
classicman
barely disguised asshole, keeper of all that is holy.
 
Join Date: Nov 2007
Posts: 23,401
But, but but ... what about the Aliens?
__________________
"like strapping a pillow on a bull in a china shop" Bullitt
classicman is offline   Reply With Quote
Old 09-28-2010, 11:49 AM   #19
tw
Read? I only know how to write.
 
Join Date: Jan 2001
Posts: 11,933
Quote:
Originally Posted by sexobon View Post
That's why I'm suggesting the primary reason for the attack may have been reconnaissance rather than disruption.
Reconnaissance makes more sense. It is harder to detect. Disruption would cause investigations that might discover the malware.

Disruptions must target the few parts that are difficult to obtain or manufacturer. Malware is unlikely to properly target such parts.

Consider how easy it can be accomplished. Take your own computer. The NIC or 'USB to ethernet' adaptor can contain malware that anti-virus software would never detect. Malware could be triggered when needed. Nobody would know it exists before hand. And no anti-virus software would find it before being triggered.
tw is offline   Reply With Quote
Old 10-01-2010, 09:08 PM   #20
tw
Read? I only know how to write.
 
Join Date: Jan 2001
Posts: 11,933
From the NY Times of 25 Sept 2010:
Quote:
A Silent Attack, but Not a Subtle One
Security specialists contrast Stuxnet with an intrusion discovered in the Greek cellphone network in March 2005. It also displayed a level of skill that only the intelligence agency of some foreign power would have.
From the NY Times of 29 Sept 2010:
Quote:
In a Computer Worm, a Possible Biblical Clue
Deep inside the computer worm that some specialists suspect is aimed at slowing Iran's race for a nuclear weapon lies what could be a fleeting reference to the Book of Esther, the Old Testament tale in which the Jews pre-empt a Persian plot to destroy them. ...

The malicious code has appeared in many countries, notably China, India, Indonesia and Iran. But there are tantalizing hints that Iran's nuclear program was the primary target. Officials in both the United States and Israel have made no secret of the fact that undermining the computer systems that control Iran's huge enrichment plant at Natanz is a high priority. (The Iranians know it, too: They have never let international inspectors into the control room of the plant, the inspectors report, presumably to keep secret what kind of equipment they are using.) ...

The reports on Iran show a fairly steady drop in the number of centrifuges used to enrich uranium at the main Natanz plant. After reaching a peak of 4,920 machines in May 2009, the numbers declined to 3,772 centrifuges this past August, the most recent reporting period. That is a decline of 23 percent ...

Computer experts say the first versions of the worm appeared as early as 2009 and that the sophisticated version contained an internal time stamp from January of this year. ...
There are many reasons to suspect Israel’s involvement in Stuxnet. ...

Mr. Blitzblau noted that the worm hit India, Indonesia and Russia before it hit Iran, though the worm has been found disproportionately in Iranian computers. He also noted that the Stuxnet worm has no code that reports back the results of the infection it creates. Presumably, a good intelligence agency would like to trace its work.
tw is offline   Reply With Quote
Old 10-02-2010, 10:55 PM   #21
wolf
lobber of scimitars
 
Join Date: Jul 2001
Location: Phila Burbs
Posts: 20,774
it's pretty clear that what's going on here is that Colossus is displeased.

I heard a news radio report today that indicated that most of the transmission was accomplished using infected USB devices. Virus transmission via what we used to call sneakernet. How cool is that?
__________________
wolf eht htiw og

"Conspiracies are the norm, not the exception." --G. Edward Griffin The Creature from Jekyll Island

High Priestess of the Church of the Whale Penis
wolf is offline   Reply With Quote
Old 10-02-2010, 11:38 PM   #22
xoxoxoBruce
The future is unwritten
 
Join Date: Oct 2002
Posts: 71,105
I read that was how it was moved from the Iranian Industrial plant computers that are connected to the net, to the ones that aren't. I didn't state however, who did the moving, or if they knew they were doing it.
__________________
The descent of man ~ Nixon, Friedman, Reagan, Trump.
xoxoxoBruce is offline   Reply With Quote
Old 10-03-2010, 01:26 PM   #23
tw
Read? I only know how to write.
 
Join Date: Jan 2001
Posts: 11,933
From the Washington Post of 2 Oct 2010:
Quote:
Spy chief says Iran able to fight computer worm
The destructive Stuxnet worm has surprised experts because it is the first one specifically created to take over industrial control systems, like those at power plants, rather than just steal or manipulate data.
Apparently, the reason why it can do this and remain undetected - it also reprograms itself.
tw is offline   Reply With Quote
Old 10-04-2010, 03:42 PM   #24
Happy Monkey
I think this line's mostly filler.
 
Join Date: Jan 2003
Location: DC
Posts: 13,575
It doesn't so much reprogram itself as check for updates from the programmers.

I wonder if it would be possible to send out an "update" with the biggest possible version number and a harmless payload, and let it spread its own antidote.
__________________
_________________
|...............| We live in the nick of times.
| Len 17, Wid 3 |
|_______________| [pics]
Happy Monkey is offline   Reply With Quote
Old 10-04-2010, 05:58 PM   #25
xoxoxoBruce
The future is unwritten
 
Join Date: Oct 2002
Posts: 71,105
How can it check for updates when it's on a machine isolated from the net?
__________________
The descent of man ~ Nixon, Friedman, Reagan, Trump.
xoxoxoBruce is offline   Reply With Quote
Old 10-05-2010, 12:41 PM   #26
Happy Monkey
I think this line's mostly filler.
 
Join Date: Jan 2003
Location: DC
Posts: 13,575
The same way it got there in the first place. It doesn't check a home server (that would make it too easy to track back to that home server), it checks any machines it can contact for newer infections, and grabs them. An isolated machine would have to wait for an infected USB drive, or whatever else gave it its initial infection.
__________________
_________________
|...............| We live in the nick of times.
| Len 17, Wid 3 |
|_______________| [pics]
Happy Monkey is offline   Reply With Quote
Old 10-05-2010, 12:55 PM   #27
classicman
barely disguised asshole, keeper of all that is holy.
 
Join Date: Nov 2007
Posts: 23,401
How does the newer, updated infection get to the "other machines"?
__________________
"like strapping a pillow on a bull in a china shop" Bullitt
classicman is offline   Reply With Quote
Old 10-05-2010, 01:06 PM   #28
Happy Monkey
I think this line's mostly filler.
 
Join Date: Jan 2003
Location: DC
Posts: 13,575
The same way the older, non-updated infection got there. Over the internet, if they're connected; USB drives or other infected media if they're not.
__________________
_________________
|...............| We live in the nick of times.
| Len 17, Wid 3 |
|_______________| [pics]
Happy Monkey is offline   Reply With Quote
Old 10-05-2010, 01:15 PM   #29
classicman
barely disguised asshole, keeper of all that is holy.
 
Join Date: Nov 2007
Posts: 23,401
I thought they weren't connected to the internet. Wasn't that part of the issue? How are these USB's getting there.
Oh forget it - I'll just wait for the movie to come out.
__________________
"like strapping a pillow on a bull in a china shop" Bullitt
classicman is offline   Reply With Quote
Old 10-05-2010, 01:29 PM   #30
TheMercenary
“Hypocrisy: prejudice with a halo”
 
Join Date: Mar 2007
Location: Savannah, Georgia
Posts: 21,393
Quote:
Originally Posted by wolf View Post
it's pretty clear that what's going on here is that Colossus is displeased.

I heard a news radio report today that indicated that most of the transmission was accomplished using infected USB devices. Virus transmission via what we used to call sneakernet. How cool is that?
I still don't see what the problem is. I guess it beats a tactical nuke.
__________________
Anyone but the this most fuked up President in History in 2012!
TheMercenary is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -5. The time now is 01:43 PM.


Powered by: vBulletin Version 3.8.1
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.