RRC Archives

If you haven't read about the "cyber missle" attack on Iran's nuclear program you might want to check this out http://www.digitaltrends.com/computing/ ... /?news=123 A little bit of a long read at two pages (for the internet) it's worth it to read the whole thing.

That is the best way to take them out without using force. I heard about this about a month ago. I didn't read your link, but I heard it was the Russians doing it.

Amazing story. I've read several good pieces on it in which the authors speculate about U.S., Israeli, German and Russian involvement.

Cool. Do it again.

all your base are belong to us !

Larry if you haven't heard of Bruce Schneier you may be interested. He's one of the best forward thinking security authors out there. He's the guy who invented the term " security theater". Here's his take on Stuxnet: http://www.schneier.com/blog/archives/2 ... uxnet.html

Very interesting article. And his main point, that almost everything we read about Stuxnet is highly speculative is well taken.
The following is from a link provided in the comments to Schneier's article.

(stuxnet is a so far not seen publicly class of nation-state weapons-grade attack software. It is using four different zero-day exploits, two stolen certificates to get proper insertion into the operating system and a really clever multi-stage propagation mechanism, starting with infected USB-sticks, ending with code insertion into Siemens S7 SPS industrial control systems. One of the Zero-Days is a USB-stick exploit named LNK that works seamlessly to infect the computer the stick is put into, regardless of the Windows operating system version – from the fossile Windows 2000 to the most modern and supposedly secure Windows 7.

The stuxnet software is exceptionally well written, it makes very very sure that nothing crashes, no outward signs of the infection can be seen and, above all, it makes pretty sure that its final payload, which manipulates parameters and code in the SPS computer is only executed if it is very certain to be on the right system. In other words: it is extremly targeted and constructed and build to be as side-effect free as humanly possible. Words used by reverse engineers working on the the thing are “After 10 years of reverse-engineering malware daily, I have never ever seen anything that comes even close to this”, and from another “This is what nation states build, if their only other option would be to go to war”.)

The link: http://frank.geekheim.de/?p=1189