[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Stuxnet



On Fri, 2012-06-01 at 14:14 -0400, Rich Faulkner wrote:
> Or could it be that it's not so much what the Iranians are using but
> what the USA and Israel are using?  Windows.

> More likely good intel has produced the target(s) of opportunity and
> they happen to be Windows platforms.  Somehow I don't think we'll be
> seeing a patch for this from MS.  

Sorry to disappoint you but Stuxnet exploited several 0-day
vulnerabilities in MS Windows in order to propagate from machine to
machine (regardless of the dain bramaged attack vectors against the
SCADA systems from Siemens), which MS patched shortly thereafter (well,
as shortly as they get - a few months later...  Some time ago, at
least).  It also took advantage of the MS USB Autorun vulnerability,
errr bug, errr feature, which MS had hardened and largely closed a while
back but, apparently, the Iranian's failed (like much of the rest of the
world) the changes.  Oh, well...

> Sorry for the mini-rant but I'm having an, "I hate Windows" day....

I too hate Windows but fair is fair and this is a horse of a different color.

Regards,
Mike

> On Fri, 2012-06-01 at 13:12 -0400, Charles Shapiro wrote:
> 
> > NYT broke the story this morning that the Stuxnet virus was created as
> > a joint effort by the USA and Israel.  I presume that most of us have
> > already heard about the Flame virus (
> > http://www.pcworld.com/article/256508/the_flame_virus_your_faqs_answered.html
> > ), which amusingly enough uses lua (http://lua.org) as its scripting
> > language.
> > 
> > Per boingboing:  Writing for Wired's Threat Level blog, Mikko Hypponen
> > explains. "The truth is, consumer-grade antivirus products can?t
> > protect against targeted malware created by well-resourced
> > nation-states with bulging budgets."
> > 
> > Oddly enough, these threats seem to affect only Windows machines.
> > This makes me wonder why the Iranians are still using an OS written by
> > a company workin' for the Great Satan.
> > 
> > -- CHS
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> 
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20120601/713c753e/attachment-0001.bin