And to think that a combination of decades of diplomatic work and years of one of the most sophisticated cyberattacks were entirely thrown away by capricious, corrupt politicians.
So.... For people who have followed this story more closely then i have, did the hostile actor ever get identified? Last i checked it was a toss up between USA, Israel and France, was a conclusion ever drawn?
Israelis don't want to wipe out Iran (as much as Iran doesn't want to wipe out Israel- I think they have a more generic aspiration to the end of what they call Israeli regime)- but they surely want a weak, divided, impoverished Iran, and they have been lobbying the US for a long time to wage war against it. The US unilateral withdrawal from the nuclear agreement has been in Israel's wishlist for years. Not because it improves the chances of peace or because it makes Iran less of a threat- quite the opposite. But because it weakens it and improves the chances of a war.
Without wanting to get in to Middle East political discussions, I don't think anyone there wants to sincerely "wipe out" another nation. The consequences would just be brutal and wouldn't be worth it.
I think Israel is much more in the business of targeted strikes on personnel and infrastructure to keep their enemies in check, something they're very capable of.
Every time someone brings up "wants to wipe out xyz", I wonder how that would play out. North Korea wants to nuke the US and SK, Iran wants to nuke Israel, Pakistan wants to nuke India, etc.
But playing the scenario in your head leaves to a simple conclusion: If either NK or Iran would deploy nukes, it would be their end. It is likely that the US will remain the only nation on this planet who dropped nukes on civilians.
Actually, none of the countries you mentioned want to nuke any other. It's all propaganda, some from the potential nukers, most of it by those on the receiving end.
While technically true, in Hiroshima were multiple military headquarters and Nagasaki were industrial city and shipyard. Just saying there there was a bit more reasoning behind the selection then "where we could kill the most civilians".
Yes, there definitely were more factors that went into that decision. But destroying factories and shipyards in populated cities wasn't the primary factor that went into the choice of weapon.
If you were the PM of Israel, would you stake the lives of 6m people on that? It would be Iran's end, but it would be too late for Israel if it came to that.
Every nation has to trust the country with nukes that they won't invade or destroy them. If you were Iran, would you trust the US not to try to invade or topple your country?
Iran isn't alone with the rhetoric of 'destroy your enemies'. North Korea and the US sell the same story, just the enemy changes. Whether the enemy is Israel, the US, or the arbitrary definition of a terrorist, the sell is ultimately a strategy to sustain support for military spending. It's hard to defend vast military spending when you have a poverty problem in your country - unless you can say you have enemies to defend against.
well to be fair, a nuclear armed country has threatened to bomb Iran back to the stone age (and has a reputation for trumped invasions in the area) as well as a vast history of interfering in the country including coup and assassinations.
Perhaps they feel threatened.
And the "wipe Israel off the face of the map" quote is contested.
> Then, specialists such as Juan Cole of the University of Michigan and Arash Norouzi of the Mossadegh Project pointed out that the original statement in Persian did not say that Israel should be wiped from the map, but instead that it would collapse.
> Cole said this week that in the 1980s Khomeini gave a speech in which he said in Persian “Een rezhim-i eshghalgar-i Quds bayad az sahneh-i ruzgar mahv shaved.” This means, “This occupation regime over Jerusalem must vanish from the arena of time.” But then anonymous wire service translators rendered Khomeini as saying that Israel “must be wiped off the face of the map,” which Cole and Nourouzi say is inaccurate.
Sure there are some in Iran who will probably say that. Just like there are some in the western countries that if inteviewed will say the same of whoever the current bogey man is. Hell, John Bolton is back
To be fair, Iran is not trying to build a nuclear weapon, as it has been proven again and again by the thorough inspections and controls allowed by the JCPOA agreement, which the US have just undermined and probably killed for good.
You're confusing uranium enrichment with attempts to build nuclear weapons. Irans's research into nuclear weapons has ended in 2003, 15 years ago. Iran has nuclear power plants though, and uranium enrichment is needed to fuel them.
I think the reason Trump and Netanyahu are so enraged by the JCPOA agreement is that it makes concessions to Iran in exchange of.. nothing, since Iran already didn't have any active nuclear weapons research. The purpose of the continued insistence on Iran's nuclear threat is to weaken it, and the JCPOA effectively kills this strategy.
Well, it also gave Iran a few billion dollars, a lot of which seems to have flowed into the coffers for Hamas, Hezbollah etc, both of which are terrorist organisations.
I'd love for you to be correct. I think pulling out of the JCPOA was stupid, and I'd love to be able to point out there is no risk anyway. But...
> Iran has nuclear power plants though, and uranium enrichment is needed to fuel them.
They have a single commercial reactor[0], and it doesn't need the enrichment levels they are producing.
Most reactors are light water reactors (of two types – PWR and BWR) and require uranium to be enriched from 0.7% to 3-5% U-235 in their fuel. This is normal low-enriched uranium (LEU). There is some interest in taking enrichment levels to about 7%, and even close to 20% for certain special power reactor fuels, as high-assay LEU (HALEU).[1]
Iran has over 200kg(!) of 20% enriched uranium[2]. I guess it could be for an unbuilt, experimental reactor like they claim. It seems unlikely, since they haven't pursued any contracts for a reactor like that.
I think devising this plan altogether was a huge investment in time and patience. Consider the social engineering feats needed to get your hands on the driver signature cerificates, for example. And that's just one step in the entire sequence of lateral movement.
I've been arguing about this for the last three days. Mostly around the reason that "complexity" is not strictly the same thing as "sophistication" when it comes to software. Noobs will conflate the two, but experienced programmers will agree that -- just to illustrate my point -- some code which solves a complex problem in a very clever way while also being very clean and easy to maintain will be considered strictly more sophisticated than some other code solving a similar problem which simply has a higher degree of complexity than the former. There is a subtle difference when it comes to software, and this subtlety needs to be considered in this question. Now, I think Stuxnet is a fantastic suggestion to this question, for a number of reasons:
1) The legal, ethical, technical challenges of creating the software.
2) The ability of the software to remain hidden in (sophisticated) environments rich with (sophisticated) organizations looking for exactly this kind of thing.
3) The stealth of the entire research, design, development, and deployment phases of the project.
4) The highly specialized nature of the target.
5) The scale of the entities involved.
6) All of this sophistication and we can't even see the source code (decompilation doesn't count).
This is frankly some impressively sophisticated software. Also, incidentally, the Quora poster's company looks like a fun place to work (with good programmers on the team). Some of his other answers are thoughtful and interesting to read, too, if you get the chance.
I want to second this. The things I wrote throughout my career that I'm most proud of aren't very complex.
I find it very satisfying to understand a problem so well, up to the point you can find a simple and elegant solution to it. It makes the solution easier to reason about with other team members, and easier for the team to maintain it later.
I see this as making your domain expertise available as a framework for the other team members.
This is my idea of sophistication in the software development world.
Simplicity is always a sign of a quality solution. I’m not sure why anybody would ever conflate complexity with quality or sophistication. I wrote some very complex code in college, but it wasn’t very high quality.
To date, my most complex piece of software in terms of how it was implemented was a simple calculator written in my first programming course. About a week before I started it, I had learned about regular expressions (the programming construct, not the formal language construct).
The basic implementation was a calculator that could add, sub, mul, div, pow, and sqrt. Bonus points were awarded for adding additional functionality including lettered variables. It started with a relatively clean shunting-yard implementation, but my use of regular expressions quickly fixed that.
My calculator worked under most circumstances, but that thing is an eye sore. I'll never get rid of that source code. I like to go back and look a few key pieces of software I've written through the years.
Indeed. I think that the mark of sophistication is not complexity but irreducible complexity. Sophisticated solutions are those that have been reduced to their simplest form.
I'm wondering why do you think this is true? Using stuxnet as an example, would it not be better if they used every feature within reason that would add to the likelihood of success? Why does reductive elegance make an application of technology superior to an inelegant solution? Does final effectiveness not overrule the developer's aesthetics?
I'm asking in honesty, not using the question to merely attack your opinion. I recognize there are things I have probably not considered.
Referring back to my natural gas pipeline example, just install the nasty centrifuge control software at the factory.
It is easier and more likely to succeed. Also, stuxnet has now been repurposed by multiple governments and criminal organizations. So, it’s creators built a symmetric capability, and gave it to their adversaries, when they could have used asymmetric capabilities that are more expensive to reproduce.
[edit: Also, it is still well within the Iranians’ capabilities to build a bomb, and our recent foreign policy greatly increases the chances that hard liners will take over and restart the program.
Contrast this to the outcome of the broader cold world strategy, which was a regime change to a relatively US-friendly government.]
Yes, in my experience, solving a problem / feature well involves three steps:
1. Get the code to work
2. Clean up the code
3. Simplify the code
1 is self explanatory. 2 involves removing any logical redundancy, separating and cleaning the logic into methods, etc. 3 involves simplifying logic and logical mechanisms.
Most developers only do step 1 and maybe step 2. Step 3 is where beauty comes in.
If I could organize my thoughts around this concept, it would probably make a pretty good article. I don't know who the source is but a good quote goes something like this, "real genius isn't solving the complex, it's solving the complex in a simple way."
If you are a state actor, it's not difficult to gather a couple of programmers from the "antivirus" and security field and build something that is hard to detect.
It would be impressive if it was the work of a teenager but it's not.
You also somehow need access to the industrial grade target platform in some way shape or form which is not something a teenager has lying around in their room nor extensive knowledge about to this extent.
You can buy the Simatic PLCs they targeted on ebay for a few hundred bucks.
Industrial automation stuff like this is a common part of the "technical high school" curricula where I live. (of course only on the "press this button and then that happens" level)
Ha, generally true probably, but in my case as a teen I got my hands of a bunch of old industrial PLCs and built all kinds of interesting things in my room. :-) Ladder logic is how I got started programing, I didn't even have my own computer back then.
The SCADA stuff was novel and interesting though and goes above and beyond your average malware both in what it did and the idea to do it in the first place.
A really creative hack, so to speak. (or destructive? anti-destructive? shrug)
And just to reiterate. They built a rootkit that stealthily sabotaged an effort to build nuclear weapons in a way that just made it look like the people who were trying to do it were just incompetent...
On complexity vs sophistication: During the cold war, a US company noticed the USSR had stolen the plans for a natural gas pipeline system, but not the software.
In response, the US introduced an integer overflow bug that was uptime dependent, and took something like 6 months to hit. The bug simultaneously cranked up the pumps and closed all the valves in the network.
It was known that the Soviet economy would crash in under a year without the ability to cheaply move natural gas, so they couldn’t test long enough to find this.
A year or so later, the DoD’s seismographs detected the largest non-nuclear explosion in human history.
The main impact wasn’t the explosion or the short-term economic damage. The main impact was that the USSR stopped trusting stolen software, which set them way further back, economically and militarily.
Arguably, that ~one line of code was infinitely more sophisticated than stuxnet.
> On complexity vs sophistication: During the cold war, a US company noticed the USSR had stolen the plans for a natural gas pipeline system, but not the software.
I think this account might be a bit wrong. The one I read said that the CIA acquired a "shopping list" of Western technology that the USSR wanted to acquire. It included the pipeline control software, so they arranged for a trojaned version to become available to the Soviet shoppers.
Apparently this was a pretty common Soviet activity. Their electronics technology was behind the West's, in general. IIRC, many US semiconductor designs has little cartoons on the dies to taunt the Soviet reverse engineers.
How do you even define sophistication in context of computer software? Let me try by defining the opposite. What would be unsophisticated computer program? I would say it is brute force algorithm. It is unsophisticated because it uses simple logic and iterative approach to achieve aim in inefficient manner. So sophisticated program is:concise(non-iterative), efficient (doesnt use too many steps to arrive at destination) and uses non-simplistic modeling of given problem. Anyone has anything better :)?
Also, this story seems to be taking on a life of its own. You have some details that were not in previous rounds. Integer overflow based on uptime was not in the original unverified story.
If this short read piked your interest in Stuxnet, I can recommend the book "Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon".
It explains in great detail how Stuxnet worked and, which I found the most exciting, how it was discovered and reverse engineered.
Whilst I enjoyed the multiple viewpoints it provides (some claim that Stuxnet was actually quite sloppily written, depending on numerous factors), it happened to be one of those books which wrote 100 pages worth of information in 400 pages instead and dragged every little point on. YMMV.
If you read this book purely for its informational value, I agree with your assessment.
That being said, I read it mostly for entertainment and I think the author did a good job of packaging a lot of factual information into a captivating story.
That being said, not all parts are created equal. There are quite a few pages dedicated to looking at the number of centrifuges Iran was installing and amount of gas they enriched, as this were the metrics Stuxnet was affecting. To me, that was as exciting as reading a company's monthly inventory report.
But I guess that's to be expected in a book that tells a true story instead of just being based on true story.
I hadn't read the book when I wrote the article. I tried to get all the salient facts in, with as few words as possible. "Omit needless words" - Wm. Strunk.
> that driver started signing it with secret keys from JMicron
I think this is the scariest part of the worm. Not only do the people writing it have access to zero-days, they also somehow have (possibly physical) access to the private keys of two large corporations.
It seems obvious to me. Want to illegally snoop on someone’s iMessages? Don’t compromise Tim Cook’s plausible deniability, just get an asset to climb the ladder until they can touch the systems that send the list of keys to the target device. Same goes for signing malware binaries for evil maid against iOS devices, chromebooks, et c. There are controls you can put in place as an organization to make this harder, but not impossible; eventually human beings are going to be handling keys and senior management isn’t always going to be in the room to make sure NSLs aren’t being handed out.
“Keep this quiet or go to the same jail in which Manning was tortured basically to death” is a pretty persuasive argument.
The fact that Google was asleep at the wheel so long wrt encryption of internal network WAN links (I mean, wikipedia has an article about the double-hull sub that the navy uses to tap intercontinental fibers) suggests to me that most Googlers (and despite organizational differences, also most Apple and FB and Amazon staff (outside of govcloud)) simply aren’t thinking about the illegal lengths to which the military will go to obtain huge amounts of information about possible threats to their safety, security, or persistence methods (e.g. whistleblowers).
It’s like the industrial rank and file never read the military-industrial complex speech, even while hearing their bosses take off from Moffet using taxpayer jet fuel. [1]
Yeah, if you've got a big budget, state sponsoring, and years to plan how to steal a signing key from a foreign company, I'm not going to bet against you.
If I were to guess, probably many different types of media. Music CDs, DVDs disks, usb.
Maybe those types of facilities are 99% focused on keeping data from leaving. But employees were bringing plenty of media to listen to while watching the monitors before stuxnet.
A typical facility would likely scan that incoming media and pass it to you later if it was okay’d. You aren’t allowed to ever take that media out again, however.
What is the legal situation with this? I mean, forget for a second that illegal things are done all the time, I presume it would be unconstitutional were the CIA or NSA found to be paying google engineers? How big of a scandal would this be, or is it kind of tacitly understood in the way that black-budgets for large projects are?
It would almost be as big a scandal as someone sharing internal slides showing secret programs to illegally and unconstitutionally spy on every person with a cellphone in their own country.
Or perhaps a video of a high ranking intelligence official lying to congress under oath, whilst answering questions received in advance, and then never being prosecuted for perjury to cover up such illegal activity.
Both from Taiwan I see. So if the parties involved have some pull with their government it could be that. They also could of: bought them, cracked them or as you said stolen them.
Nah, this is almost easy. In comparison, Flame used a previously-unknown (and still unknown AFAIK) method to compute MD5 collisions on a certificate, which was used for a signature.
Also: we only know about this because one of the world's best hash-collision experts, Marc Stevens, wrote a tool to detect the method of collision used when we have two different cleartext with the same hash.
He's also one of the minds behind shattered.io ; which happened because Google decided to invest some resources on his research (estimated at around ~300k). Imagine if he "simply" took a job working for an intelligence agency ?
Stuxnet was able to be reverse engineered successfully so that we can know these things.
IIRC, its sequel actually used certain directory listings (registry keys or filesystem) of a target system as input to a KDF that is used to generate an AES key that is used to decrypt the next stage payload. That is, if you don’t have the exact specific system configuration that is being targeted (program names, versions, et c) then the primary function of the worm remains entirely opaque.
Would it have been easier or harder to implement Stuxnet if the target networks were running some sort of linux? Or if it would've been a mac-only facility?
Smaller platforms (which Linux and Mac OS are, compared to Windows) draw less interest (both in exploits and scrutiny against exploits), and fragmented platforms (Linux) are harder to code for (SystemV? systemd? something else entirely?). I guess that it would have required more effort - but at this level of involvement, I would say that the result would have been achieved regardless.
The stuxnet dev team managed to get their hands on the exact same centrifuges as used in Natanz, so getting replica Linux control systems would’ve been a walk in the park.
Also, “less interest” is irrelevant when we are talking about nation states picking a specific target and throwing considerable engineering resource at exploitation.
Linux and Mac have bugs just like Windows. The only reason they have a reputation of being safer is because windows dominates marketshare, so any "spray and pray" type virus will naturally target windows over mac/linux.
On the other hand, if you or your organization is the victim of a targeted hack, it makes no difference what OS you're running. Any sufficiently motivated and skilled attacker will eventually find a way to exploit it.
As long as new software continues to be released, there will always be bugs. There is no security panacea.
TLDR; a team of state-sponsored developers & engineers with access to a huge list of vulnerabilities across windows, drivers and industrial equipment designed a worm to malfunction centrifuges used in uranium enriching with multiple hops of infection and stealth mode of operation.
Don't get me wrong, but "sophisticated" doesn't exactly mean obscure and stealth which is what stuxnet worm is all about. With access to all those vulnerabilities, i would call the worm implementation straighforward & stealth rather than sophisticated. Most likely the engineers didn't have much choice than to proceed in one possible way to be able to make it work. If one of the vulnerabilities didn't then stux.net wouldn't exist.
The respect comes with the single-mindedness of this code's approach. You would think the people doing this would have at least a little bit of The Joker in them - if they saw an opportunity to cause chaos for chaos' sake they tend to take it. Whoever did this - didn't. That is impressive focus.
What I am seeing lately with malware is increasing decline in sophistication, today malware is lame compared to the malware created around 2000. I would think that level of low level knowledge is rapidly dropping. When there were still real file infectors, there were some serious nasty technologies involved (btw, todays ransomware is a very old concept (http://virus.wikidot.com/onehalf) but it was used to prevent virus removal instead of making money).
Maybe it is the other way around: Todays malware (or a portion of it) is written so good that you don't know about it. Maybe someday another whistleblower will let us know.
I agree. Mistfall (and z0mbie himself) was years ahead of its time.
For those not aware of Mistfall: typical viruses simply append their code to the target. To avoid detection, polymorphism was introduced: viruses generate permutations of decryption logic for the actual static but encrypted virus body. The next step was metamorphism: the virus body itself got permuted. Mistfall was one step further: it disassembled the host, merged in its own permuted body and rebuilt the host. Here is an article by the author himself [1]. This was in 2000.
In general, before hacking and cybercrime became a commercial activity, there was a lively virus writing scene, where highly skilled people played the cat and mouse game with anti virus producers, created magazines with the sources of their creations and wrote articles.
Too bad that z0mbie disappeared. Sometimes when news about elite Russian hackers hits the news I wonder if it's him.
> "merged in its own permuted body and rebuilt the host."
Actually it was even more sophisticated, it not only merged its permutated body into the host, but rather rearanged the host in a way to merge chunks of its body between the chunks of host original code, using jmp instructions to keep the code flow, where entry point was inserted on random. If he would further armored it by additional polymorphism layers for each chunk this would make it even algorythmicaly impossible to detect (on the other side, even now, no one can claim it can detect all the permutations, while the disinfection is limited to "delete infected files"). This was work of art (I was a malware analyst), todays malware is a joke compared to what z0mbie was doing (even if I could argue that there is lot to do on windows, infecting MBR and owning the Windows by serving them the calls to yourself is still (maybe I am outdated?) something to be seen. I would really love to shake his hand even if we were on oposite sides :)
Other than permuting itself, what did it do that was sophisticated? Code morphing viruses have been around for a very long time, much longer than 2000. Simple replication does not constitute sophistication. Even my brother in law does that.
We're quickly heading toward the age of the first Virtual WMD. The implications can be as wide as your imagination, but possibly worse than existing WMDs.
If you took out a dam in Montana the following chain of dam failures would cut the United States in half all the way to the Gulf of Mexico and destroy US agricultural output. The US produces 40-50% of the world Soybean and Corn supply. Long term you're probably talking billions of deaths due to food shortages.
Dams are dangerous beasts. The KMT breached some dikes in the 1930s for the purpose of environmental warfare, and in the process killed half a million peasants and displaced millions more.
I'm not sure it would be. I don't think we've considered all that can happen with a sophisticated worm.
The problem with leveraging nukes is MAD. With worms, you can do a lot of damage without even knowing who did it. Think the Anthrax attacks in 2001 x 1000.
With worms, you can do a bunch of damage over a long period of time without getting discovered. What's the US going to do, start a nuclear war over it? No, see MAD above.
I mean if a worm could figure out how to stop shipping (say simultaneously disable control / start systems of vehicles or gas pumps), people will start to starve after a few days, then probably total chaos will happen leading to a bunch of deaths. That's just a single scenario.
How about if a worm took control of all the air traffic towers simultaneously and change the information so that controllers would start crashing planes everywhere.
I know nuclear war has been played out on tv and in movies for the last 70 years or so, but I don't see an all out nuclear war between two states lobbing hundreds of warheads at each other ever happening. At least not intentionally. Any type of nuclear detonation would either be accidental, or very isolated.
Mosul dam in Iraq was in serious trouble and some argued that it might collapse after the second Iraq war. If it's ever breached the disaster could kill as many as 1.5 million people living in the city below and displace a further 5 million. It's not beyond the realms of possibility that a Stuxnet aimed at the dam's control systems could kill more people than at attack with nuclear or chemical weapons.
I think you would need to think in the line of a global economy/technology/infrastructure collapse (no power production/utilities, (global) transport, financial crisis), millions of first world being thrown into third world conditions (no access to water, food, medicine) due to the large cities depending on technology.
Also see: https://archive.org/details/james-burke-connections_s01e01
You know what's worse than the instant obliteration of millions of people? The slow obliteration and starving of millions of people.
Imagine Venezuela, but much much worse.
Picture a society that doesn't know how to create institutions, conduct trade and collaborate with the people around them without the aid of a computers.
Now, I don't know if disabling their computers would result in an incredibly dysfunctional society that would starve, but it's not unthinkable. If it did, the suffering could be far beyond the instant obliteration of millions of people.
Actually, in a capitalist country it might be easier to survive such an attack. If there is demand for a product or service, people and businesses will find a way to meet that demand. Millions of people working independently to satisfy their local market demand. It would probably hurt centralized socialist or communist countries more since it severs their control, surveillance, and communication mechanisms.
I agree that markets tend to buffer the effects significantly.
The problem is in times of crisis, the appreciation of market dynamics and rule of law tend to wane. Even if those things are intact, the flow of goods and services can be undermined by well-intentioned but misguided politicians.
My point was simple. Despite the systems of trade, a catastrophic shock in trade or production systems could literally kill millions in a way that is more brutal and horrific than instant obliteration.
> My point was simple. Despite the systems of trade, a catastrophic shock in trade or production systems could literally kill millions in a way that is more brutal and horrific than instant obliteration.
Systems have trade have made the market economy of the US more vulnerable to many kinds of "a catastrophic shock[s] in trade or production systems." IIRC, there are only a few days of slack in the US food supply chain. That's down from a month or two during the cold war (where I think there were mandates for reserves).
I’m intrigued - how does that play out in your head? There’s a disaster causing social collapse but a free market for food remains. Demand outstrips supply so it becomes too expensive for many to buy. What do people do before they can go back to the land and sow their own food? What about areas with a lack of suitable available land (as referenced in a sister post by the potato famine)?
I honestly didn't invest too much time playing out scenarios out in my head, rather I was mentally recalling events in modern history where we've simply allowed millions of people to starve. From a BBC article:
The scarcity, Mukherjee writes, was caused by large-scale exports of food from India for use in the war theatres and consumption in Britain - India exported more than 70,000 tonnes of rice between January and July 1943, even as the famine set in. This would have kept nearly 400,000 people alive for a full year. Mr Churchill turned down fervent pleas to export food to India citing a shortage of ships - this when shiploads of Australian wheat, for example, would pass by India to be stored for future consumption in Europe. As imports dropped, prices shot up and hoarders made a killing.
I guess if I was to assume a scenario that could lead to the starvation of millions, I'd imagine a poorer country making the mistake of relying too much on some sort of electronic platform to trade and save their money. Let's say this country/region also relied too much on exporting some agricultural commodity that was being affect by a change in climate.
A catastrophic attack on their banking platform could theoretically destroy the local populations confidence in the trading currency as well as scare away foreign lenders. It may create incentives where it's more advantageous to hoard food and sell it on the international markets rather than distribute it to local customers who can't pay.
Free markets tend to create the most value in the long run. In some situations, hoarding can create incentives to distribute to underserved areas. In scenarios where the underserved areas do not have a means of payment (monetary, barter, indentured servitude, etc.), free markets and hoarding can simply be horrifyingly cruel.
Should there be some catastrophic collapse in society, I would far prefer that the government requisitioned food and rationed it out. While it’s definitely open to abuse, I think it would do a better job in the short term of keeping people alive. A free market response to a national emergency sounds dreadful to me
I don't disagree. Most times, I would prefer the decisions of how people get the things they need are made by a network of people with incentives to provide and profit rather than central planning. However, if the situation is dire and the incentives create a deadlock, I think thought-out, extraordinary measures to help people are warranted.
Not sure how much that really buffers anything. In a lot of mature markets, the fact that the whip-hand is held by another corporation doesn't make much practical difference - what happens if someone finds an attack that bricks every Caterpillar tractor and hauler?
It doesn't matter if C&C is corporate or state, they break the same way.
Capitalist countries still centralize their control, surveillance, and communication into few hands with little diversity. The market forces you describe only apply to the early days of capitalism. Most capitalist societies are long past that, at a stage where the strong early players have re-written the rules and formed quasi-state monopolies.
Just look at how many communications companies the US has. And the government had to step in and break that up because there used to be just one. Even now they are quietly conglomerating back together, and there are no significantly different options available. It's still very vulnerable to an attack or flaw due to lack of diversity.
> You know what's worse than the instant obliteration of millions of people? The slow obliteration and starving of millions of people
Yeah, I'm going to have to sort of disagree with you there. Once you are dead, you are dead. If you are starving, things can still change and you can still have free agency.
Well I don't think my dead self would mind being dead with it being dead and all. So I don't really see how any kind of suffering is better than death. In a way death doesn't really hurt you, since you stop living.
You joke, but from a certain perspective and within certain parameters, there are people who would find this acceptable, and even preferred. I recall the movie Solace (which wasn't great, but I digress) where the premise is that a serial killer has psychic powers that allow him to see others' futures. When he detects a future that is particularly horrible (disease, injury, etc) with no hope of survival, he makes sure their last moments are wildly happy and kills them painlessly with no warning.
If we were to regard the life of the average poverty stricken human as being _terrible_, then killing them painlessly and suddenly becomes less abhorrent. Of course, then we need to define criteria for whose lives are of sufficiently bad quality where sudden death is a superior option.
Some nihilists might say all humans satisfy that criteria. Even if you're a wealthy and generally happy person, you will become old and die. If you were suddenly dead at this second with no warning, you would not care - the only downside would be those who remained alive, who presumably would care. Let's recurse until no one cares.
And the universe moves along just the same.
I am not advocating for this at all, but I felt your comment justified some sort of explanation. And I have been thinking about these existential questions quite a bit recently.
Well it's about statistics rather than what an individual might possibly be able to accomplish.
Sure, maybe you'll find a way to survive a famine, but on average most will die because the math just doesn't add up. Not enough food for everyone. And it ends up killing far more than bombs and bullets, even nukes. Disease and famine are far worse than WMD when the numbers are in.
Who stands to benefit by destabilizing the western world to such a degree? Clearly some big players like Russia and China, as well as some smaller players can benefit from destabilizing the western world a little bit. But if they destroy it to the point where millions of people are suffering, they'll bring suffering on themselves as well. It seems to me that they're probably motivated to level the playing field and gain dominance more than completely destroying or starving people on a large scale.
To be clear, I wasn't making the case for a motive or even suggesting this was a plausible scenario. My point was death from a nuclear weapon is not the worst form of death.
Modern history is littered with examples of millions of people starving or being slaughtered because societies collapsed economically or politically.
> Who stands to benefit by destabilizing the western world to such a degree?
Who's limiting the conversation to the western world? Let's think beyond ourselves for a second. Wouldn't it be just as tragic if cyber attacks were used to destabilize other places in the world? Imagine an African country that has become entirely dependent on some sort of mobile money transferring platform. Maybe their neighbor launches an attack on that platform to destabilize the country for whatever nefarious reasons.
If you can shut down enough utilities (electricity, mobile telecommunications, television & radio station, water treatment plants, access to water...) at the same time on a wide enough area, it would be devastating.
It highlights the shipping "chokepoints" where disruption causes potential food crisis for where the ship had intended to deliver its payload. If the infrastructure which manages these pathways is attacked, the security of these regions is in jeopardy.
> I'm having a hard time imagining a virtual WMD that is worse than the instant obliteration of millions of people.
Incidentally, my impression has always been that, at least with the comparatively low-yield atomic weapons that have actually been used, it's not the instant obliteration that's the biggest problem, but rather the lingering effects of fallout and radiation sickness.
Blackouts. Do what Stuxnet did to the control rooms of a large number of power plants, spinning up the machines to hard, coordinate this attack so it triggers in a large number of places.
If you can pull this off for a continental scale, you're looking at potentially months to restore power to everywhere.
Anything that doesn't require refrigeration would still work though, trucks run on diesel after all.
Which makes me concerned about the future; if the transport network becomes electric, a power outage will cripple things even more. Unless we build self-contained, internet-disconnected charging stations maybe, but that's not going to be done at any kind of significant scale.
They are still pumps: a physical system. Give me a couple hours and I can get gasoline out of any gas station without needing electricity. Of course I will destroy large parts of the machine in the process. I'll get my gas, and so will anyone else while that turns the crank. The pump will need to be replaced to use normally afterwards.
The bigger worry is gasoline in tanks is good for at most a month. The refinery is much harder to start/operate without power. They have their own backup power on site (I assume) so this might or might not be a real worry. If it is I'll just brew some ethanol.
Maybe you would, would people everywhere? Also, the tanks are underground, encased in concrete, with a submersible pump, and there are no power tools.
Might be possible to get to them. But that's solving one problem. If we're talking continent scale blackout it's also unclear what that gets you.
Typical backup power is measured in hours or days. Black start time scale for a blackout that scale is potentially significantly longer than that.
Long before petrol in refineries runs out our logistics system that distributes food to people has failed. The water system probably has failed. Now if you're in the countryside with a full pantry and a stream next to you that might not matter too much. You'll sit this one out. But if you're in the middle of New York?
My first thought when this happens is society will get itself going again in a few weeks. I wouldn't want to be the looter who robbed a gas station in the trouble. By time it was obvious that society isn't getting back together the gas in their tanks is bad so I wouldn't want it. I'd be more interested in robbing the hardware store to get shovels, and other supplies for gardening so that I can live long term. Hopefully my neighbors are helping as well, division of labor is helpful.
This assumes I survive. Anyone who is this interested in destroying society is probably going to use other means as well to kill people at the same time.
You can maybe drive a truck, but there is a lot more to a logistics pipeline then actually driving the truck. Without power the whole scheduling automation etc. has to be done manually, and it's by now simply impossible to do every automated job manually again.
Your logistics pipelines could maybe run at a few percent efficiency if every step is manual, but by then your trucks will be raided on the streets.
Actually for power plants it isn't quite so simple. Because turbines and turbogenerators at nominal speed are quite close to the limit of what the material can support, they have multiple independent fail-safes. For example, if you tried to spin a turbine above safe speed, quick acting valves redirect the steam elsewhere in a fraction of a second.
However, there are absolutely things you could do in a power plant that greatly accelerate wear. It might be possible to accelerate wear enough to achieve failure of some parts before the next maintenance happens.
"Just shutting a plant off" on the other hand is not too difficult; for most plants and upstream systems "off" is the safe state, so all systems are designed to fail into that state, if they really have to.
Virtual weapons are worse when it comes to proliferation. And they are worse when it comes to identifying attackers. Both of these could make them more likely to be used.
Software which say opened the throttle and disabled the brakes on millions of vehicles simultaneously would be in the ballpark for total destruction in a short time. With self-driving cars, the total destruction can be optimized, hunting down pedestrians and hitting vulnerable infrastructure.
In 20 years, a virtual WMD may well instantly obliterate millions of people.
I'm already unsure of what the most possible damage someone could do with over-the-air automobile firmware updates is today, just to take one example. What would it be like if someone put out a virus that at 11:32:42am on March 3rd, 2036 causes every GM, Ford, and Tesla self-driving car to lock all the doors, floor the accelerator, and let the chips fall where they may?
Consider not just the immediate impact of the crashes, but the fact that you just completely obliterated emergency services (they couldn't hope to serve but a tiny fraction of the victims), choked every major road and most of the minor roads with wreckage, wrought a catastrophe so large that while I don't predict what the effects would be, we're talking something more defining for a generation that would handily compete with both World Wars combined for psychological effect, with the Great Depression tossed in for good measure... it would be astonishing.
I'm not even sure we couldn't get close to that in 2018, to be honest. What if by some horrors the Stuxnet authors were set the task of making this happen? How close could they get?
The problem all virus authors have is escaping detection. 2036 is too far out for them to count on not being detected, and on cars being the same. Release it today, and even if you infect all cars and are undetected, GM and Ford's normal update cycle is likely to change things such that by accident your virus cannot spread. You can expect to get a handful of cars to accelerate out of control - and odds are the door locks don't work on them so you failed to lock the door.
Infecting a cars is hard for other reasons. Radios tend to be easy to updated (they can sell you new features - maps if nothing else). All other controllers tend to be more locked down such that it is likely that a virus couldn't actually spread to anything that can take control.
Maybe, who knows who GM will change over the next 20 years. GM only has guesses.
"2036 is too far out for them to count on not being detected, and on cars being the same."
Sorry, I conflated two things here. I meant someone in 2036 setting a logic bomb for something like a month in advance in their time, and as a separate question, how close one could get to such a virus today. As we keep wiring up our cars to networks (not necessarily "the Internet", but networks), it's only going to get easier.
One of the problems I think will happen with cars, only accelerated by self driving cars and the high probability that people will largely lease them rather than own them, is that the governments of the world are going to see a big pot of real-time surveillance data and real-time person control mechanisms and won't be able keep their hands off, mandating that cars start getting very connected and that cars have backdoors for authorities to take over and redirect them, etc. My scenario in 2036 may not even be a brilliant virus designer, but just one person with Python scripting skills and a bit too much access to the government control system.
It's not even that hard to imagine such a disaster happening accidentally. I'm sure, no sarcasm, that protections will be put into place, but there always has to be a developer back door mechanism of some sort, and there may be enough controls added, or they may not be added competently enough.
(And in terms of the protections of the cars themselves, remember that Stuxnet included the use of not one, but two code signing certificates that the Stuxnet authors clearly did not have true authority to use. If there's a way from the Internet to the control mechanism, even if it requires signed code, there's no guarantee a particularly capable and motivated enemy won't penetrate the protections.)
My scenario in 2036 may not even be a brilliant virus designer, but just one person with Python scripting skills and a bit too much access to the government control system.
A significant amount of how our society approaches technology issues almost seems like everyone has agreed that they WANT a gigantic catastrophe. Like they want to see an action-movie-scale real life supervillain to emerge who uses technology to severely harm people. I won't be surprised when one nutcase has prison doors flying open, planes falling from the sky, ATMs nationwide spilling into the streets, stock market prices spinning randomly, electrical grids frying themselves and everything attached, all at the same time.
You're 100% right, but you should use the word cyber, not virtual.
I know hackers hate the word cyber because grandma uses it, but it's the right word for it. The stand-in "computer based" almost works, but it doesn't cover things like hacking radios.
Eh, I'm not so sure. One of the biggest appeals of our current WMDs is they can take out the enemy's WMDs in addition to infrastructure. An attack that paralyzes an entire nation's computer network and sends self-driving cars crashing into substations doesn't mean anything to the group of guys in a bunker/submarine with the keys to the 50 year rocket powered by vaccum tubes
"Russia has hacked into many of our government entities and domestic companies in the energy, nuclear, commercial facilities, water, aviation and critical manufacturing sectors"
Forbes doesn't have a Russian bias. It has a business model bias. In short, it milks its good name while paying a low per click rate.
This combination is very, very attractive to propaganda operations. People who see themselves as writers cannot make an actual living there, but writing for a publication their parents recognize feeds their ego.
This can work either overtly or more subtly. They can simply reward useful perspectives with clicks, or they can offer additional steady money work through other channels. Either way they have an entirely deniable useful idiot.
Not scared of what “we” are doing to “them”, but rather what “they” are doing to “us”... our power plants, dams, electrical grids, gas pipelines, traffic light networks, air traffic control systems.........
The above comment makes no mentions of who is doing what to whom. I think the idea of “us” doing things worse than I could imagine is just as scary as the other way round. You are indirectly part of the responsible bodies and may face the backlash without having been able to not only do but even know anything about it. Imagine for exemple being a Russian citizen whose quality of life is diminished due to political/economic sanctions as a result of your country's espionage activity being revealed.
> Imagine for exemple being a Russian citizen whose quality of life is diminished due to political/economic sanctions as a result of your country's espionage activity being revealed.
I know quite a few Russians. Almost all act defensive over how people treat Russia as a politically homogeneous (evil) unit, when it's mainly a few oligarchs at the top. To the point of defending the political explanations espoused by state TV, which of course is heavily biased towards the narrative said oligarchs want the Russian people to believe.
Remind you of anything? I for one have stopped trusting Dutch news for "being honest with itself".
Even more interesting and along the same lines of thought, Stuxnet was probably considered a failure in the eyes of its creators. The fact that we're discussing it, analyzing it, and patching its exploits is probably the exact opposite of what its creators wanted for it, even if at a point it did have the desired affects.
But now, everyone's wiser, so the game just got more complex.
No, I'm sure whoever created it doesn't consider it a failure.
Its mission was to destroy some expensive industrial centrifuges and set back Iran's nuclear program. And it destroyed some centrifuges precisely as it was designed to. At that point discovery is inevitable, but whatevs because "mission accomplished".
> It's mission was to destroy some expensive industrial centrifuges and set back Iran's nuclear program. And it destroyed some centrifuges precisely as it was designed to. At that point discovery is inevitable, but whatevs because "mission accomplished".
I think it might be considered a partial success, but mostly failure. It did successfully set back Iran's nuclear program and destroy some centrifuges, but it spread too widely so it was probably detected much more quickly than desired.
Also, if it had been discovered only at the nuclear fuel plant, Iran might have kept quiet about it out of embarrassment, allowing it to be deployed elsewhere. Instead it was picked up by a major AV vendor and dissected very publicly.
perhaps, but perhaps the creators don't know of any more holes. Or perhaps the creators knew about more, but the focus on security that this created resulted in not just the holes stuxnet used being closed, but the others. Or perhaps the creators know about more, but their targets have added layers of security and so they can't actually get their next worm where they want it.
A lot of unknown. Those who's job it is to secure systems have their own tricks.
Kinda makes you wonder why they didn't build a way to detect when it had reached its target so that they could have the remnants on other machines removed.
"throwaway account for obvious reasons - I'm a devops for the C&C servers. Our process is actually quite similar to most other tech companies. We spend half our time arguing over what programming language to use (node/go/rust) and the other half arguing over whether we should use microservices."
Of course at least a few of them are reading Hacker News. I understand from the Snowden files that the teams are moderately large and then run for years. So there were likely many dozens of software developers who contributed to Stuxnet.
My guess is no, for maximal compartmentalization. They have a treasure trove of exploits and they grab one off the shelf and might need to burn it after they use it. I bet the people finding vulnerabilities have no clue how they end up getting used. Stuxnet probably got the top shelf attack vectors, and they were burned.
I wonder how many people have Stuxnet on their devices to this day and have no idea. It would be interesting to see how this spread, from an epidemiological standpoint.
And then people make a fuss about Russia "hacking" the election with some dumb Facebook ads which cost less than maxed out Ford Mustang.
When on the other hand we have the state-sponsored military grade/purpose viruses used to attack other nations/regions (Flume attacked a large number of targets and countries) and nobody blinks an eye.
Those are indicative of the public’s enduring lack of technology literacy, and the media’s desire to have facts and eyeballs meet halfway. Media reports Russian election interference via digital ad spend, astroturfing, and infiltration attempts on state voting systems accurately, but the views to that reporting probably pale in comparison to the oversimplified, tweet-size “Russia hacked the 2016 US election” reporting that gets around more quickly and sticks in the public conversation.
Stuxnet is considerably more sophisticated and technologically more brazen, but won’t get the same reporting. But it’s also worth it to consider whether the lack of awareness/awe over Stuxnet vis a vis Russian election tampering is simply due to technology illiteracy, or whether media is not considering the notability of the means, just the effect of the ends.
To me the astro-turfing--which is still going on btw--is the most impressive/scariest part of the whole thing. It basically means there is a constant undercurrent of motivated Russian trolls tipping the scales of perception on every single news story, online poll, comments section, social platform, clickbait site, etc. It basically means that the internet is even more a reality distortion field than we imagined, and there is no real bottom. Imagine hooking up decent conversational AIs to do this, and scaling this all the way up to drown out the real conversation.
> But it’s also worth it to consider whether the lack of awareness/awe over Stuxnet vis a vis Russian election tampering is simply due to technology illiteracy, or whether media is not considering the notability of the means, just the effect of the ends.
No, it's because the media is ultimately subservient to power regardless of what they might think of themselves. US attacks on countries designated by power as enemies -- Iran, Venezuela, Russia, etc., are only to be discussed in clinical terms, marveling at their technological sophistication, for example, never in moral terms. Bringing up any introspection of what American reaction would be if Iran did the same thing to us is virtually career suicide for a mainstream media professional. Trying to draw parallels between Russia meddling and Stuxnet, noting that Stuxnet was an attack many times worse, is cutting it dangerously close.
That may be the larger factor, but I also believe that if you control for the media perspective on the perpetrator and targets of separate incidents, something like Stuxnet and its sophistication will be given less emphasis, because its sophistication is beyond the public's technology literacy, and would be considered too "inside baseball".
Nobody is saying not to care. Parent comment is just pointing difference in reaction to a situation ( outside actors trying to screw a country), which is hypocritical.
Engineering an election to install a malleable leader in a rival country is the holy grail if you ask me. Developing the cyber equivalent of WMDs to get what you want is a relatively blunt tool, just like how North Korea is doing but they use nukes
That kind of complacent pride is very dangerous. Do you think the facebook ads are the only route taken? And do you think that nobody else is going to refine and develop these methods? The whole world saw an opportunity last November.
What we just saw was a public alpha. There will be a beta and a final version of this system. The rewards are too great for every state-level actor to ignore and fail to develop election manipulation tools using any new technology they can get their hands on. Big data may have doomed democratic process in an irreversible way. The next couple of decades will be telling.
> What we just saw was a public alpha. There will be a beta and a final version of this system. The rewards are too great for every state-level actor to ignore and fail to develop election manipulation tools using any new technology they can get their hands on. Big data may have doomed democratic process in an irreversible way. The next couple of decades will be telling.
What we saw was the first export version for the West. Authoritarian regimes have been honing many of the same propaganda techniques on their own populations for some time.
I have a question. Since the worm travels from USB to USB, does that mean that it infected thousands (or more) of regular people USBs but did nothing, until it found itself in a purity facility? Or was the worm somehow directly sent (physically or digitally) to the facility?
Yeah, most worms like this have detective capability to work out whether they’re on the systems that they’re wanting to be on. If not, they’ll either try to clean up and vanish or just serve for further propagation.
Stuxnet was discovered because it accidentally spread too far, and ended up on a malware analysts desk.
There was a targeted supplier, an upstream vendor as the insertion point, but it spread outside of that chain.
Appendix C is my favorite part: a look at all the things that can be gleaned from television footage of the facilities, brief glances at control screens, etc.
_When that USB drive is inserted into a Windows PC, without the user knowing it, that worm will quietly run itself, and copy itself to that PC._ Truly magical. Anthropomorphism and personification help continue the myth of sentient, usually evil, software. Whilst scaring the heebie jeebies out of everyone.
Is it still believed that Stuxnet was never intended to escape and infect machines worldwide? If so, I think that blunder deserves to be a more prominent part of the story.
Considering that we have known about Stuxnet for nearly a decade, why are we still using OS technology that makes such changes/intrusions/phoning-home so easy to conceal?
I highly recommend "Avogadro Corp: The Singularity Is Closer Than It Appears" by William Hertling to anyone interested in some good AI scifi around computer worms/virus.
506 comments
[ 2.9 ms ] story [ 317 ms ] threadI think Israel is much more in the business of targeted strikes on personnel and infrastructure to keep their enemies in check, something they're very capable of.
While technically true, in Hiroshima were multiple military headquarters and Nagasaki were industrial city and shipyard. Just saying there there was a bit more reasoning behind the selection then "where we could kill the most civilians".
Iran isn't alone with the rhetoric of 'destroy your enemies'. North Korea and the US sell the same story, just the enemy changes. Whether the enemy is Israel, the US, or the arbitrary definition of a terrorist, the sell is ultimately a strategy to sustain support for military spending. It's hard to defend vast military spending when you have a poverty problem in your country - unless you can say you have enemies to defend against.
Perhaps they feel threatened.
And the "wipe Israel off the face of the map" quote is contested.
https://www.washingtonpost.com/blogs/fact-checker/post/did-a...
> Then, specialists such as Juan Cole of the University of Michigan and Arash Norouzi of the Mossadegh Project pointed out that the original statement in Persian did not say that Israel should be wiped from the map, but instead that it would collapse.
> Cole said this week that in the 1980s Khomeini gave a speech in which he said in Persian “Een rezhim-i eshghalgar-i Quds bayad az sahneh-i ruzgar mahv shaved.” This means, “This occupation regime over Jerusalem must vanish from the arena of time.” But then anonymous wire service translators rendered Khomeini as saying that Israel “must be wiped off the face of the map,” which Cole and Nourouzi say is inaccurate.
Sure there are some in Iran who will probably say that. Just like there are some in the western countries that if inteviewed will say the same of whoever the current bogey man is. Hell, John Bolton is back
I think the reason Trump and Netanyahu are so enraged by the JCPOA agreement is that it makes concessions to Iran in exchange of.. nothing, since Iran already didn't have any active nuclear weapons research. The purpose of the continued insistence on Iran's nuclear threat is to weaken it, and the JCPOA effectively kills this strategy.
> Iran has nuclear power plants though, and uranium enrichment is needed to fuel them.
They have a single commercial reactor[0], and it doesn't need the enrichment levels they are producing.
Most reactors are light water reactors (of two types – PWR and BWR) and require uranium to be enriched from 0.7% to 3-5% U-235 in their fuel. This is normal low-enriched uranium (LEU). There is some interest in taking enrichment levels to about 7%, and even close to 20% for certain special power reactor fuels, as high-assay LEU (HALEU).[1]
Iran has over 200kg(!) of 20% enriched uranium[2]. I guess it could be for an unbuilt, experimental reactor like they claim. It seems unlikely, since they haven't pursued any contracts for a reactor like that.
[0] https://en.wikipedia.org/wiki/Bushehr_Nuclear_Power_Plant
[1] http://www.world-nuclear.org/information-library/nuclear-fue...
[2] http://www.world-nuclear.org/information-library/country-pro...
But even the integration is impressive.
1) The legal, ethical, technical challenges of creating the software.
2) The ability of the software to remain hidden in (sophisticated) environments rich with (sophisticated) organizations looking for exactly this kind of thing.
3) The stealth of the entire research, design, development, and deployment phases of the project.
4) The highly specialized nature of the target.
5) The scale of the entities involved.
6) All of this sophistication and we can't even see the source code (decompilation doesn't count).
This is frankly some impressively sophisticated software. Also, incidentally, the Quora poster's company looks like a fun place to work (with good programmers on the team). Some of his other answers are thoughtful and interesting to read, too, if you get the chance.
I find it very satisfying to understand a problem so well, up to the point you can find a simple and elegant solution to it. It makes the solution easier to reason about with other team members, and easier for the team to maintain it later. I see this as making your domain expertise available as a framework for the other team members.
This is my idea of sophistication in the software development world.
The basic implementation was a calculator that could add, sub, mul, div, pow, and sqrt. Bonus points were awarded for adding additional functionality including lettered variables. It started with a relatively clean shunting-yard implementation, but my use of regular expressions quickly fixed that.
My calculator worked under most circumstances, but that thing is an eye sore. I'll never get rid of that source code. I like to go back and look a few key pieces of software I've written through the years.
I'm asking in honesty, not using the question to merely attack your opinion. I recognize there are things I have probably not considered.
It is easier and more likely to succeed. Also, stuxnet has now been repurposed by multiple governments and criminal organizations. So, it’s creators built a symmetric capability, and gave it to their adversaries, when they could have used asymmetric capabilities that are more expensive to reproduce.
[edit: Also, it is still well within the Iranians’ capabilities to build a bomb, and our recent foreign policy greatly increases the chances that hard liners will take over and restart the program.
Contrast this to the outcome of the broader cold world strategy, which was a regime change to a relatively US-friendly government.]
1. Get the code to work 2. Clean up the code 3. Simplify the code
1 is self explanatory. 2 involves removing any logical redundancy, separating and cleaning the logic into methods, etc. 3 involves simplifying logic and logical mechanisms.
Most developers only do step 1 and maybe step 2. Step 3 is where beauty comes in.
If I could organize my thoughts around this concept, it would probably make a pretty good article. I don't know who the source is but a good quote goes something like this, "real genius isn't solving the complex, it's solving the complex in a simple way."
I made a poster with this for my office wall.
It would be impressive if it was the work of a teenager but it's not.
Industrial automation stuff like this is a common part of the "technical high school" curricula where I live. (of course only on the "press this button and then that happens" level)
Ha, generally true probably, but in my case as a teen I got my hands of a bunch of old industrial PLCs and built all kinds of interesting things in my room. :-) Ladder logic is how I got started programing, I didn't even have my own computer back then.
A really creative hack, so to speak. (or destructive? anti-destructive? shrug)
If that's not cool, I don't know what is...
In response, the US introduced an integer overflow bug that was uptime dependent, and took something like 6 months to hit. The bug simultaneously cranked up the pumps and closed all the valves in the network.
It was known that the Soviet economy would crash in under a year without the ability to cheaply move natural gas, so they couldn’t test long enough to find this.
A year or so later, the DoD’s seismographs detected the largest non-nuclear explosion in human history.
The main impact wasn’t the explosion or the short-term economic damage. The main impact was that the USSR stopped trusting stolen software, which set them way further back, economically and militarily.
Arguably, that ~one line of code was infinitely more sophisticated than stuxnet.
I think this account might be a bit wrong. The one I read said that the CIA acquired a "shopping list" of Western technology that the USSR wanted to acquire. It included the pipeline control software, so they arranged for a trojaned version to become available to the Soviet shoppers.
Apparently this was a pretty common Soviet activity. Their electronics technology was behind the West's, in general. IIRC, many US semiconductor designs has little cartoons on the dies to taunt the Soviet reverse engineers.
http://jeffreycarr.blogspot.com/2012/06/myth-of-cia-and-tran...
Also, this story seems to be taking on a life of its own. You have some details that were not in previous rounds. Integer overflow based on uptime was not in the original unverified story.
It explains in great detail how Stuxnet worked and, which I found the most exciting, how it was discovered and reverse engineered.
Looks good! Might have to check it out tonight.
Whilst I enjoyed the multiple viewpoints it provides (some claim that Stuxnet was actually quite sloppily written, depending on numerous factors), it happened to be one of those books which wrote 100 pages worth of information in 400 pages instead and dragged every little point on. YMMV.
That being said, I read it mostly for entertainment and I think the author did a good job of packaging a lot of factual information into a captivating story.
That being said, not all parts are created equal. There are quite a few pages dedicated to looking at the number of centrifuges Iran was installing and amount of gas they enriched, as this were the metrics Stuxnet was affecting. To me, that was as exciting as reading a company's monthly inventory report.
But I guess that's to be expected in a book that tells a true story instead of just being based on true story.
> that driver started signing it with secret keys from JMicron
I think this is the scariest part of the worm. Not only do the people writing it have access to zero-days, they also somehow have (possibly physical) access to the private keys of two large corporations.
“Keep this quiet or go to the same jail in which Manning was tortured basically to death” is a pretty persuasive argument.
The fact that Google was asleep at the wheel so long wrt encryption of internal network WAN links (I mean, wikipedia has an article about the double-hull sub that the navy uses to tap intercontinental fibers) suggests to me that most Googlers (and despite organizational differences, also most Apple and FB and Amazon staff (outside of govcloud)) simply aren’t thinking about the illegal lengths to which the military will go to obtain huge amounts of information about possible threats to their safety, security, or persistence methods (e.g. whistleblowers).
It’s like the industrial rank and file never read the military-industrial complex speech, even while hearing their bosses take off from Moffet using taxpayer jet fuel. [1]
[1] https://www.wsj.com/articles/google-jet-fleet-loses-a-nasa-f...
You don't even have to speak about it. Not cooperate, and you'll go to jail.
https://www.washingtonpost.com/news/the-switch/wp/2013/09/30...
Maybe those types of facilities are 99% focused on keeping data from leaving. But employees were bringing plenty of media to listen to while watching the monitors before stuxnet.
A typical facility would likely scan that incoming media and pass it to you later if it was okay’d. You aren’t allowed to ever take that media out again, however.
I’m just guessing though.
Or perhaps a video of a high ranking intelligence official lying to congress under oath, whilst answering questions received in advance, and then never being prosecuted for perjury to cover up such illegal activity.
So, not a big scandal at all. Page 2 news.
https://arstechnica.com/information-technology/2012/06/flame...
This isn't stealing a cert or burning four zero-days. This is dropping a zero-day cryptographical attack, which hasn't been reverse engineered yet.
He's also one of the minds behind shattered.io ; which happened because Google decided to invest some resources on his research (estimated at around ~300k). Imagine if he "simply" took a job working for an intelligence agency ?
IIRC, its sequel actually used certain directory listings (registry keys or filesystem) of a target system as input to a KDF that is used to generate an AES key that is used to decrypt the next stage payload. That is, if you don’t have the exact specific system configuration that is being targeted (program names, versions, et c) then the primary function of the worm remains entirely opaque.
I'm curious.
Also, “less interest” is irrelevant when we are talking about nation states picking a specific target and throwing considerable engineering resource at exploitation.
On the other hand, if you or your organization is the victim of a targeted hack, it makes no difference what OS you're running. Any sufficiently motivated and skilled attacker will eventually find a way to exploit it.
As long as new software continues to be released, there will always be bugs. There is no security panacea.
... and centralized updates for all software and libraries and make it hard to use old libraries and selinux and ...
Of course any software has bugs, but "only reason" is very much false equivocation.
But it is widely believed that Stuxnet was initiated from the US, and Microsoft is a US company, so...
Don't get me wrong, but "sophisticated" doesn't exactly mean obscure and stealth which is what stuxnet worm is all about. With access to all those vulnerabilities, i would call the worm implementation straighforward & stealth rather than sophisticated. Most likely the engineers didn't have much choice than to proceed in one possible way to be able to make it work. If one of the vulnerabilities didn't then stux.net wouldn't exist.
It’s not really a secret anymore.
What I am seeing lately with malware is increasing decline in sophistication, today malware is lame compared to the malware created around 2000. I would think that level of low level knowledge is rapidly dropping. When there were still real file infectors, there were some serious nasty technologies involved (btw, todays ransomware is a very old concept (http://virus.wikidot.com/onehalf) but it was used to prevent virus removal instead of making money).
For those not aware of Mistfall: typical viruses simply append their code to the target. To avoid detection, polymorphism was introduced: viruses generate permutations of decryption logic for the actual static but encrypted virus body. The next step was metamorphism: the virus body itself got permuted. Mistfall was one step further: it disassembled the host, merged in its own permuted body and rebuilt the host. Here is an article by the author himself [1]. This was in 2000.
In general, before hacking and cybercrime became a commercial activity, there was a lively virus writing scene, where highly skilled people played the cat and mouse game with anti virus producers, created magazines with the sources of their creations and wrote articles.
Too bad that z0mbie disappeared. Sometimes when news about elite Russian hackers hits the news I wonder if it's him.
[1]: http://z0mbie.daemonlab.org/autorev.txt
http://dsr.segfault.es/stuff/website-mirrors/29A/
And mirror of z0mbie (mistfall author) site http://z0mbie.daemonlab.org/
I am really interested what happened with z0mbie... he just vanished at some point...
https://web.archive.org/web/20110205151357/http://www.rootki...
> "merged in its own permuted body and rebuilt the host."
Actually it was even more sophisticated, it not only merged its permutated body into the host, but rather rearanged the host in a way to merge chunks of its body between the chunks of host original code, using jmp instructions to keep the code flow, where entry point was inserted on random. If he would further armored it by additional polymorphism layers for each chunk this would make it even algorythmicaly impossible to detect (on the other side, even now, no one can claim it can detect all the permutations, while the disinfection is limited to "delete infected files"). This was work of art (I was a malware analyst), todays malware is a joke compared to what z0mbie was doing (even if I could argue that there is lot to do on windows, infecting MBR and owning the Windows by serving them the calls to yourself is still (maybe I am outdated?) something to be seen. I would really love to shake his hand even if we were on oposite sides :)
Sometimes how you do it is far more interesting than what you do (but it might be a tad more complex to understand).
Who knows what kinds of software are still out there quietly doing their thing in the shadows.
The problem with leveraging nukes is MAD. With worms, you can do a lot of damage without even knowing who did it. Think the Anthrax attacks in 2001 x 1000.
With worms, you can do a bunch of damage over a long period of time without getting discovered. What's the US going to do, start a nuclear war over it? No, see MAD above.
I mean if a worm could figure out how to stop shipping (say simultaneously disable control / start systems of vehicles or gas pumps), people will start to starve after a few days, then probably total chaos will happen leading to a bunch of deaths. That's just a single scenario.
How about if a worm took control of all the air traffic towers simultaneously and change the information so that controllers would start crashing planes everywhere.
I know nuclear war has been played out on tv and in movies for the last 70 years or so, but I don't see an all out nuclear war between two states lobbing hundreds of warheads at each other ever happening. At least not intentionally. Any type of nuclear detonation would either be accidental, or very isolated.
Imagine Venezuela, but much much worse.
Picture a society that doesn't know how to create institutions, conduct trade and collaborate with the people around them without the aid of a computers.
Now, I don't know if disabling their computers would result in an incredibly dysfunctional society that would starve, but it's not unthinkable. If it did, the suffering could be far beyond the instant obliteration of millions of people.
The problem is in times of crisis, the appreciation of market dynamics and rule of law tend to wane. Even if those things are intact, the flow of goods and services can be undermined by well-intentioned but misguided politicians.
My point was simple. Despite the systems of trade, a catastrophic shock in trade or production systems could literally kill millions in a way that is more brutal and horrific than instant obliteration.
Systems have trade have made the market economy of the US more vulnerable to many kinds of "a catastrophic shock[s] in trade or production systems." IIRC, there are only a few days of slack in the US food supply chain. That's down from a month or two during the cold war (where I think there were mandates for reserves).
The scarcity, Mukherjee writes, was caused by large-scale exports of food from India for use in the war theatres and consumption in Britain - India exported more than 70,000 tonnes of rice between January and July 1943, even as the famine set in. This would have kept nearly 400,000 people alive for a full year. Mr Churchill turned down fervent pleas to export food to India citing a shortage of ships - this when shiploads of Australian wheat, for example, would pass by India to be stored for future consumption in Europe. As imports dropped, prices shot up and hoarders made a killing.
http://www.bbc.co.uk/blogs/thereporters/soutikbiswas/2010/10...
I guess if I was to assume a scenario that could lead to the starvation of millions, I'd imagine a poorer country making the mistake of relying too much on some sort of electronic platform to trade and save their money. Let's say this country/region also relied too much on exporting some agricultural commodity that was being affect by a change in climate.
A catastrophic attack on their banking platform could theoretically destroy the local populations confidence in the trading currency as well as scare away foreign lenders. It may create incentives where it's more advantageous to hoard food and sell it on the international markets rather than distribute it to local customers who can't pay.
Free markets tend to create the most value in the long run. In some situations, hoarding can create incentives to distribute to underserved areas. In scenarios where the underserved areas do not have a means of payment (monetary, barter, indentured servitude, etc.), free markets and hoarding can simply be horrifyingly cruel.
What are your thoughts?
It doesn't matter if C&C is corporate or state, they break the same way.
Just look at how many communications companies the US has. And the government had to step in and break that up because there used to be just one. Even now they are quietly conglomerating back together, and there are no significantly different options available. It's still very vulnerable to an attack or flaw due to lack of diversity.
Yeah, I'm going to have to sort of disagree with you there. Once you are dead, you are dead. If you are starving, things can still change and you can still have free agency.
I'm comparing death by obliteration to death by starvation.
So maybe we should round up all the poor people and gas them to put them out of their misery?
If we were to regard the life of the average poverty stricken human as being _terrible_, then killing them painlessly and suddenly becomes less abhorrent. Of course, then we need to define criteria for whose lives are of sufficiently bad quality where sudden death is a superior option.
Some nihilists might say all humans satisfy that criteria. Even if you're a wealthy and generally happy person, you will become old and die. If you were suddenly dead at this second with no warning, you would not care - the only downside would be those who remained alive, who presumably would care. Let's recurse until no one cares.
And the universe moves along just the same.
I am not advocating for this at all, but I felt your comment justified some sort of explanation. And I have been thinking about these existential questions quite a bit recently.
Sure, maybe you'll find a way to survive a famine, but on average most will die because the math just doesn't add up. Not enough food for everyone. And it ends up killing far more than bombs and bullets, even nukes. Disease and famine are far worse than WMD when the numbers are in.
Modern history is littered with examples of millions of people starving or being slaughtered because societies collapsed economically or politically.
> Who stands to benefit by destabilizing the western world to such a degree?
Who's limiting the conversation to the western world? Let's think beyond ourselves for a second. Wouldn't it be just as tragic if cyber attacks were used to destabilize other places in the world? Imagine an African country that has become entirely dependent on some sort of mobile money transferring platform. Maybe their neighbor launches an attack on that platform to destabilize the country for whatever nefarious reasons.
https://www.bloomberg.com/graphics/2018-food-trade-chokepoin...
It highlights the shipping "chokepoints" where disruption causes potential food crisis for where the ship had intended to deliver its payload. If the infrastructure which manages these pathways is attacked, the security of these regions is in jeopardy.
Incidentally, my impression has always been that, at least with the comparatively low-yield atomic weapons that have actually been used, it's not the instant obliteration that's the biggest problem, but rather the lingering effects of fallout and radiation sickness.
If you can pull this off for a continental scale, you're looking at potentially months to restore power to everywhere.
https://en.wikipedia.org/wiki/December_2015_Ukraine_power_gr...
Which makes me concerned about the future; if the transport network becomes electric, a power outage will cripple things even more. Unless we build self-contained, internet-disconnected charging stations maybe, but that's not going to be done at any kind of significant scale.
The bigger worry is gasoline in tanks is good for at most a month. The refinery is much harder to start/operate without power. They have their own backup power on site (I assume) so this might or might not be a real worry. If it is I'll just brew some ethanol.
Might be possible to get to them. But that's solving one problem. If we're talking continent scale blackout it's also unclear what that gets you.
Typical backup power is measured in hours or days. Black start time scale for a blackout that scale is potentially significantly longer than that.
Long before petrol in refineries runs out our logistics system that distributes food to people has failed. The water system probably has failed. Now if you're in the countryside with a full pantry and a stream next to you that might not matter too much. You'll sit this one out. But if you're in the middle of New York?
My first thought when this happens is society will get itself going again in a few weeks. I wouldn't want to be the looter who robbed a gas station in the trouble. By time it was obvious that society isn't getting back together the gas in their tanks is bad so I wouldn't want it. I'd be more interested in robbing the hardware store to get shovels, and other supplies for gardening so that I can live long term. Hopefully my neighbors are helping as well, division of labor is helpful.
This assumes I survive. Anyone who is this interested in destroying society is probably going to use other means as well to kill people at the same time.
You can maybe drive a truck, but there is a lot more to a logistics pipeline then actually driving the truck. Without power the whole scheduling automation etc. has to be done manually, and it's by now simply impossible to do every automated job manually again.
Your logistics pipelines could maybe run at a few percent efficiency if every step is manual, but by then your trucks will be raided on the streets.
However, there are absolutely things you could do in a power plant that greatly accelerate wear. It might be possible to accelerate wear enough to achieve failure of some parts before the next maintenance happens.
"Just shutting a plant off" on the other hand is not too difficult; for most plants and upstream systems "off" is the safe state, so all systems are designed to fail into that state, if they really have to.
Software which say opened the throttle and disabled the brakes on millions of vehicles simultaneously would be in the ballpark for total destruction in a short time. With self-driving cars, the total destruction can be optimized, hunting down pedestrians and hitting vulnerable infrastructure.
I'm already unsure of what the most possible damage someone could do with over-the-air automobile firmware updates is today, just to take one example. What would it be like if someone put out a virus that at 11:32:42am on March 3rd, 2036 causes every GM, Ford, and Tesla self-driving car to lock all the doors, floor the accelerator, and let the chips fall where they may?
Consider not just the immediate impact of the crashes, but the fact that you just completely obliterated emergency services (they couldn't hope to serve but a tiny fraction of the victims), choked every major road and most of the minor roads with wreckage, wrought a catastrophe so large that while I don't predict what the effects would be, we're talking something more defining for a generation that would handily compete with both World Wars combined for psychological effect, with the Great Depression tossed in for good measure... it would be astonishing.
I'm not even sure we couldn't get close to that in 2018, to be honest. What if by some horrors the Stuxnet authors were set the task of making this happen? How close could they get?
Infecting a cars is hard for other reasons. Radios tend to be easy to updated (they can sell you new features - maps if nothing else). All other controllers tend to be more locked down such that it is likely that a virus couldn't actually spread to anything that can take control.
Maybe, who knows who GM will change over the next 20 years. GM only has guesses.
Sorry, I conflated two things here. I meant someone in 2036 setting a logic bomb for something like a month in advance in their time, and as a separate question, how close one could get to such a virus today. As we keep wiring up our cars to networks (not necessarily "the Internet", but networks), it's only going to get easier.
One of the problems I think will happen with cars, only accelerated by self driving cars and the high probability that people will largely lease them rather than own them, is that the governments of the world are going to see a big pot of real-time surveillance data and real-time person control mechanisms and won't be able keep their hands off, mandating that cars start getting very connected and that cars have backdoors for authorities to take over and redirect them, etc. My scenario in 2036 may not even be a brilliant virus designer, but just one person with Python scripting skills and a bit too much access to the government control system.
It's not even that hard to imagine such a disaster happening accidentally. I'm sure, no sarcasm, that protections will be put into place, but there always has to be a developer back door mechanism of some sort, and there may be enough controls added, or they may not be added competently enough.
(And in terms of the protections of the cars themselves, remember that Stuxnet included the use of not one, but two code signing certificates that the Stuxnet authors clearly did not have true authority to use. If there's a way from the Internet to the control mechanism, even if it requires signed code, there's no guarantee a particularly capable and motivated enemy won't penetrate the protections.)
After the LocationSmart vulnerability, that seems very plausible. (If you haven't seen it: https://www.robertxiao.ca/hacking/locationsmart/)
https://en.wikipedia.org/wiki/Civilization_and_Its_Disconten...
Corollary: It is vital (no pun intended) that we learn to live in harmony with Nature or we will destroy ourselves.
I know hackers hate the word cyber because grandma uses it, but it's the right word for it. The stand-in "computer based" almost works, but it doesn't cover things like hacking radios.
https://www.forbes.com/sites/jamesconca/2018/03/16/russia-ha...
The same was also reported by MI5, Europol and of course within Ukraine.
This combination is very, very attractive to propaganda operations. People who see themselves as writers cannot make an actual living there, but writing for a publication their parents recognize feeds their ego.
This can work either overtly or more subtly. They can simply reward useful perspectives with clicks, or they can offer additional steady money work through other channels. Either way they have an entirely deniable useful idiot.
Forbes is particularly full of this.
I know quite a few Russians. Almost all act defensive over how people treat Russia as a politically homogeneous (evil) unit, when it's mainly a few oligarchs at the top. To the point of defending the political explanations espoused by state TV, which of course is heavily biased towards the narrative said oligarchs want the Russian people to believe.
Remind you of anything? I for one have stopped trusting Dutch news for "being honest with itself".
Your comment doesn't specify the us or them so it can apply to virtually any group.
But now, everyone's wiser, so the game just got more complex.
Its mission was to destroy some expensive industrial centrifuges and set back Iran's nuclear program. And it destroyed some centrifuges precisely as it was designed to. At that point discovery is inevitable, but whatevs because "mission accomplished".
I think it might be considered a partial success, but mostly failure. It did successfully set back Iran's nuclear program and destroy some centrifuges, but it spread too widely so it was probably detected much more quickly than desired.
Also, if it had been discovered only at the nuclear fuel plant, Iran might have kept quiet about it out of embarrassment, allowing it to be deployed elsewhere. Instead it was picked up by a major AV vendor and dissected very publicly.
If Stuxnet was as successful as I'm sure its creators wanted it to be, we wouldn't be discussing it.
And perhaps there is an even more technical worm out there still hidden and stuxnet was merely a first draft.
A lot of unknown. Those who's job it is to secure systems have their own tricks.
Shame the author didn't mention Flame (or any of the other since-discovered super-viruses) at the end.
When on the other hand we have the state-sponsored military grade/purpose viruses used to attack other nations/regions (Flume attacked a large number of targets and countries) and nobody blinks an eye.
Stuxnet is considerably more sophisticated and technologically more brazen, but won’t get the same reporting. But it’s also worth it to consider whether the lack of awareness/awe over Stuxnet vis a vis Russian election tampering is simply due to technology illiteracy, or whether media is not considering the notability of the means, just the effect of the ends.
No, it's because the media is ultimately subservient to power regardless of what they might think of themselves. US attacks on countries designated by power as enemies -- Iran, Venezuela, Russia, etc., are only to be discussed in clinical terms, marveling at their technological sophistication, for example, never in moral terms. Bringing up any introspection of what American reaction would be if Iran did the same thing to us is virtually career suicide for a mainstream media professional. Trying to draw parallels between Russia meddling and Stuxnet, noting that Stuxnet was an attack many times worse, is cutting it dangerously close.
Like Watergate, but by a foreign actor.
What we just saw was a public alpha. There will be a beta and a final version of this system. The rewards are too great for every state-level actor to ignore and fail to develop election manipulation tools using any new technology they can get their hands on. Big data may have doomed democratic process in an irreversible way. The next couple of decades will be telling.
What we saw was the first export version for the West. Authoritarian regimes have been honing many of the same propaganda techniques on their own populations for some time.
See:
https://en.wikipedia.org/wiki/Internet_Research_Agency (they were involved in the 2016 election interference, but they've long been doing similar in Russia and Eastern Europe).
https://en.wikipedia.org/wiki/50_Cent_Party (Chinese equivalent)
I think it's important for Westerns to study the details of these propaganda programs, so we can recognize and respond to the export versions.
More links:
https://www.rand.org/pubs/perspectives/PE198.html
https://gking.harvard.edu/50c
https://www.nytimes.com/2016/05/20/business/international/ch...
https://chinadigitaltimes.net/2011/06/future-banned-on-sina-...
https://www.buzzfeed.com/maxseddon/documents-show-how-russia... (from 2014!)
Also, read this: https://www.theguardian.com/world/2012/jan/11/iran-nuclear-c...
Stuxnet was discovered because it accidentally spread too far, and ended up on a malware analysts desk.
There was a targeted supplier, an upstream vendor as the insertion point, but it spread outside of that chain.
Appendix C is my favorite part: a look at all the things that can be gleaned from television footage of the facilities, brief glances at control screens, etc.
I find that misconception worse!