Would you trust Microsoft Windows in nuclear programmes?

GRABLE EVENT - Part of Operation Upshot-Knothole, was a 15-kiloton test fired from a 280-mm cannon on May 25, 1953 at the Nevada Proving Grounds. Frenchman's Flat, Nevada - Atomic Cannon TestHistory's first atomic artillery shell fired from the Army's new 280-mm artillery gun. Hundreds of high ranking Armed Forces officers and members of Congress are present. The fireball ascending. (source: Wikipedia)

Summary: Stuxnet -- perhaps best known for its effects on Microsoft Windows-dependent nuclear programmes -- is now a Chinese concern as well; Windows users are still under heavy artillery from malware

ALL WE have been saying about Stuxnet so far can be found in the following posts (this epidemic is still out of control):

1. Ralph Langner Says Windows Malware Possibly Designed to Derail Iran's Nuclear Programme
2. Windows Viruses Can be Politically Motivated Sometimes
3. Who Needs Windows Back Doors When It's So Insecure?
4. Windows Insecurity Becomes a Political Issue
5. Windows, Stuxnet, and Public Stoning
6. 1
7. Has BP Already Abandoned Windows?
8. Reports: Apple to Charge for (Security) Updates
9. Windows Viruses Can be Politically Motivated Sometimes
10. New Flaw in Windows Facilitates More DDOS Attacks
11. Siemens is Bad for Industry, Partly Due to Microsoft
12. 4
13. Microsoft's Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
14. Microsoft Software: a Darwin Test for Incompetence
15. Bad September for Microsoft Security, Symantec Buyout Rumours
16. Microsoft Claims Credit for Failing in Security
17. Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data

The risk of accidental nuclear exchanges is said to be on par with if not greater than that of a man-triggered nuclear war. In the Cuban Missile Crisis, a Soviet submarine was just seconds away from launching nuclear missiles into US targets (the report was unsealed only decades later) and just over a decade ago antiquated Russian equipment almost fired automatically at false alarms of nuclear war (it was manually prevented before an accidental nuclear war could be started). The danger of Microsoft Windows in such sensitive operations ought to become apparent. Other than man-made global warming/peak oil/famine, the greatest threat to human survival is said to be those 50,000+ nuclear warheads which are kept under control by one operating system or another.

"Iran arrests Stuxnet 'nuclear spies'," reports IDG.

Iran says it has detained a number of 'nuclear spies' in connection with the Stuxnet malware attacks on its nuclear programme computer systems last week.

Who has been arrested and on what evidence has not yet been explained, but the country's Intelligence Minister, Heidar Moslehi, adopted a triumphant tone in reported comments made to the Iranian Mehr News agency and domestic TV sources.

The fear finally spreads to China, which is another country the West loves to fear. "Nationwide holiday ups China's risk to Stuxnet," says this new headline.

Computer hackers have warned that the week-long National Day holiday in China that began Friday could leave the country vulnerable to further attacks from Stuxnet, according to a report by news agency AFP.

It turns out that Stuxnet has been out there for quite some time:

Sophisticated stuxnet malware is approaching 18 months old

[...]

The report reveals that Stuxnet is a complex piece of code that generates no less than 32 payload exports and can spread in multiple environments, including in local area networks using a vulnerability in the Windows print spooler, as well as tapping Windows Server to hit smaller enterprises.

When it's estimated that one in two Windows PCs is a zombie PC and reporters still fail to call out Windows, how will anyone ever wisen up? Even a Microsoft console game, Halo [1, 2], has become a vector for infecting Windows based on this news:

Gamers looking to get the Recon Armor in the latest iteration of the Halo franchise (Halo: Reach) should think twice about using “alternative” methods.

Microsoft is warning fans of the game to steer clear of some code generators which promise to deliver the rare armor, but instead infect their computers with malware.

The Windows-only Zeus, which we wrote about in [1, 2, 3, 4, 5], is targeting Linkedin users who are running Windows at the moment:

Nevertheless, if anyone is affected with the spam mail, Cisco recommends that that person should reset his passwords since the Zeus Trojan attack seizes login credentials and passwords.

Why go through all this complexity/trouble? If my parents use GNU/Linux on the desktop, everyone can too. It's not that hard (in certain ways it's easier) and it is a lot safer. ⬆