Bonum Certa Men Certa

The Lessons of Stuxnet: Never Use Microsoft Windows

The NSA is playing with nukes

Missiles



Summary: Windows is sufficiently 'NSA-compatible' for remote compromise and physical damage (sabotage) to highly sensitive, high-risk equipment

MANY news reports from around Friday [1-13] made it abundantly clear that Stuxnet, an Israel- and US-made virus that targets Microsoft Windows, was deployed not only in Iran (which uses Windows and Microsoft Linux) but also deployed (albeit unsuccessfully) in North Korea.



It is worth noting that Stuxnet was developed not only in the US but also in Israel and much of Microsoft's software development for 'security' is also done in Israel, so it might not detect Stuxnet (by design).

"Imagine the media reaction if some nation's government tried to install viruses in nuclear facilities in the US..."News from North Korea should remind any nation with military facilities (that's about every nation on Earth) to dodge Microsoft Windows. Turkey, for instance, reportedly moved its army to GNU/Linux and several other nations make similar moves for security reasons. In order to explain North Korea's resistance to the infection some corporation media likes to highlight "near-complete isolation" (see below) rather than reliance on GNU/Linux. The ToryGraph (see below) calls Stuxnet a "computer virus" even through it is uniquely a Microsoft Windows virus. Imagine the media reaction if some nation's government tried to install viruses in nuclear facilities in the US...

This is by no means defence of North Korea; it's just that the story makes is abundantly clear that, Microsoft's special relationship with the NSA aside, Windows is a target. Even Western governments target it. The NSA habitually said that it worried about attacks on its electric grid while hypocritically enough it is attacking nuclear facilities in other countries, never mind the risk of "blowback" or the "fallout" (pun intended) such aggressive actions may consequently bring. Pentagon would label this an "act of [cyber] war".

Related/contextual items from the news:



  1. NSA eggheads tried to bork Nork nukes with Stuxnet. It failed – report
    The NSA tried to wreck North Korea's nuclear weapons lab using the centrifuge-knackering malware Stuxnet, and ultimately failed, multiple intelligence sources claim.


  2. Pyongyang 1, NSA 0: U.S. Tried and Failed to Hack North Korea’s Nuclear Infrastructure
    By almost completely shutting itself off from the rest of the world, the North Korean government has denied its people and society access to the fruits of the digital communications revolution. It has also reportedly helped stymie a U.S. cyberattack on the country’s nuclear infrastructure modeled on the so-called Stuxnet virus the United States and Israel used against Iranian centrifuges.
  3. The NSA reportedly tried -- but failed -- to use a Stuxnet variant against North Korea
    Right around the time that the Stuxnet attack so famously sabotaged Iran’s nuclear program in 2009 and 2010, the U.S. National Security Agency reportedly was trying something similar against North Korea.

    The NSA-led U.S. effort used a version of the Stuxnet virus designed to be activated by Korean-language computer settings, but it ultimately failed to sabotage North Korea’s nuclear weapons program, according to a Friday Reuters report, which attributed the information to people familiar with the campaign.


  4. NSA tried Stuxnet cyber-attack on North Korea five years ago but failed
    The US tried to deploy a version of the Stuxnet computer virus to attack North Korea’s nuclear weapons programme five years ago but ultimately failed, according to people familiar with the covert campaign.
  5. Report: US tried Stuxnet variant on N. Korean nuke program, failed
  6. US tried to bring down North Korean missile programme with computer virus
  7. Report: U.S. failed to sabotage North Korean nuclear program with Stuxnet-twin
  8. Report: US cyberattack on North Korea was ineffective
  9. Why Did a US Cyber Attack on North Korea Fail?
  10. US Tried, Failed To Sabotage North Korea Nuclear Weapons Program With Stuxnet-Style Cyber Attack
  11. US Reportedly Launched Stuxnet Attack Against North Korea
  12. US Failed at Planting Stuxnet-Style Computer Bug in N. Korea Nuke Program
  13. US reportedly tried to destroy North Korea’s nuclear program with a Stuxnet-type virus


Recent Techrights' Posts

Year of GNU/Linux on the Laptop?
It's not happening only in Lenovo
What People Must Understand About the Open Source Initiative (OSI)
some facts about the Open Source Initiative (OSI)
More Copyright Lawsuits Against LLM Slop Providers and Suppliers of LLM Slopfarms Would Benefit Society
It's not just bad for the Web and for society; it's also legally dangerous
In defence of JD Vance, death of Pope Francis
Reprinted with permission from Daniel Pocock
Three Years in Prison for Disney Employee’s ‘Menu Hacking’: The Economic Fallout of Digital Menus
Reprinted with permission from Ryan Farmer
Approaching 10,000 Articles/Pages Since Going Static
Trying to silence or derail the site was always a dumb strategy
 
Receiving SLAPPs and Collecting Them Like Trophies (the SLAPPs Always Fail)
People who file lawsuits bring even more attention to themselves (or to embarrassing statements about them)
Many of the Scandals Are Interconnected (Overlapping People and Corporations)
We're only getting started
Links 26/04/2025: General Assassinated in the Town of Balashikha, US Promoting Seafloor Mining
Links for the day
Links 26/04/2025: Facebook Layoffs Again, Remembering What's Real, and Say No to Mass Surveillance
Links for the day
Links 26/04/2025: NOAA Budget Cuts and "Dog Days Ahead"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, April 25, 2025
IRC logs for Friday, April 25, 2025
Links 25/04/2025: Slop Fatigue and Patent Judges Flocking to Fake, Unconstitutional and Illegal Kangaroo Court (UPC, Captured 'Justice')
Links for the day
Gemini Links 25/04/2025: Night Manager and Devuan in Hosting
Links for the day
Windows Falls to New Lows in Nicaragua, Now Below a Quarter (It Used to be Almost 100%)
Another all-time low for Windows
Microsoft is Shedding Off Loads of Staff and That Can be Dangerous Too
Working for Microsoft is a choice; nobody forces you to do it
Richard Stallman and the Unix Philosophy
When asked about systemd people must remember that RMS speaks as an active Board member of the FSF and also the founder of the FSF
The Cost (to Linux) of LLM Slop
Slop 'artists' like Fagioli are far from harmless
Links 25/04/2025: Ubisoft Spyware, Hegseth Fails at Tech on Every Level
Links for the day
Gemini Links 25/04/2025: Food Forest Update and Facebook Destroying the Net
Links for the day
Get Rid of Back Doors, Don't Obsess Over Bounties and Other Corporate PR Stunts (or Needless Reboot Rituals)
Security as a term has mostly lost its meaning due to repeated misuse for many years
Serial Sloppers Are Killing the Web (They Probably Don't Care, Either)
Slop is a disease on the Web
Streaming Apps Are “Investor Fraud” That Kills the Planet
Reprinted with permission from Ryan Farmer
Things Get Increasingly Nasty at Microsoft Ahead of the Fake Results and May's Mass Layoffs Wave
They try to get people to 'resign' so that they won't count as layoffs and the company's 'wellbeing' will seem better
IBM's Debt Ballooned by 8.5 Billion Dollars in Just 3 Months!
Hallmark of a company in a state of disarray, trying to spend its way out of trouble
Big Trouble in GNOME
even GNOME people admit the CoC went wrong
Slopping the Trough: Disney Plus Loses Billions and the Decline of Physical Media in America
Reprinted with permission from Ryan Farmer
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, April 24, 2025
IRC logs for Thursday, April 24, 2025
Links 24/04/2025: GAFAM Problems and No Peace (or Ceasefire) in Sight
Links for the day
Slopfarms on the Web Almost Always Generate Anti-Linux FUD When They Produce "Linux" Output
Welcome to the dying Web
Richard Stallman's Oxford Talk Has Just Ended, Here Are Some Photos
he might hop over to another European country
Gemini Links 24/04/2025: Birthday and Good Work of Academia in Esotericism
Links for the day
Links 24/04/2025: EU fines Apple and Facebook, Another Microsoft GitHub Security Blunder
Links for the day
New Article Explains How the GPL Came About and WordPress Having Copyleft Obligations
Having been involved in the WordPress development community since almost the beginning, I know why it chose the GPL and how it restricts abuse by Automattic
IBM Gained Almost 6 Billion Dollars in "Goodwill" Value in Just 3 Months, According to IBM
Congrats to the management!
In Belarus, Yandex is Now Measured as 50 Times More 'Popular' (by Usage) Than Microsoft
Yandex continues to gain, whereas Bing cannot even register at 1%. Last month it was registered or measured at a measly 0.65%.
IBM Cannot Lie to Shareholders Anymore
"I would not be surprised if we see a layoff every quarter this year."
Dr Richard Stallman (RMS) Gives Talk in Oxford University in 4 Hours
If you live nearby, go there (it's free as in gratis)
Using a Law Firm's Licence to Exercise Politics Through Frivolous SLAPPs and Nastygrams (to Silence People, Remove Pages, Demand Fake or Forced 'Apologies')
Things must be getting really bad when lawyers act for raving antisemites
We're Working to Make Full-Site Search Available
This site has over 1,000 'wiki' pages, many thousands of documents, several thousands of videos, and about 50,000 blog posts or articles. We need to make them easier to find/navigate.
Links 24/04/2025: IBM Loses Many Contracts, Intel to Lay Off Over 20% (Not Counting Those Who Leave 'Voluntarily')
Links for the day
Richard Stallman Can Explain to Oxford Artificial Intelligence Society Why LLM Slop is Not Artificial Intelligence and Why It Hurts Society
another 'crop' of LLM slop that damages GNU/Linux and facts
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 23, 2025
IRC logs for Wednesday, April 23, 2025