Bonum Certa Men Certa

The Lessons of Stuxnet: Never Use Microsoft Windows

The NSA is playing with nukes

Missiles



Summary: Windows is sufficiently 'NSA-compatible' for remote compromise and physical damage (sabotage) to highly sensitive, high-risk equipment

MANY news reports from around Friday [1-13] made it abundantly clear that Stuxnet, an Israel- and US-made virus that targets Microsoft Windows, was deployed not only in Iran (which uses Windows and Microsoft Linux) but also deployed (albeit unsuccessfully) in North Korea.



It is worth noting that Stuxnet was developed not only in the US but also in Israel and much of Microsoft's software development for 'security' is also done in Israel, so it might not detect Stuxnet (by design).

"Imagine the media reaction if some nation's government tried to install viruses in nuclear facilities in the US..."News from North Korea should remind any nation with military facilities (that's about every nation on Earth) to dodge Microsoft Windows. Turkey, for instance, reportedly moved its army to GNU/Linux and several other nations make similar moves for security reasons. In order to explain North Korea's resistance to the infection some corporation media likes to highlight "near-complete isolation" (see below) rather than reliance on GNU/Linux. The ToryGraph (see below) calls Stuxnet a "computer virus" even through it is uniquely a Microsoft Windows virus. Imagine the media reaction if some nation's government tried to install viruses in nuclear facilities in the US...

This is by no means defence of North Korea; it's just that the story makes is abundantly clear that, Microsoft's special relationship with the NSA aside, Windows is a target. Even Western governments target it. The NSA habitually said that it worried about attacks on its electric grid while hypocritically enough it is attacking nuclear facilities in other countries, never mind the risk of "blowback" or the "fallout" (pun intended) such aggressive actions may consequently bring. Pentagon would label this an "act of [cyber] war".

Related/contextual items from the news:



  1. NSA eggheads tried to bork Nork nukes with Stuxnet. It failed – report
    The NSA tried to wreck North Korea's nuclear weapons lab using the centrifuge-knackering malware Stuxnet, and ultimately failed, multiple intelligence sources claim.


  2. Pyongyang 1, NSA 0: U.S. Tried and Failed to Hack North Korea’s Nuclear Infrastructure
    By almost completely shutting itself off from the rest of the world, the North Korean government has denied its people and society access to the fruits of the digital communications revolution. It has also reportedly helped stymie a U.S. cyberattack on the country’s nuclear infrastructure modeled on the so-called Stuxnet virus the United States and Israel used against Iranian centrifuges.
  3. The NSA reportedly tried -- but failed -- to use a Stuxnet variant against North Korea
    Right around the time that the Stuxnet attack so famously sabotaged Iran’s nuclear program in 2009 and 2010, the U.S. National Security Agency reportedly was trying something similar against North Korea.

    The NSA-led U.S. effort used a version of the Stuxnet virus designed to be activated by Korean-language computer settings, but it ultimately failed to sabotage North Korea’s nuclear weapons program, according to a Friday Reuters report, which attributed the information to people familiar with the campaign.


  4. NSA tried Stuxnet cyber-attack on North Korea five years ago but failed
    The US tried to deploy a version of the Stuxnet computer virus to attack North Korea’s nuclear weapons programme five years ago but ultimately failed, according to people familiar with the covert campaign.
  5. Report: US tried Stuxnet variant on N. Korean nuke program, failed
  6. US tried to bring down North Korean missile programme with computer virus
  7. Report: U.S. failed to sabotage North Korean nuclear program with Stuxnet-twin
  8. Report: US cyberattack on North Korea was ineffective
  9. Why Did a US Cyber Attack on North Korea Fail?
  10. US Tried, Failed To Sabotage North Korea Nuclear Weapons Program With Stuxnet-Style Cyber Attack
  11. US Reportedly Launched Stuxnet Attack Against North Korea
  12. US Failed at Planting Stuxnet-Style Computer Bug in N. Korea Nuke Program
  13. US reportedly tried to destroy North Korea’s nuclear program with a Stuxnet-type virus


Recent Techrights' Posts

Microsoft said “GitHub and its leadership team will continue its mission as part of Microsoft’s CoreAI organisation.” But it's just an empty shell created earlier this year.
In short, it's not too clear what Microsoft has just done except dumping GitHub - i.e. mostly a Web site that loses a ton of money (it always lost money) - into some mysterious new bucket
IBM Layoffs in MCC, or Marketing, Communications and Corporate Social Responsibility (CSR)
IBM and Microsoft inflate their share price by circular financing
The Register MS gets Lazy, Uses Slop
Unlike 3-D renderings or "Classic" CG, slop images aren't quite original and definitely not fair use
Overly Maximalist, Expensive, Localised Patent Law is Dooming Western Companies, Argue 3-D Printing Champions
We've long warned (over 7 years already!) that China's approach to patents will impress WIPO by gaming the totals but will doom the West
Microsoft's Windows in Gabon: Still Moving Down
What is this Unknown? Who knows...
 
Links 19/08/2025: "NASA Is Giving Up on Climate Change Science" and "Earth's Continents Are Drying Out at an Unprecedented Rate"
Links for the day
Phil Wyett evidence & Debian Zizian plagiarism, modern slavery tendencies
Reprinted with permission from Daniel Pocock
In Many Countries People Move Away From Vista 11
Vista 11 has been available for download for 4 years already, but adoption has been poor
Desktops/Laptops Fall to All-Time Lows in the UK, So Why Does British Media Quote a Famous Criminal on "End of the Smartphone Era"?
mobile usage (for Web access) has never been higher, based on an Irish surveyor, statCounter
The Groklaw Web Site Has Been Hijacked by Scammers
Groklaw.net isn't a safe site to access at this time
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, August 18, 2025
IRC logs for Monday, August 18, 2025
Online Safety Act Does Not Tackle the Worst (and Biggest) Culprits
if our governments are serious about tackling online harms, then they need to look closely at GAFAM and social control media giants
Chat Control (1 and 2) in the European Union Sends the Wrong Message
This is an EU law
Slopwatch: Google News and Serial Sloppers (Fake Articles About "Linux")
Calling out the culprits
Gemini Links 19/08/2025: Digital Legacy and Chat Control
Links for the day
English Law Misused by Americans and Irishmen Against Brits is Unfair
There's always a way to improve existing laws
Links 18/08/2025: "Microsoft Store" Gets Increasingly Hostile, "Cracking Abandonware DRM"
Links for the day
Gemini Links 18/08/2025: Summer "Gone" and Web Reposts in Gemini
Links for the day
Links 18/08/2025: LLM Reputation Damaged, Australia Catches Google Foul Play
Links for the day
Geeks Like GNU/Linux
The technical community seems to be consolidating and rallying around GNU/Linux
GNU/Linux is 486 in Ireland
4.86% that is
End of Reliable Media
it makes the world a worse place, it renders the Web a misinformation machine
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, August 17, 2025
IRC logs for Sunday, August 17, 2025
GitHub Won't Last Much Longer
Many things at Microsoft are going to go the way of the Skype (or "dodo"). GitHub will be among those.
We've Never Used Large Language Model (LLM)
we just never used an LLM
"Secure Boot" is a Security Problem, Not a Solution
These people don't try to improve security but to undermine security
Gemini Links 18/08/2025: Retro and Endless Escape from the WWW
Links for the day
Working Whilst Away From Home
Decades ago being away meant all sorts of problems associated with workflows and connectivity
The Next Version of Windows Will Always be the Best (for Microsoft)
It's worse and slower over time
"End of the Smartphone Era" According to Jeffrey Epstein's Key Enabler
They call it "sour grapes"
Links 17/08/2025: Strike Downs Air Canada, Postmortems of Putin's Red Carpet Summit
Links for the day
Links 17/08/2025: Slow Tools and Enshittification of YouTube
Links for the day
Don't Talk to Bullies
This serious matter is still being examined by British authorities
Links 17/08/2025: "The Performance of Power" and "My Undesirable Friends"
Links for the day
Growing Our Reach
Our goal was never "hits"
The Russian Vision of Technology
Russia's surveillance is very extensive
Sooner or Later Almost Everyone Will Know "AI" is Just a Go-To, Misused, Misapplied, and Grossly Overused Term of Liars and Con Jobs Who Ride a Ponzi Scheme
At the expense of people gullible enough to "invest" in this or take salaries/bonuses in the form of "stock" (tied to a Ponzi scheme)
The Register MS Has Begun Using Slop Images
It's not clear when it started; but it's definitely getting worse [...] Worst of all are 'articles' about slop that are themselves slop
Reddit Funded by Microsoft
Reddit is merely a filter and we knows who controls that filter (using money)
When It Comes to Technology, Mozilla and Firefox Are Illiberal
Last month in Planet Debian we saw one more person explaining to everyone how to "turn off" DRM in Firefox and hide the pop-up/s
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, August 16, 2025
IRC logs for Saturday, August 16, 2025
The Open Source Initiative Has Many Scandals, We'll Try to Summarise Them All
Open Source Initiative (OSI) hates facts
Open Source Initiative (OSI), Wikipedia, Molly De Blanc, and Censorship/Reputation Laundering
OSI is like SPLC. The old name remains, the mission changed
Gemini Links 17/08/2025: Misunderstanding "Geminiverse" and Let's Encrypt
Links for the day
Links 17/08/2025: Breaches, Layoffs, and Scams
Links for the day