09.24.10

Who Needs Windows Back Doors When It’s So Insecure?

Posted in Asia, Microsoft, Security, Windows at 3:11 pm by Dr. Roy Schestowitz

Mohammad Mosaddeq

Summary: Stuxnet is allegedly part of a plan to infect computer systems in Iran for political reasons, according to an increasing body of evidence

SO, it’s starting to look like Stuxnet [1, 2, 3, 4, 5, 6, 7, 8, 9, 10] was part of a plot to derail Iran’s nuclear programme [1, 2]. Stuxnet makes use of zero-day Windows vulnerabilities rather than back doors. Will governments finally realise that foreign governments can use Windows against them? Software freedom is essential to one’s autonomy.

The debate about Stuxnet and Iran is only starting. So far we’ve come across the following reports (there are many more):

i. Advanced Computer Worm Was Specifically Designed to Attack Iranian Nuclear Reactor, Experts Say

The sophisticated computer worm called Stuxnet, which has been targeting industrial operations around the world, was likely designed to take out Iran’s new Bushehr nuclear reactor, cybersecurity experts say. It’s the first known cyber-super-weapon designed to destroy a real-world target, reports the Christian Science Monitor.

Researchers studying the worm say it was built by an advanced attacker with plentiful resources — possibly a nation-state. Initially, experts thought it was designed for industrial espionage, but upon examining its code, they now think it was built for sabotage.

ii. Synchronize Your OpenOffice Documents With Google Docs, Zoho And WebDAV Servers Using Ooo2gd

iii. Microsoft confirms it missed Stuxnet print spooler ‘zero-day’

Contrary to reports, a bug that Microsoft patched last week had been publicly discussed a year and a half ago, security researchers said this week.

Microsoft confirmed Wednesday that it overlooked the vulnerability when it was revealed last year.

The vulnerability in Windows Print Spooler service was one of four exploited by Stuxnet, a worm that some have suggested was crafted to sabotage an Iranian nuclear reactor.

iv. Stuxnet virus may be aimed at Iran nuclear reactor

A highly sophisticated computer worm that has spread through Iran, Indonesia and India was built to destroy operations at one target: possibly Iran’s Bushehr nuclear reactor.

That’s the emerging consensus of security experts who have examined the Stuxnet worm. In recent weeks, they’ve broken the cryptographic code behind the software and taken a look at how the worm operates in test environments. Researchers studying the worm all agree that Stuxnet was built by a very sophisticated and capable attacker, possibly a nation state, and it was designed to destroy something big.

[...]

One of the things that Langner discovered is that when Stuxnet finally identifies its target, it makes changes to a piece of Siemens code called Organisational Block 35. This Siemens component monitors critical factory operations, things that need a response within 100 milliseconds. By messing with Operational Block 35, Stuxnet could easily cause a refinery’s centrifuge to malfunction, but it could be used to hit other targets too, Byres said. “The only thing I can say is that it is something designed to go bang,” he said.

Whoever created Stuxnet developed four previously unknown zero-day attacks and a peer-to-peer communications system, compromised digital certificates belonging to Realtek Semiconductor and JMicron Technology, and displayed extensive knowledge of industrial systems. This is not something that your run-of-the-mill hacker can pull off. Many security researchers think that it would take the resources of a nation state to accomplish.

[...]

Now that the Stuxnet attack is public, the industrial control systems industry has come of age in an uncomfortable way. And clearly it will have more things to worry about. “The problem is not Stuxnet. Stuxnet is history,” said Langner. “The problem is the next generation of malware that will follow.”

Any politically-motived Windows worm shows that technology and politics cannot be separated and they come at a high cost to the public (a side effect). Some people point fingers at Israeli hackers.

Malware believed to be targeting Iran’s Bushehr nuclear power plant may have been created by Israeli hackers

[...]

However Graham Cluley, senior consultant with the online security company Sophos, warned against jumping to conclusions about the target of the attack, saying “sensationalist” headlines were “a worry”. Clulely is wary of reports linking Stuxnet with Israel: “It’s very hard to prove 100% who created a piece of malware, unless you are able to gather evidence from the computer they created it on – or if someone admits it, of course.”

But he said that its characteristics did not suggest a lone group. “I think we need to be careful about pointing fingers without proof, and I think it’s more appropriate – if true – to call this a state-sponsored cyber attack rather than cyber terrorism.”

Stuxnet works by exploiting previously unknown security holes in Microsoft’s Windows operating system. It then seeks out a component called Simatic WinCC, manufactured by Siemens, which controls critical factory operations. The malware even uses a stolen cryptographic key belonging to the Taiwanese semiconductor manufacturer RealTek to validate itself in high-security factory systems.

Should the whole world be flooded with Windows worms just because of political altercations of few nations? Should a better operating system like GNU/Linux be used to mitigate international threats. When does the cyber threat become greater than nuclear threats in an age when everything from food production to energy extraction [1, 2] and travel depends on connected computers? Without energy and transportation, food cannot be grown, cultivated, and delivered; that is where the most fundamental needs can or cannot be met, especially at times of natural disaster or war, so leaving one’s critical systems (that’s almost any system) under Microsoft’s reign is a strategic blunder. Proprietary software is subjected to the sovereignty of its sole maker.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2010/09/24/stuxnet-iran-theory/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Hardly Shocking and Not At All Surprising That Thugs Who Run the EPO Hired External Thugs to Help Them Oppress Aggrieved Staff

    With the EPO's management flooding the bank accounts of aggressive law firms (at our expense) we need to ask serious questions about how such a "Mafia" (what EPO staff calls the management) managed to metastasise inside Europe's second-largest institution and how to remove this "Mafia" as soon as possible (some arrests too are well overdue)



  2. [Meme] There Are No Elections in Mafia-Type Regimes; It's About Family and Friends...

    With no real concept or notion of "elections" (the so-called 'mafia' members choose their successors and colleagues) the EPO's patent examiners clearly need outside intervention, e.g. inquest by the EU authorities (the EPC died and maybe the EPO too; it's unregulated and it grants false patents that harm Europe because the courts don't function, either)



  3. Today's Linux Standing for the Opposite of What Linux Users Stand for

    The so-called 'Linux' Foundation or the "Corporate Linux Foundation" is alienating many of the original users of GNU/Linux and it still insults their intelligence; it's rewriting history, it still distorts the objectives, and before we know Linux will perish and lose momentum because all the excitement associated with the brand will fizzle away



  4. Links 14/6/2021: Kdenlive 21.04.2 and Raspberry Pi 400 Support in Linux

    Links for the day



  5. [Meme] EPO 'Lawfulness' as Crude Budget Wars

    A war of attrition against EPO staff won’t ensure justice is done; it’ll only increase the number of casualties and accomplish nothing good



  6. A Parade of 'Yes Men': EPO's Budget and Finance Committee as Rubber-stamper of the Dictatorship That Pays the Salary

    The lack of oversight at the EPO has long been apparent and it is becoming ever more problematic now that huge sums of money are passed by the EPO's management to law firms whose sole role is to fight against aggrieved EPO staff



  7. Links 14/6/2021: Linux 5.13 RC6, Psychonauts 2 for GNU/Linux

    Links for the day



  8. Conveniently Conflating Vaccination With the Surveillance Business of IBM/Linux Foundation

    The way some media handles COVID-19 can be described as self-serving, especially Microsoft-connected sites looking to make “Linux” sound bad (or like property of Microsoft); the video above discusses this past weekend’s media coverage about “Linux”



  9. [Meme] Microsoft Stooping Down Low in Search of Vapourware With a Superficial Version Bump

    Instead of trying to actually fix its broken (and self-breaking) operating system Microsoft has decided to sell mythology and false promises, as usual



  10. [Meme] Illegal Location, Illegal Methods (Haar ViCo)

    EPC denial is more lethal than anything which the the EPO says may merit 'urgency' (as if having discussions about patents will save lives)



  11. The 'Fixer' of António Campinos Taints G1/21 (ViCo Hearing)

    The meeting which is set to resume at the start of next month includes the 'Fixer' of António Campinos; what sense of impartiality might one expect?



  12. IRC Proceedings: Sunday, June 13, 2021

    IRC logs for Sunday, June 13, 2021



  13. Virtual Injustice -- Part 6: Best Buddies With António

    Benoît Battistelli, António Campinos, and the Hungarian link of the EPO



  14. Classic: Old EPO Strike

    2008 EPO video, predating the Benoît Battistelli EPO regime



  15. Links 13/6/2021: Linux 5.14 Work, Lots of Patent News

    Links for the day



  16. Update on Gemini, IPFS, and IRC

    "The video which was supposed to be a few minutes long ended up taking a lot longer, but it does cover a broad range of topics that are relevant and very recent (based on recent developments)."



  17. IRC Proceedings: Saturday, June 12, 2021

    IRC logs for Saturday, June 12, 2021



  18. Virtual Injustice -- Part 5: Benoît's “Friends” in Budapest

    "Battistelli went to considerable lengths to secure the support of the Hungarian delegation."



  19. Links 13/6/2021: KDE Frameworks 5.83.0 and helloSystem 0.5

    Links for the day



  20. The Story of Techrights, in Banners...

    A look back at site banners from 2006-2021; they help illuminate or show our changing focus over the years



  21. With KDE Plasma 5.22 Having Just Been Released It's Time to Give KDE a Try (or Move to GNU/Linux, Leveraging the Best Features of Any Operating System Out There)

    A quick recommendation of KDE based on a reasonably recent (but not latest) build; there's this myth about KDE being difficult and flaky, but for a number of decades it has been the most advanced desktop (on any operating system) and its developers managed to hide the complexity while offering users all the power they may want/need



  22. Open Letter to the FSF About Taking Control of the FSF's (and GNU's) IRC Channels

    The FSF should have seized the opportunity, in light of self-harming IRC infighting (instability and unpredictability), to create its own IRC network and then help this new (or "GNU") network flourish



  23. EU Already Captured by -- and Lying for -- Corrupt EPO Officials, Team UPC, and Lobbyists of Multinational Corporations

    12 pages of lies; is the European Parliament reduced to a mere marionette of corrupt officials who run the EPO into the ground?



  24. [Meme] Virtual Code of Conduct (ViCoC)

    Cheapening of basic concepts and principles like "right to be heard" or "access to justice" is an international trend; we need to push back in the direction of justice, not fake 'innovation' or 'tech' (where it clearly does not belong)



  25. IRC Proceedings: Friday, June 11, 2021

    IRC logs for Friday, June 11, 2021



  26. Virtual Injustice -- Part 4: Mihály Ficsor, the EPO's Hungarian “Fixer”

    One key operative of António Campinos, who is fiercely in favour of software patents, has quite a colourful past and background



  27. Conversation With Richard Stallman in Brazil, May 31st 2021

    At the end of last month Richard Stallman had a 2-hour (and beyond, considering some of the afterthoughts) conversation, which is now available online



  28. Links 11/6/2021: Nginx Rising and SteamPal Rumours

    Links for the day



  29. New Introduction at Gemini

    As part of ongoing improvements to our capsule we have a new introductory text, reproduced below



  30. Links 11/6/2021: A Torvalds COVID Rant and RISC-V Risk of Takeover

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts