Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security News

Stuxnet Authors Made Key Errors 228

Posted by CmdrTaco from the sorry-about-that dept.
Trailrunner7 writes "There is a growing sentiment among security researchers that the programmers behind the Stuxnet attack may not have been the super-elite cadre of developers that they've been mythologized to be in the media. In fact, some experts say that Stuxnet could well have been far more effective and difficult to detect had the attackers not made a few elementary mistakes."
This discussion has been archived. No new comments can be posted.

Stuxnet Authors Made Key Errors More

Stuxnet Authors Made Key Errors

Comments Filter:

  • Does anyone here think they could do all of that? (Score:3, Insightful)

    by PatPending ( 953482 ) on Tuesday January 18, 2011 @07:49PM (#34922094)

    "There are a lot of skills needed to write Stuxnet," he said. "Whoever did this needed to know WinCC programming, Step 7, they needed platform process knowledge, the ability to reverse engineer a number of file formats, kernel rootkit development and exploit development. That's a broad set of skills. Does anyone here think they could do all of that?"

    May I have a show of /. hands, please?

  • Criticism is easy (Score:5, Insightful)

    by mewsenews ( 251487 ) on Tuesday January 18, 2011 @07:51PM (#34922110) Homepage
    It's pretty safe to assume at this point that Stuxnet was developed as an Israel/USA military collaboration. Spokespeople from both countries smirk before saying "no comment" when asked about it. That being said, hackers have huge egos. The types of hackers that present at security conferences even more so. It's tremendously easy for them to pick apart the worm several months after it was discovered and say "oh ho ho, it doesn't encrypt it's command and control communications!!" like they're smarter than the people that built it.

  • If the NY Times had just revealed it was Chinese.. (Score:3, Insightful)

    by matty619 ( 630957 ) on Tuesday January 18, 2011 @07:57PM (#34922152)

    I'm guessing had it come out that it was of Chinese origin, we'd be inundated with articles about how the Chinese are so much smarter than everyone else because the code is just so darned perfect, only the scary Red Chinese could have pulled it off....and America's days are numbered....duck and cover.

    But when it's the US/Israel? Meh...it's not that good.

  • The lack of elementary mistakes? (Score:2, Insightful)

    by AHuxley ( 892839 ) on Tuesday January 18, 2011 @08:20PM (#34922364) Journal
    Points to things been too good?
    The Unabomber manifesto, the use of certain people and devices can point back to/expose groups eg http://en.wikipedia.org/wiki/Gladio_in_Italy [wikipedia.org]
    The early use of a 'new' plastic explosive, a DNA sequence http://www.newscientist.com/article/dn2265-anthrax-attack-bug-identical-to-army-strain.html [newscientist.com] can all be tested. Could the code in a more perfect, more pure, quality form (as found in the wild) ever really point back to teaching methods or something geographical?
    If its still highly effective on some levels, its fine, anything better could the residue of a state actor start to glow?

  • As always... (Score:2, Insightful)

    by Anonymous Coward on Tuesday January 18, 2011 @08:21PM (#34922374)

    It's much easier to highlight someone else's mistakes than create something that would stand up to the same scrutiny yourself.

  • Re:Does anyone here think they could do all of tha (Score:5, Insightful)

    by nonguru ( 1777998 ) on Tuesday January 18, 2011 @08:23PM (#34922388)
    The comments within the article were more informative than the article itself. A number of commentators pointed out the context in which the Stuxnet developers were working and presumed tradeoffs in complexity behind covering their tracks versus achieving their objective. (Which by most accounts appears to have been successful at covering their tracks long enough to permanently damage the uranium centrifuges. Sounds like a solid achievement to me and not whatif conjecture on how good it could have been.) As usual the self-appointed /. experts assume that their "hive" hindsight knowledge could conquer the day. More likely you'd just flame one another over irrelevant technical details, and boast whose toolkit was bigger and more colourful.

  • Re:Yeah, sure... (Score:4, Insightful)

    by jmorris42 ( 1458 ) * <jmorris@bea u . o rg> on Tuesday January 18, 2011 @08:29PM (#34922430)

    > If the US had a less hostile foreign policy....

    Bull. International relations ain't kindergarten. Our opponents have goals that are incompatible with ours, thus we are called opponents. Russia dreams of empire lost. China dreams of empire to come. Iran dreams of dominating the Middle East and restoring the glory of Persia as an atomic power. Meanwhile madmen in North Korea and Venezuela dream their mad dreams of power and glory. We have valid reasons to be working to thwart, slow and otherwise hinder those plans.

    So tell me mr enlightened one, which one of those country's plans should we either get out of the way of or encourage. Or more bluntly, which of our allies should we throw under the bus to appease them. All of Eastern Europe? NATO? Taiwan? Israel? South Korea and Japan?

    Meanwhile India and Brazil also are taking a larger place on the world's stage and we don't really mind. Hell, if you ask me carrying the 'White Man's Burden' is getting to not be worth it and we could use some other halfway sane players to step up and take an active role putting out diplomatic fires and cleaning up after natural disasters.

  • Re:true (Score:5, Insightful)

    by zach_the_lizard ( 1317619 ) on Tuesday January 18, 2011 @08:41PM (#34922530)
    It might have something to do with assassinating the former democratic leader of Iran and installing an autocrat in his place, in addition to American belligerence in the area. See Mohammad Mosaddegh and the wars in Iraq and Afghanistan. If I were the Iranians, I would want nuclear weapons, too.

  • Re:Criticism is easy (Score:5, Insightful)

    by timeOday ( 582209 ) on Tuesday January 18, 2011 @08:44PM (#34922572)
    What I fail to see in the article is how the virus would have been any more effective had they used the entire bag of tricks. You use what you must, and save the rest for next time.

  • Re:Obvious really (Score:5, Insightful)

    by zach_the_lizard ( 1317619 ) on Tuesday January 18, 2011 @08:50PM (#34922620)
    Right, because all of those who think the US or Israel was behind it have to be raving lunatic conspiracy theorists and anti-Semites. Whether they did it or not, the US and Israel certainly have the motive, and the Israelis have been speaking openly about military action. It is not merely the NYT who suspects the Israelis and Americans; officials from both countries have had smirks when asked about Stuxnet, which has fueled speculation. I'm undecided, but one doesn't have to be mad to list the US and Israel as possible suspects.

  • Re:Yeah, sure... (Score:5, Insightful)

    by DeadCatX2 ( 950953 ) on Tuesday January 18, 2011 @09:45PM (#34923144) Journal

    You're right, international relations isn't kindergarten. Of course, it doesn't help that the US has a long history of being the school bully.

    Iran Contra sound familiar?

    Even further back...the Shah of Iran?

    The mujahideen of Afghanistan?

    Selling Saddam the chemical weapons that we had him hanged for using?

    The list goes on, but somehow I doubt that any revelation about the crazy fucked up shit we did to other nations will do anything to change your mind.

  • Re:conspiracy 101 (Score:5, Insightful)

    by rm999 ( 775449 ) on Tuesday January 18, 2011 @09:49PM (#34923166)

    Yes, Israel WANTS the world to know what happened, and they want the world to know they were involved. This is why Mossad has been gleefully and publicly showing off that Iran's nuclear weapon development has been pushed back years.

    It is odd that a mission that was 100% successful (something even Iran won't deny) is being criticized for not being good enough. Maybe some researchers just wanted their names in the newspaper?

  • Re:Yeah, sure... (Score:5, Insightful)

    by Jah-Wren Ryel ( 80510 ) on Tuesday January 18, 2011 @11:25PM (#34923674)

    There are no pure good or pure evil actors or actions.

    However there is lots and lots of hypocrisy and we've built up a big steaming pile of it since WWII.

  • I think it also useful to point out that

    1. In this kind of one-shot job, the code does not have to be good. It only has to be good enough. It would seem that stuxnet was good enough.
    2. There is a certain elegance in not getting any fancier than what will do the job. If the writers of stuxnet had followed the ancient advice of "know your enemy", which apparently they did, they would have known what level of obfuscation was needed, and may have purposefully chosen to code stuxnet to that level.

    It will be interesting to see what other malware is found in Iran. For it seems very unlikely that stuxnet was the only arrow in the quiver. It seems much more likely that it is just the first of several products to be discovered.

Slashdot Top Deals

interlard - vt., to intersperse; diversify -- Webster's New World Dictionary Of The American Language

Close