Atomic Bob's Stock Forum - The Golden Thread

Forum Home |

Signup |

My Page

Rules |

FAQ |

Boards |

Members |

« POPE Home | Email msg. | Reply to msg. | Post new | Board info.

Previous | Home | Next

Re: Duh?

By: Decomposed in POPE | Recommend this post (1)
Tue, 12 Jun 12 9:02 PM | 77 view(s)
Boardmark this board | (The) Pope's for real stock market report

Msg. 60798 of 65535
(This msg. is a reply to 60779 by DGpeddler)
Jump:

re: "Windows DID it."

I'm not sure what you mean by that, DGpeddler, but it sounds like you ascribe the blame to Microsoft.

Stuxnet incorporated not one, but three, zero-day vulnerabilities. That is, it took advantage of three system flaws that no one in the world had previously known. Obviously, there were no patches or antivirus signatures to guard against them. They were unknown, even to the manufacturers/developers of the products. And although Stuxnet ran on Windows, the vulnerabilities it exploited were not all Microsoft's.

When a company markets software internationally, most countries require the company to provide the code prior to granting it permission to sell the product. The governments then go about analyzing the code, looking for anything that might be a concern, but also identifying vulnerabilities which they typically keep to themselves.

Such zero-day vulnerabilities are rare gems. Stuxnet had three.

Rogue hackers could never have implemented it. They don't have access to the product code. From that alone, it is clear that Stuxnet was the work of one or more nations, not individuals, confederations or companies.

Whoever designed Stuxnet had an OUTSTANDING understanding of the Bushehr nuclear power plant, its layout, its construction, its security, its people, and the automated systems within. They built the first product to ever attack programmable logic controllers, the Siemens mechanisms that regulate industrial hardware, ensuring that the hardware operates within specified boundaries.

It's said that the attackers had to have understood the Iranian facility better than the Iranians themselves - which is actually possible since the facility was built with extensive foreign assistance, and stocked with foreign technology.

Finally, whoever was behind Stuxnet compromised Verisign digital certficates for TWO high tech companies far removed from Iran. No hacker could have pulled that off. In fact, the compromises almost had to have involved breakins at Verisign itself, altering Verisign's records so that the certificates would give Bushehr the 'thumbs up' to communicate with the Command and Control servers from which Stuxnet received guidance and delivered findings.

Could one company (Microsoft) have been behind such an attack? Not a chance. Stuxnet went far beyond the resources available to Microsoft. It is not even likely that Israel or the United States could have been behind it. Not by themselves. Stuxnet was probably a coordinated effort by several determined governments.

Gold is $1,581/oz today. When it hits $2,000, it will be up 26.5%. Let's see how long that takes. - De 3/11/2013 - ANSWER: 7 Years, 5 Months

- - - - -
View Replies (1) »

» You can also:

Ignore/Hide this poster on all boards (Requires login)
Membermark this member (Requires login)
Email this message to a friend

- - - - -
The above is a reply to the following message:

Re: Duh?
By: DGpeddler in POPE
Tue, 12 Jun 12 6:47 PM

Msg. 60779 of 65535

Windows DID it.

"The Windows flaw was unknown before Stuxnet's discovery in 2010, according to Roel Schouwenberg, one of the Kaspersky Lab researchers who helped discover the Flame virus.

Kaspersky Lab researchers did not find the Flame components in more advanced versions of Stuxnet, added Schouwenberg.

"Flame was used as some sort of a kick-starter to get the Stuxnet project going," Schouwenberg theorized. "As soon as the Stuxnet team had their code ready, they went their way."

He suspected the creators of Stuxnet removed the borrowed components from later versions so the Flame program would not be compromised if the attack on the Iranian nuclear program was discovered.

Stuxnet was discovered in 2010 and has been closely scrutinized by the world's smartest cyber sleuths. Yet Flame remained hidden until last month, when a United Nations agency asked Kaspersky Lab to look for a virus that Iran said had sabotaged its computers, deleting valuable data.

When Kaspersky's team started looking for suspicious files in the Middle East, they found Flame.

Eugene Kaspersky said at the Reuters Summit his firm recently agreed to advise on geopolitical Internet security issues more broadly for the U.N.'s International Telecommunication Union. Russia and others want the group to take a more active role in Internet governance.

Schouwenberg said he suspected Flame may be capable of deleting data and attacking industrial control systems that run plants like the uranium enrichment facility at Natanz, but he has yet to find the evidence.

Kaspersky Lab researchers are still trying to understand the function of more than 100 mysterious files built into the Flame samples that they have discovered, he said."

http://www.reuters.com/article/2012/06/12/us-media-tech-summit-flame-idUSBRE85A0TN20120612

« POPE Home | Email msg. | Reply to msg. | Post new | Board info.

Previous | Home | Next

Disclaimer:

DON'T BELIEVE A DAMN WORD YOU READ ON THIS WEBSITE!

The reader is responsible for discerning the validity, factuality or implications of information posted here, be it fictional or based on real events. Moderators on this forum make every effort to review the material posted on this site however, it is not realistically possible for a one man team to manually review each and every one of the posts atomicbobs.com gets on a daily basis.

The content of posts on this site, including but not limited to links to other web sites, are the expressed opinion of the original poster and are in no way representative of or endorsed by the owners or administration of this website. The posts on this website are the opinion of the specific author and are not statements of advice, opinion, or factual information on behalf of the owner or administration of Atomicbob’s. This site may contain adult language, if you feel you might be offended by such content, you should log off immediately.

Not all posts on this website are intended as truthful or factual assertion by their authors. Some users of this website are participating in internet role playing, with or without the use of an avatar. NO post on this website should be considered factual information on face value alone. Users are encouraged to

USE DISCERNMENT

and do their own follow up research while reading and posting on this website. Atomicbobs.com reserves the right to make changes to, corrections and/or remove entirely at any time posts made on this website without notice. In addition, Atomicbobs.com disclaims any and all liability for damages incurred directly or indirectly as a result of a post on this website.

This website implements certain security features in order to prevent spam and posting abuse. By making a post on this website you consent to any automated security checks required by our system to authenticate your IP address as belonging to an actual human. It is forbidden to make posts on this website from open proxy servers. By making a post on this website you consent to an automated one time limited port scan of your IP address which is required by our security system to validate the authenticity of your internet connection.

This site is provided "as is" without warranty of any kind, either expressed or implied. You should not assume that this site is error-free or that it will be suitable for the particular purpose which you have in mind when using it. In no event shall Atomicbobs.com be liable for any special, incidental, indirect or consequential damages of any kind, or any damages whatsoever, including, without limitation, those resulting from loss of use, data or profits, whether or not advised of the possibility of damage, and on any theory of liability, arising out of or in connection with the use or performance of this site or other documents which are referenced by or linked to this site.

Some events depicted in certain posting and threads on this website may be fictitious and any similarity to any person living or dead is merely coincidental. Some other articles may be based on actual events but which in certain cases incidents, characters and timelines have been changed for dramatic purposes. Certain characters may be composites, or entirely fictitious.

We do not discriminate against the mentally ill!

Fair Use Notice:

This site may contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. Users may make such material available in an effort to advance awareness and understanding of issues relating to civil rights, economics, individual rights, international affairs, liberty, science & technology, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law.

At some point freedom of speech and copyright law merge. The following interpretation of "Fair Use" and subsequent posting policy were developed with the assistance of qualified legal council however, we are not lawyers and cannot offer you legal advise as to the limits of "Fair Use"

In accordance with industry accepted best practices we ask that users limit their copy / paste of copyrighted material to the relevant portions of the article you wish to discuss and no more than 50% of the source material, provide a link back to the original article and provide your original comments / criticism in your post with the article.

Though legally each situation is evaluated independently according to guidelines that were intentionally left open to interpretation, we believe generally this policy represents "Fair Use" of any such copyrighted material for the purposes of education and discussion.

You are responsible for what you "publish" on the internet. You must be sure any copyrighted material you choose to post for discussion on this forum falls within the limits of "Fair Use" as defined by the law.

For more information please visit:

The Electronic Frontier Foundation website

If you are a legal copyright holder or a designated agent for such and you believe a post on this website falls outside the boundaries of "Fair Use" and legitimately infringes on yours or your clients copyright

we may be contacted concerning copyright matters at:

Atomic Bob’s
RT 2 Box 257-20
Nowata, OK 74048
Phone: 918-273-8276
E-Mail: abgtbob -at- gmail.com

If you require a courier address please send a fax or email and we will provide you with the required information.

For expedited human review & removal of potential copyright violations we encourage users & copyright holders to utilize the "Report Copyright Violation" button that accompanies each post published on this website.

In accordance with section 512 of the U.S. Copyright Act our contact information has been registered with the United States Copyright Office. "Safe Harbor" noticing procedures as outlined in the DMCA apply to this website concerning all 3rd party posts published herein.

If notice is given of an alleged copyright violation we will act expeditiously to remove or disable access to the material(s) in question. It is our strict policy to disable access to accounts of repeat copyright violators. We will also ban the IP address of repeat offenders from future posting on this website with or without a registered account.

All 3rd party material posted on this website is copyright the respective owners / authors. Atomicbobs.com makes no claim of copyright on such material.

Please be aware any communications sent complaining about a post on this website may be posted publicly at the discretion of the administration.

---

DON'T BREAK THE LAW!

---

Other than that you can do / say whatever you want on this forum.

We reserve the right to block access to this website by any individual or organization at any time for any reason whatsoever or no reason at all.

This Disclaimer is subject to change at anytime.