First Stuxnet, now Flame
Discussion
Marf said:
I thought it had already been admitted to be a joint effort between US & Israeli called Olympic Games. Then lost it.http://nakedsecurity.sophos.com/2012/06/01/stuxnet...
elster said:
Marf said:
I thought it had already been admitted to be a joint effort between US & Israeli called Olympic Games. Then lost it.http://nakedsecurity.sophos.com/2012/06/01/stuxnet...
Personally I'm of the opinion that they are the product of western/israeli intelligence agencies and that we are going to see more and more of this kind of thing popping up. Though you'd think that the last thing they'd want is for their projects to spread outside their original scope and get caught in the open as it were. But then I guess so long as the intended targets keep providing anti-virus companies with things to investigate these viruses will keep popping up in the media.
I wonder how the anti-virus companies really view this type of stuff, i.e. are they ever worried that there'll be repercussions to investigating and even providing remedies and security against this kind of state sponsored malware?
Marf said:
Cryptography was his area according to Wikispooks.
I guess anything's possible, but without any pointers I think it's a bit if a stretch to suggest he had knowledge of these viruses and that was the reason he was offed.
Cryptography and a secondment from GCHQ to SIS would make him likely to be the prime candidate to know the most about them out of anyone in the UK I'd have thought.I guess anything's possible, but without any pointers I think it's a bit if a stretch to suggest he had knowledge of these viruses and that was the reason he was offed.
Whether or not you believe he might have been killed because of something to do with his work depends on whether or not you believe that the Israelis and Iranians have been going around bumping people off because of what they know about the Iranian nuclear project and efforts to thwart it.
I'm not saying it's open-and-shut by any means but it's maybe not quite as unlikely as you suggest.
Funk said:
I wonder whether such individuals would be 'used' for plausible deniability. Someone like him would have the resources to develop something...
I think not. These have both been judged to be nation-state efforts by people who know about viruses and would be ultra secret in-house projects.Marf said:
McHaggis said:
hairykrishna said:
It's the virus that could have (did?) buggered up centrifuges used for uranium enrichment in Iran. Possibly Israeli/Mossad but nobody really knows. Nothing to do with Fukishima...
On the contrary. Many people will know. They just aren't taking about it. But the scale of stuxnet and flame need nation state backing.
http://arstechnica.com/security/2012/06/flame-cryp...
"The Flame espionage malware that infected computers in Iran achieved mathematic breakthroughs that could only have been accomplished by world-class cryptographers, two of the world's foremost cryptography experts said."
The crypto in Flame and the coding in both suggest that they were built by a group of sophisticated, smart and experienced programmers who know the maths of cryptography very well. To me this doesn't mean that a nation state was required. It's not like massive sums of money and resources were needed and the computer security field has a proud history of small 'amateur' groups doing the best work. That said, some kind of US or Israeli backed effort does still seem the most likely.
hairykrishna said:
To a certain extent it's in the anti virus companies best interests to say that such sophisticated viruses, which stumped them for a good while, could only be made with the resources of a nation state black ops project. It lets them off the hook a bit.
The crypto in Flame and the coding in both suggest that they were built by a group of sophisticated, smart and experienced programmers who know the maths of cryptography very well. To me this doesn't mean that a nation state was required. It's not like massive sums of money and resources were needed and the computer security field has a proud history of small 'amateur' groups doing the best work. That said, some kind of US or Israeli backed effort does still seem the most likely.
Its certainly possible that smart non-state people, like anonymous, have the expertise to write the code. The crypto in Flame and the coding in both suggest that they were built by a group of sophisticated, smart and experienced programmers who know the maths of cryptography very well. To me this doesn't mean that a nation state was required. It's not like massive sums of money and resources were needed and the computer security field has a proud history of small 'amateur' groups doing the best work. That said, some kind of US or Israeli backed effort does still seem the most likely.
But follow the money. Stuxnet had two (or possibly 3) zero day exploits. Those zero day exploits have a value of between 500k and 1,500k dollars to the right buyers, so someone invested at least a million dollars before design & coding to stuff up some very specific centrifuges. That is unlikely to be a non-government entity.
Specifically US/Israel who would get a return on investment, buying time.
hairykrishna said:
The crypto in Flame and the coding in both suggest that they were built by a group of sophisticated, smart and experienced programmers who know the maths of cryptography very well. To me this doesn't mean that a nation state was required. It's not like massive sums of money and resources were needed and the computer security field has a proud history of small 'amateur' groups doing the best work.
Sure. But the crypto knowledge required is only a small part of this.It was a nation state.
eldar said:
Its certainly possible that smart non-state people, like anonymous, have the expertise to write the code.
But follow the money. Stuxnet had two (or possibly 3) zero day exploits. Those zero day exploits have a value of between 500k and 1,500k dollars to the right buyers
How do ZDEs have a value and who sells them?But follow the money. Stuxnet had two (or possibly 3) zero day exploits. Those zero day exploits have a value of between 500k and 1,500k dollars to the right buyers
eldar said:
Its certainly possible that smart non-state people, like anonymous, have the expertise to write the code.
But follow the money. Stuxnet had two (or possibly 3) zero day exploits. Those zero day exploits have a value of between 500k and 1,500k dollars to the right buyers, so someone invested at least a million dollars before design & coding to stuff up some very specific centrifuges. That is unlikely to be a non-government entity.
Specifically US/Israel who would get a return on investment, buying time.
I think your estimate of the value of a zero day, even for Windows, is out by about a factor of ten but you still make a good point. But follow the money. Stuxnet had two (or possibly 3) zero day exploits. Those zero day exploits have a value of between 500k and 1,500k dollars to the right buyers, so someone invested at least a million dollars before design & coding to stuff up some very specific centrifuges. That is unlikely to be a non-government entity.
Specifically US/Israel who would get a return on investment, buying time.
I'm just playing devils advocate I suppose - it probably was a government backed project.
hairykrishna said:
I think your estimate of the value of a zero day, even for Windows, is out by about a factor of ten but you still make a good point.
I'm just playing devils advocate I suppose - it probably was a government backed project.
You may be right about the value, I don't have the Glass's ZDE guide to handI'm just playing devils advocate I suppose - it probably was a government backed project.
More than pocket change, at least.Careless to let it escape, though...
Marf said:
How do ZDEs have a value and who sells them?
People who run botnets need fresh blood. A ZDE allows a week or two of infecting machines before anti-virus and patching catches up. Often found by amateur code analysts who find the errors for a living, then auction or sell via specialist web sites. hornet said:
Does make you wonder if [insert secret agency of choice] has people inside Microsoft either a) looking for the exploits or b) making damn sure they exist for a period of time to provide the (ahem) window of opportunity.
Fascinating stuff.
It is indeed!Fascinating stuff.
Lots of Microsoft software, or parts of software, happen to be developed at Microsoft Israel. It's one of their big research and development centres.
Coincidence? Not coincidence?
hairykrishna said:
eldar said:
Its certainly possible that smart non-state people, like anonymous, have the expertise to write the code.
But follow the money. Stuxnet had two (or possibly 3) zero day exploits. Those zero day exploits have a value of between 500k and 1,500k dollars to the right buyers, so someone invested at least a million dollars before design & coding to stuff up some very specific centrifuges. That is unlikely to be a non-government entity.
Specifically US/Israel who would get a return on investment, buying time.
I think your estimate of the value of a zero day, even for Windows, is out by about a factor of ten but you still make a good point. But follow the money. Stuxnet had two (or possibly 3) zero day exploits. Those zero day exploits have a value of between 500k and 1,500k dollars to the right buyers, so someone invested at least a million dollars before design & coding to stuff up some very specific centrifuges. That is unlikely to be a non-government entity.
Specifically US/Israel who would get a return on investment, buying time.
I'm just playing devils advocate I suppose - it probably was a government backed project.
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff