Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Anyone interested in security etc?

Tonsko

Tonsko

macrumors 6502
Original poster
Aug 19, 2010
293
1
http://www.pcworld.com/businesscent...et_built_to_attack_irans_nuclear_program.html

http://www.langner.com/en/index.htm

Ralph Langer said:
Getting the forensics done is only a matter of time. Stuxnet is going to be the best studied piece of malware in history. We will even be able to do process forensics in the lab. Again, the attacker must know this. Therefore, the whole attack only makes sense within a very limited timeframe. After Stuxnet is analzyed, the attack won't work any more. It's a one-shot weapon. So we can conclude that the planned time of attack isn't somewhen next year. I must assume that the attack did already take place. I am also assuming that it was successful. So let's check where something blew up recently.

...

Now you may ask, what about the many other infections in India, Indonesia, Pakistan etc. Strange for such a directed attack. Than, on the other hand, probably not. Check who comissions the Bushehr plant. It's a Russian integrator that also has business in some of the countries where we see high infection rates. What we also see is that this company too doesn't seem to be overly concerned about IT security. As I am writing this, they're having a compromised web site (http://www.atomstroyexport.com/index-e.htm) that tries to download stuff from a malware site that had been shut down more than two years ago (http://www.bubamubaches.info). So we're talking about a company in nukes that seems to be running a compromised web presence for over two years? Strange.

...

Welcome to cyberwar.
Click to expand...

Pretty chilling!
 
(marc)

(marc)

macrumors 6502a
Sep 15, 2010
724
2
the woods
Read the articles. That code is amazing. Breaching digital certificates is well beyond the abilities of skilled programmers / mathematicians.

This begs the question why Windows is used in a nuclear reactor. They should use a custom OS or something like OpenBSD, but not Windows...
 
Rodimus Prime

Rodimus Prime

macrumors G4
Oct 9, 2006
10,136
4
(marc) said:
Read the articles. That code is amazing. Breaching digital certificates is well beyond the abilities of skilled programmers / mathematicians.

This begs the question why Windows is used in a nuclear reactor. They should use a custom OS or something like OpenBSD, but not Windows...
Click to expand...


Do you have any idea how much custom software cost to create and maintain.
If they had gone with a custom OS it makes the cost even higher since now your pool of programmers you have access to is a hell of a lot smaller than it already is. Cost goes up even more on top of the cost of having the custom OS maintained.

It is all about cost to benefit ratio. The cost of building a custom OS is very high. Benefits gains could easily be less than 0 if you add in all the other programs but security issues that can go with it.


Custom software is very expensive.
 
Tonsko

Tonsko

macrumors 6502
Original poster
Aug 19, 2010
293
1
I think the code only weighed in at around 512kb as well. Serious piece of software.
 
(marc)

(marc)

macrumors 6502a
Sep 15, 2010
724
2
the woods
Rodimus Prime said:
Do you have any idea how much custom software cost to create and maintain.
If they had gone with a custom OS it makes the cost even higher since now your pool of programmers you have access to is a hell of a lot smaller than it already is. Cost goes up even more on top of the cost of having the custom OS maintained.

It is all about cost to benefit ratio. The cost of building a custom OS is very high. Benefits gains could easily be less than 0 if you add in all the other programs but security issues that can go with it.


Custom software is very expensive.
Click to expand...

I thought about an embedded systems approach, you're right that creating a new OS would take too much work. Still, Siemens shouldn't have put Windows in those machines in first place, Windows' insecurity isn't a secret. They should've picked something like OpenBSD from the beginning.
 
Tonsko

Tonsko

macrumors 6502
Original poster
Aug 19, 2010
293
1
I think in this case it wouldn't have mattered so much. All systems are vulnerable one way or another, and this was a targeted attack with 4 previously un-seen 0-days. There perhaps would have been 4 OpenBSD (or whatever) 0-days instead.

The argument for not using Windows in a critical environment though is a strong one, more for reliability (or lack thereof) than anything else.
 
Rodimus Prime

Rodimus Prime

macrumors G4
Oct 9, 2006
10,136
4
(marc) said:
I thought about an embedded systems approach, you're right that creating a new OS would take too much work. Still, Siemens shouldn't have put Windows in those machines in first place, Windows' insecurity isn't a secret. They should've picked something like OpenBSD from the beginning.
Click to expand...

real measure of security is counting Zero day exploits and how long until it is patch. In that sense OSX is one of the worse. Microsoft is pretty good at dealing with zero day exploits.

Also again I am going to point back to my time and money. OpenBSD more than likely would cost more to put in place and find the people to write the custom code for.

A lot of the software needed to run a plant like that is custom coding. It is a lot easier to find good coders for windows than it is to find people for OpenBSD.
Embed just would like the horse power they would need.

The only true secure system is a closed system meaning it is not connected to the out side world in any way. For example the NASA launching system. You can not hack your way into that system nor can you grab the hand off between Florida and Houston or even mission control. Reason being is that entire network is self contained. none of the lines connect to the internet. You would physically have to hard wire yourself in and if you physically tap the line you would quickly be detected.
 
(marc)

(marc)

macrumors 6502a
Sep 15, 2010
724
2
the woods
Rodimus Prime said:
real measure of security is counting Zero day exploits and how long until it is patch. In that sense OSX is one of the worse. Microsoft is pretty good at dealing with zero day exploits.

Also again I am going to point back to my time and money. OpenBSD more than likely would cost more to put in place and find the people to write the custom code for.
Click to expand...

Well, I think that the extra time and money would be well spent on majorly increasing the security of a nuclear facility.

By the way, the (targeted) facilities in Iran were not connected to the internet, they were infected with a USB stick.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom