I have been reading the discussion on this list about
Windows security and it brings a couple of things to mind.
The first thing is that whatever operating system is the
most common is also the most vulnerable. Microsoft hasn't done
all they possibly could have done, but being the most common has
its risks.
When I first started working in IT, Sun work stations as
in the Sun Sparc models, were not uncommon in university
settings and a number of commercial operations. You guessed it;
along with some of the early DOS mal ware, there were Unix exploits
that looked for and too-often found holes in security such as
buffer overflows or timing hacks that could let a miscreant
become root and own the system.
Over the last 20 years, Unix of most flavors has become mostly
very good at rejecting the OS-related hacks, but people can
still leave the barn door open with weak passwords or by
continuing to run out-dated versions of their operating systems
when it is known that certain vulnerabilities exist.
Microsoft Windows is much better than it used to be
regarding security, but it is still open to more cracking than
we would like to think because of its basic design. There are
just too many inter-related very complex subsystems so a little
javascript here and a bug or two there and you're done or done for.
So, my first point is that if you run a less-common OS
like MacOS or Linux, you are automatically a little safer as
long as you don't set a weak password and keep your OS up to
date.
My second point is that if you are thought to be a
high-value target, the bad guys will stop at nothing to get in
so if you have the combination to the safe holding the Crown
Jewels, you had better not store it on your computer.
The country of Iran wants a nuclear bomb so bad they can
almost taste it. Some Middle Eastern leader was quoted as saying
that his worst fears are that Iran will get the Bomb and the US
or Israel will try to stop them.
I certainly do not have access to any classified
information and if I did, I wouldn't spill it here, but NPR had
a news report several months ago that described how the US and
Israel did apparently set the Iranian program back some years.
It seems that Iran's Nuclear weapons program uses
computers which are not connected to modems or the internet so
someone can't just find them out there and mess with them.
No problem. How about a little social engineering. It is
possible that what happened was that Iranian nuclear engineers
went to some trade conference somewhere and were probably
showered with goodies such as sales promotions from software
companies. These may have included thumb drives full of "free"
software that any self-respecting Iranian nuclear professional
would love to have.
It's possible that those thumb drives were also loaded
with what we today call stuxnet.
This is a sophisticated virus that really doesn't do
much to your computer except infect everything and spread to any
other computer it can talk to but the real black magic happens
when the stuxnet-infected computer has a specific device called
a "programmable logic controller" or PLC.
PLC's are everywhere in industry and are the interface
between a computer and the motors, pumps and other machinery in
a factory. It could be a factory that makes house paint, chairs,
dog food or bombs.
Apparently, the Western countries knew the exact make
and model of Iran's PLC's so stuxnet was written to see if a
computer was connected to this model of PlC and, if so, modify
the PLC's operating system so that it would make the machines
they were controlling essentially commit suicide by running too
fast or running in some other way as to destroy themselves but
report that all was well.
In other words, if they want in badly enough, they will
go to any extreme to do so.
=======================================
The Techno-Chat E-Mail forum is guaranteed malware, spyware, Trojan, virus and
worm-free
To modify your subscription options, please visit for forum's dedicated web
pages located at
http://mail.tft-bbs.co.uk/mailman/listinfo/techno-chat
You can find an archive of all messages posted to the Techno-Chat group at
either of the following websites:
http://mail.tft-bbs.co.uk/pipermail/techno-chat/index.html
Or:
<http://www.mail-archive.com/[email protected]>
you may also subscribe to this list via RSS. The feed is at:
<http://www.mail-archive.com/[email protected]/maillist.xml>
---------------------------------------
