Bonum Certa Men Certa
Links 30/5/2015: Wine 1.7.44, Berry Linux 1.20 | The EPO Still Wastes Public Money on Publicity Stunts and 'Reputation Management' Campaigns

The Lessons of Stuxnet: Never Use Microsoft Windows

The NSA is playing with nukes

Missiles



Summary: Windows is sufficiently 'NSA-compatible' for remote compromise and physical damage (sabotage) to highly sensitive, high-risk equipment

MANY news reports from around Friday [1-13] made it abundantly clear that Stuxnet, an Israel- and US-made virus that targets Microsoft Windows, was deployed not only in Iran (which uses Windows and Microsoft Linux) but also deployed (albeit unsuccessfully) in North Korea.



It is worth noting that Stuxnet was developed not only in the US but also in Israel and much of Microsoft's software development for 'security' is also done in Israel, so it might not detect Stuxnet (by design).

"Imagine the media reaction if some nation's government tried to install viruses in nuclear facilities in the US..."News from North Korea should remind any nation with military facilities (that's about every nation on Earth) to dodge Microsoft Windows. Turkey, for instance, reportedly moved its army to GNU/Linux and several other nations make similar moves for security reasons. In order to explain North Korea's resistance to the infection some corporation media likes to highlight "near-complete isolation" (see below) rather than reliance on GNU/Linux. The ToryGraph (see below) calls Stuxnet a "computer virus" even through it is uniquely a Microsoft Windows virus. Imagine the media reaction if some nation's government tried to install viruses in nuclear facilities in the US...

This is by no means defence of North Korea; it's just that the story makes is abundantly clear that, Microsoft's special relationship with the NSA aside, Windows is a target. Even Western governments target it. The NSA habitually said that it worried about attacks on its electric grid while hypocritically enough it is attacking nuclear facilities in other countries, never mind the risk of "blowback" or the "fallout" (pun intended) such aggressive actions may consequently bring. Pentagon would label this an "act of [cyber] war".

Related/contextual items from the news:



  1. NSA eggheads tried to bork Nork nukes with Stuxnet. It failed – report
    The NSA tried to wreck North Korea's nuclear weapons lab using the centrifuge-knackering malware Stuxnet, and ultimately failed, multiple intelligence sources claim.


  2. Pyongyang 1, NSA 0: U.S. Tried and Failed to Hack North Korea’s Nuclear Infrastructure
    By almost completely shutting itself off from the rest of the world, the North Korean government has denied its people and society access to the fruits of the digital communications revolution. It has also reportedly helped stymie a U.S. cyberattack on the country’s nuclear infrastructure modeled on the so-called Stuxnet virus the United States and Israel used against Iranian centrifuges.
  3. The NSA reportedly tried -- but failed -- to use a Stuxnet variant against North Korea
    Right around the time that the Stuxnet attack so famously sabotaged Iran’s nuclear program in 2009 and 2010, the U.S. National Security Agency reportedly was trying something similar against North Korea.

    The NSA-led U.S. effort used a version of the Stuxnet virus designed to be activated by Korean-language computer settings, but it ultimately failed to sabotage North Korea’s nuclear weapons program, according to a Friday Reuters report, which attributed the information to people familiar with the campaign.


  4. NSA tried Stuxnet cyber-attack on North Korea five years ago but failed
    The US tried to deploy a version of the Stuxnet computer virus to attack North Korea’s nuclear weapons programme five years ago but ultimately failed, according to people familiar with the covert campaign.
  5. Report: US tried Stuxnet variant on N. Korean nuke program, failed
  6. US tried to bring down North Korean missile programme with computer virus
  7. Report: U.S. failed to sabotage North Korean nuclear program with Stuxnet-twin
  8. Report: US cyberattack on North Korea was ineffective
  9. Why Did a US Cyber Attack on North Korea Fail?
  10. US Tried, Failed To Sabotage North Korea Nuclear Weapons Program With Stuxnet-Style Cyber Attack
  11. US Reportedly Launched Stuxnet Attack Against North Korea
  12. US Failed at Planting Stuxnet-Style Computer Bug in N. Korea Nuke Program
  13. US reportedly tried to destroy North Korea’s nuclear program with a Stuxnet-type virus


Links 30/5/2015: Wine 1.7.44, Berry Linux 1.20 | The EPO Still Wastes Public Money on Publicity Stunts and 'Reputation Management' Campaigns

Recent Techrights' Posts

A Discussion About Suicides in Science and Technology (Including Debian and the European Patent Office)
In Debian, there is a long history of deaths, suicides, and mysterious disappearances
[Video] Why Microsoft is by Far the Biggest Foe of Computer Security (Clue: It Profits From Security Failings)
Microsoft is infiltrating policy-making bodies, ensuring real security is never pursued
Harassment Against My Wife Continues
Drug addict versus family of Techrights authors
 
[Video] Ignore Buzzwords and Pay Attention to Attacks on Software Developers
AI in the Machine Learning sense is nothing new
Outline of Themes to Cover in the Coming Weeks
We're accelerating coverage and increasing focus on suppressed topics
[Video] Not Everyone Claiming to Protect the Vulnerable is Being Honest
"Diversity" bursaries aren't always what they seem to be
[Video] Enshittification of the Media, of the Web, and of Computing in General
It manifests itself in altered conditions and expectations
[Meme] Write Code 100% of the Time
IBM: Produce code for us till we buy the community... And never use "bad words" like "master" and "slave" (pioneered by IBM itself in the computing context)
[Video] How Much Will It Take for Most People to Realise "Open Source" Became Just Openwashing (Proprietary Giants Exploiting Cost-Free or Unpaid 'Human Resources')?
turning "Open Source" into proprietary software
Freedom of Speech... Let's Ban All Software Freedom Speeches?
There's a moral panic over people trying to actually control their computing
Richard Stallman's Talk in Spain Canceled (at Short Notice)
So it seems to have been canceled very fast
Links 29/04/2024: "AI" Hype Deflated, Economies Slow Down Further
Links for the day
Gemini Links 29/04/2024: Gopher Experiment and Profectus Alpha 0.9
Links for the day
Debian 'Cabal' (via SPI) Tried to Silence or 'Cancel' Daniel Pocock at DNS Level. It Didn't Work. It Backfired as the Material Received Even More Visibility.
know the truth about modern slavery
Lucas Nussbaum & Debian attempted exploit of OVH Hosting insider
Reprinted with permission from disguised.work
Software in the Public Interest (SPI) is Not a Friend of Freedom
We'll shortly reproduce two older articles from disguised.work
Syria, John Lennon & Debian WIPO panel appointed
Reprinted with permission from disguised.work
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, April 28, 2024
IRC logs for Sunday, April 28, 2024
[Video] GNU and Linux Everywhere (Except by Name)
In a sense, Linux already has over 50% of the world's "OS" market
[Video] Canonical Isn't (No Longer) Serious About Making GNU/Linux Succeed in Desktops/Laptops
Some of the notorious (or "controversial") policies of Canonical have been covered here for years
[Video] What We've Learned About Debian From Emeritus Debian Developer Daniel Pocock
pressure had been put on us (by Debian people and their employer/s) and as a result we did not republish Debian material for a number of years
Bruce Perens & Debian public domain trademark promise
Reprinted with permission from disguised.work
Links 28/04/2024: Shareholders Worry "AI" Hype Brings No Income, Money Down the Drain
Links for the day
Lawyer won't lie for Molly de Blanc & Chris Lamb (mollamby)
Reprinted with permission from disguised.work
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, April 27, 2024
IRC logs for Saturday, April 27, 2024
Links 27/04/2024: Spying Under Fire, Intel in Trouble Again
Links for the day
Lucas Kanashiro & Debian/Canonical/Ubuntu female GSoC intern relationship
Reprinted with permission from disguised.work
Pranav Jain & Debian, DebConf, unfair rent boy rumors
Reprinted with permission from disguised.work
Links 27/04/2024: Kaiser Gave Patients' Data to Microsoft, "Microsoft Lost ‘Dream Job’ Status"
Links for the day
Gemini Links 27/04/2024: Sunrise Photos and Slow Productivity
Links for the day
Microsoft: Our "Goodwill" Gained Over 51 Billion Dollars in the Past Nine Months Alone, Now "Worth" as Much as All Our Physical Assets (Property and Equipment)
The makeup of a Ponzi scheme where the balance sheet has immaterial nonsense
Almost 2,700 New Posts Since Upgrading to Static Site 7 Months Ago, Still Getting More Productive Over Time
We've come a long way since last autumn
FSFE (Ja, Das Gulag Deutschland) Has Lost Its Tongue
Articles/month
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, April 26, 2024
IRC logs for Friday, April 26, 2024
Overpaid lawyer & Debian miss WIPO deadline
Reprinted with permission from disguised.work
Brian Gupta & Debian: WIPO claim botched, suspended
Reprinted with permission from disguised.work