Being the computer nerd that I am, the one that stood out was the shot of the workstation in the control room, and a dialog box containing a red icon and a message the some piece of software was not registered.

Politics aside, it scares the shit out of me that some one might be running a nuclear reactor without registering the software. It’s one thing to pirate a copy of photoshop to create an awesome dragon ball Z background for their android. Its another thing all together running a controlled nuclear explosion with unregistered software.

Your debunking is bunk, IMO – could you reference the passage in the Koran that states that lying to non-believers is OK?

I could probably find such a passage in Deuteronomy for you!

BTW I reject all three middle-eastern (Abrahamic) religions: JudeoChristianIslam. They are seeds of racism and hate, long-obsolete tribal programs of mind control.

At least Islam got art and poetry.

The existence of this worm in Iran’s nuclear facilities completely undermines the “Iran is a responsible nuclear energy developer” message.

OK, I’ll bite. How exactly does someone being under attack undermine their responsibility? All it shows, factually, is that someone infiltrated far enough to plant malware.

I’m willing to give you a chance to explain that assertion, though I’m not especially credulous, nor am I willing to become so.

The appropriate response being to hand Mac a paper mache mockup of the bomb from pre-OSX Mac OSes.

Me, I think that if Ahmadinejad really wanted to go for nukes, he seems power-hungry enough to rub out the Ayatollah, or at least threaten him, to do it, so all that nonsense up there isn’t so necessary. To be honest, I wouldn’t be surprised by any logical leaps a Truther might make. Conspiracy theorists are just nutty.

So nobody ever changes the default admin password, and you consider that a “non-trivial [to exploit]” and “not easy to patch against” security hole? Um, how about changing the admin password to something else, and just taping the new password to all of the workstations? Then just don’t let anyone near the equipment until they’ve memorized the new password (wait to do the switchover until you’ve got two shifts who’ve memorized the password) and you have patched that whole, without losing the quick response times you might need in an emergency.

Colossal stupidity here. Any software designer who worked at Siemens and has an axe to grind could do this. You don’t have to invoke the great Satan to explain it.

You’ve got a PLC. You’ve got a Windows machine that is the logger / interface / display for the PLC. There’s some sort of protocol that the Windows machine uses to communicate with the PLC. That protocol, if documented well, could be implemented on any arbitrary computer running any arbitrary operating system – say, machines running Ubuntu, Red Hat, Solaris, or any POSIX-compliant OS — Rather than Windows, a notoriously unstable, buggy, and insecure operating system. One that hosts 99.99999% of the computer viruses in existence. INTEROPERATING WITH A PLC THAT CONTROLS A NUCLEAR FACILITY. (Anyone with any sense could stop right there, but word to the wise, etcetera)

More background: It’s well-known that Microsoft Windows’ encryption engine (That handles the encryption of disks, messages, and communications links) is, itself, subject to being updated / replaced at any time by Microsoft.

Microsoft is a multi-national corporation which is based in the United States, and is subject to doing what it is ordered to do by the United States Government, who considers Iran a state sponsor of terrorism – Iran sponsors Hezbollah.

The US Government is prone to doing things by fiat, rather than by law – bypassing even FISA courts and the normal “you need a warrant to do that” process of law.

The US government has a political policy position that Iran should not be developing any sort of nuclear program, neither for arms nor for energy, because the energy program may be a cover for the research, development, and running of an arms program.

Iran has made noise, in the past, about using nuclear weapons against Israel.

Iran has stated that their nuclear program is only for energy and not for arms.

Iran has stated that their energy program is a responsible one.

The US position is that Iran will not run a responsible energy program.

Remember the part about the encryption engine? Yeah, there’s more to that: There’s more than one key that can authorise the replacement of the encryption engine in any arbitrary copy of Windows. The second key (after Microsoft’s own key) was named, in debugger code found long ago, “_NSAKEY”. Try Googling that. Read a bit. I’ll wait. Be sure to read Schneier’s opinion.

…

All done with that part? Alllllrighty.

It requires absolutely zero credulousness to posit that it is entirely possible that the United States, or an agent of the United States, developed and released or planted (I’m trying really hard here to not enumerate and explicate ways for Iran to have secured their machines because, really, I don’t want to assist them) this virus / trojan, in the specific goal of being able to hook into the nuclear plant’s control machinery.

From that point, it could be remotely shut down. Or destabilised. Or a catastrophic failure could be ordered. This isn’t hard to see. It would benefit the United States’ government’s position enormously to sabotage Iran’s technical facilities, at the right time, or shut them down, during an arms inspection, or have them undergo a runaway reaction during an arms inspection, or otherwise, and drop fallout material with an elemental signature that demonstrates that they were manufacturing plutonium on purpose. Or breeding some other weaponisable material. If that’s really what they’re doing.

And the downside of this scenario going public is this: The United States gets to sit in the UN Security Council and demonstrate that Iran is an idiot child playing with a gun it doesn’t understand and cannot handle.

—– Oh, and one more thing: How /exactly/ does a B-52 bomber take off from a North Dakota military base, with live nuclear warheads in delivery vehicles, and fly EAST to Barksdale AFB in Louisiana, EAST — to a base that is a staging point for movement to the Middle East, during the Bush Administration, during a time of tense standoff with Iran, when:

A: the official story is they were being flown SOUTHWEST to be decommissioned at Kirtland AFB in New Mexico, and

B: accessing the nuclear warheads in question requires authorisation from no less than the Joint Chiefs, VP, or President, involves two-man operation to authenticate the orders, requires two-man operation to alert the guards on the storage facility and authenticate the approach orders (the guards are ordered to shoot, on sight, anyone attempting to enter the storage facility who has not previously authenticated with them their order to enter, much less an order to move and load, nuclear warheads)

C: There have been standing order for 40 years against the movement of nuclear warheads — in delivery vehicles or not — in aircraft over US soil, and every single person involved understands WHY. That includes pilot, ground support (arms load, arms move, ground crew, other support crew)

D: Cheney had been pushing to bomb Iran since before Clinton was elected to office.

Iran rattles their sabres, and then says they are peaceful and responsible, and then secures a major nuclear operation with the skills and technical expertise of my 65-year-old mother (For her, computers are for Solitaire).

And the US has a definitive policy and operations history of wanting, needing, desiring, and anticipating a nuclear mishap in Iran.

(Postscript: Oh Jeff, Riffing: The PLC’s code itself is altered, with a subroutine check on one of the event handlers, that conditions the routine handler to skip the entire event handler in the event of some particular (as-yet unknown) condition being signalled. This is what we call in the industry “infected”.)

Might be premature, but I’m prepared to call that a pwn.

You have dealt with faulty centrifuge tubes, fool!
You have many other specially faulty indistrial parts in your nuclear program, and you have no idea how many or where they are!

And now -

This same thing that hobbles your nuclear program happened to your Air Fleet of F-14 fighter aircraft some years ago after you kicked American Technicians out – those planes sat there and sat there, and proudly collected dust under the Iranian Flag! Never to be flown again!

Owned Again by the evil capitalist American pigs!

Interestingly, the return code from the conditional subroutine to the event handler routine is “DEADF007″, which, to /me/, is 13375p33|< for either ‘deadfool’ or ‘deadfoot’. One of these –to me– sounds like Israel’s attitude toward Iran, and one like a US operation codename. Which is which I’ll leave as an exercise.

Post-Post-Script: “Bomb-Bomb-Bomb, BombBombIran, /Bomb-Bomb-Bomb, BOMBOMIrAAaaaAAAAn, oh Bomb IrAAAaaaAAAn, you got me rocking and a rollin’, Palin and McCainin’ buh-bIran…”*

*This is not to be construed by the irony-challenged as support of or advocacy for Palin, McCain, the GOP, or any position of bombing Iran.

key quote:
“It is also worth noting that original reports from military sources talked about only five of the six nuclear warheads from Minot being accounted for in Barksdale.[11] Nuclear warheads are also kept in specialized storage areas or bunkers. Moreover, nuclear weapons are not being decommissioned at Barksdale. ”

All Iran is doing is copying what we are doing. One of the (many) reasons I no longer work there is that I objected to the replacement of custom programmed DEC hardware with generic windows systems.

I agree with you; the United States’ claim to be a responsible handler of nuclear technology has been shown to be a bluff, a sham, a baseless boast. Since the Reagan administration at least the USA’s behaviour with our nukes has been comparable to an idiot child with a loaded gun.

If you see something like stuxnet that targets Honeywell DCS systems, be very afraid.

But, seriously, how stupid do you have to be to use windows – unpatched windows – in this situation. It scares the @#$@#@$ out of me that people that stupid are playing with nuclear… anything.

It makes me wonder how secure any other nuclear facility is, anywhere…

You know what? I find all this wild ass speculation fun. If I come up with a really good theory, can I become a security consultant, too?

http://www.schneier.com/blog/archives/2010/09/the_stuxnet_wor.html#c464143

Either that or you might be one of the worst advocacy writers I’ve ever run across, because nothing you post demonstrates anything other than that we – or someone – engineered trouble for them, despite their being signatories to the non-proliferation treaties and the commentary from the IAEA that they do not in fact have a weapons capacity.

If you strip out the bells and whistles from windows (what good is AERO if all you do is spreadsheets and type letters) to make it as lean and stable as possible it actually runs for a long time without incident.

In the SCADA world the reliability of the communications a lot less than the bits of hardware and software at the remote ends.

If you want real security, run the whole set up on a completely intendant network and never, never, never allow any uncontrolled/untested software for any OS onto it.

Of course this does not fit well with today’s “I must be totally in control” and “it must be remotely audit-able” philosophy.

On the question of licensing, I know of one product that is free to use for design but can only be run for 15 min at a time to talk to remote devices. You pay a license for a number of I/O points, so seeing a “this is not licensed” warning might just mean that it is a development environment and not an operational environment.

- The Stuxnet code is designed to target the gas centrifuges at Natanz.

The centrifuges are a set of identically configured systems, a monoculture for a virus to spread through.

- DEADF007 : means dead man’s foot, as in dead man’s handle.
The virus disables a failsafe mechanism.

- The operating capacity at Natanz measued independently by the UN fell 20% over the course of last year from May to November, despite the installed base of centrifuges nearly doubling.

- The head of irans nuclear programme stepped down without explanation last summer
http://news.bbc.co.uk/1/hi/8153775.stm

- Stuxnet is coded to check the date and to not attempt to propagate after Jan 2010.

The interesting possibility is that the first attack actually happened May – July 2009, and it’s only now that Symantec / Langaner have figured out what took place and published?

I am an Iranian and against this brutal and terrorist regime.

They are not human ruling the country, they are animals in the form of human.

I hope they create a virus in the future to take this regime out, not just their nuclear facilities.

Death to Islamic republic, long live Freedom.

I suspect we’ll once again be reminded of the meaning of the expression “unintended consequences” at some point.