Electronic and signals warfare has an even longer history; RDF in WW1 and earlier, and of course Enigma/Colossus and the RADAR war of ww2. I wouldn't consider these unrelated to cyberwarfare.
>It's seemingly safe to believe that there is a very high probability that the US and Israel are behind Stuxnet.
I guess, if you're willing to take the word of unidentified people who may or may not even exist. Though you did include a lot of weasel words in that sentence...
>Quite a few of the people quoted in the article are identified, seem to be in position to know what they're talking about and definitely exist.
The people identified in the article don't know anything. The people who are the basis for the allegation are unidentified.
>By "weasel words" you mean OP (and NYT) don't state as facts things which are, while very likely, not confirmed to be facts?
No, I mean the sentence is written in such a way that it can't be falsified. That's perfectly reasonable in this case, especially since the article doesn't include anything that would qualify as actual proof.
He meant "weasel words" by my comments avoidance of just straight out saying "the US and Isreal are behind Stuxnet".
Which I didn't say because there isn't direct proof.
But there is still a very high probability given the only target was a very specific and obscure industrial hardware component, the unusual complexity of the virus (with its rare use of multiple zero-day vulnerabilities at once) and the fact that it couldn't be tested without access to equipment that is only accessible to governments and major corporations.
I haven't decided yet how to feel about Stuxnet. On one hand, good guys don't release viruses into the wild, period. On the other hand, only good has come from this. Iran doesn't get nukes until later and industry figures out that they need to lock down their machine controllers, without any real damage.
So, we're not going to change the end-game, we're just going to piss of Iran....and you think that's good?
Consider things from the Iranian's perspective. Back in the day, they were establishing a legitimate democratically elected government. The US overthrew that government and pushed a brutal dictator into power, who tortured and murdered many Iranians. From their perspective, the US is an evil nation that does evil things. Nuclear weapons look like the only thing that could give them security against the US. And we're hellbent on stopping them. Heck, the US has never even apologized for overthrowing their government and installing a murderous dictator: can you really blame the Iranians for believing that the US government is trying to screw with their country?
The only way this ends well is with a deal and deals require trust. Does Stuxnet promote that trust? Or does Stuxnet just provide further evidence that the hardliners are right, that the US is trying to screw with their country?
industry figures out that they need to lock down their machine controllers
This seems like wishful thinking. We have a terrible track record of getting large scale systems secured, even in areas where those systems are under continuous public attack. Industrial software is not one of those areas, so developers of such software are unlikely to take security very seriously. But even if they did: we don't know how to get them to build secure systems.
Microsoft spends a huge amount of developer time and money on system security. They're not very successful. But they devote a much larger fraction of their budget to that goal than any industrial software shop. So expecting industrial software shops to produce code that is even as secure as Microsoft's seems...unlikely.
You're speaking as if that hypothetical person in Iran actually exists and is immortal.
The Iranians in 1953 are not the same Iranians today.
The situation today is that you have a sabre rattling theocracy that funds terrorism trying to get nuclear weapons.
What possible concession could the West make to get Iran to stop striving for nukes? Nothing. Iranian leadership wants nukes before their rule is overthrown by the people in favour of a democracy. Before the hearts and minds of a sufficient majority move for change away from totalitarianism.
It's very important to stop them from getting nuclear weapons. 1953 has no bearing on this situation 60 years later.
> 1953 has no bearing on this situation 60 years later.
I'm not really educated on Iran, but I find this hard to believe. It wasn't that long ago...
edit -
I should have posed the original comment as a question, but can anyone elaborate if I'm really totally wrong? Surely the coup in 53 would have had an effect on the revolution which would have an effect... ?
First that article hardly makes it clear that that was the US's bomb. Second it was 25 years ago. Third, you do have a black and white world view? And all countries are clearly equal?
Are you seriously unable to distinguish between countries? Are you unable to distinguish between single (or even rare) occurrences and repeated? Between countries that feel bad about such occurrences in their past and those that celebrate them?
Do you really think that saying "So and so is not so bad - after all the US did it one time." is a good argument?
So, we're not going to change the end-game, we're just going to piss of Iran....and you think that's good?
All I want is for nobody to get nuked. I think it's more likely that nobody will get nuked if Iran doesn't have nukes. But you're right that Stuxnet is a dirty move that erodes trust, that's why I'm conflicted.
We have a terrible track record of getting large scale systems secured, even in areas where those systems are under continuous public attack. Industrial software is not one of those areas, so developers of such software are unlikely to take security very seriously.
Surely going from complete obliviousness to awareness is the biggest step the industry will ever take to being secure, even if subsequent progress is slow. But I think they will fare better than corporate or home users, because there are less of them and they are more technically inclined and disciplined.
I think it's more likely that nobody will get nuked if Iran doesn't have nukes.
But this doesn't stop Iran from getting nukes, it only delays them. And I don't see why Iran getting nukes increases the probability of anyone getting nuked. A nuclear Iran is an Iran that still responds to deterrence.
Surely going from complete obliviousness to awareness is the biggest step the industry will ever take to being secure
Discovering that you have untreatable cancer will not alter how long you live.
they are more technically inclined and disciplined.
Wrong. Do you know anyone who does instrumentation and control work for power plants? These are people who are very skilled...in their field. In my experience, they don't know a lot about security because they don't have to. They don't have millions of script kiddies and organized crime hammering their code looking for exploits so they can afford to be blissfully ignorant. And they're no more disciplined than any other developer.
>But this doesn't stop Iran from getting nukes, it only delays them.
Eating doesn't stop hunger, it only delays it.
"Stopping" something is inherently temporary. You can say the exact same thing about stopping anything.
Exercise doesn't stop obesity, it only delays it.
Delay is exactly the goal.
Eventually the Iranian public is going to overthrow their theocracy and create a democracy. Then they will probably stop striving so hard for nukes because the leaders will turn to creating prosperity rather than attempting to achieve a false security through apocalyptic weapons.
These are people who are very skilled...in their field
At the very least, they can follow process and act responsibly around breakable or dangerous things. That gives them huge advantage compared to offices and homes.
If you are citizen of any of the countries that have nuclear weapons, have you considered lobbying to eliminate those? If not, then you are not really for "nobody to get nuked".
But you're right that Stuxnet is a dirty move that erodes trust, that's why I'm conflicted.
"Big satan" and "little satan," the Iranians have entrusted us with that title, so we are also building trust here by reinforcing the image they have projected onto us.
They were right.
But I'm all for eroding trust: trust that should have never been there to begin with. Erode as much trust as possible.
Heck, the US has never even apologized for overthrowing their government and installing a murderous dictator...
The closest the US has come to an apology that I am aware of is Obama's 2009 speech in Cairo where he said, In the middle of the Cold War, the United States played a role in the overthrow of a democratically elected Iranian government. See http://www.whitehouse.gov/the-press-office/remarks-president... for the full speech.
The Iran political situation is not exactly about to topple, but it's not the most stable situation in the world, either. Four-plus years is a really long time when we're talking about the CIA's/US's/Israel's ability to topple a potentially vulnerable regime.
Perhaps we'll be as successful as we were in Cuba! Or maybe North Korea! Or Iraq....We've only been trying to overthrow the government in Cuba for, oh, about half a century. I'm sure we'll nail it any day now. True, Cuba is 90 miles from the US and we've got millions of spanish speakers, so toppling the Iranian government should be a piece of cake given how many Farsi speakers work for the US government!
Even if we were successful, what makes you think alternate Iranian regimes would differ on nuclear policy from the current one? Or is the plan to replace the current regime with another brutal dictator who will have zero popular legitimacy? After all, that's worked out so well for us in the past....
Finally, has Israel ever successfully toppled a regime anywhere in the world?
Aren't people worried Iran could potentially develop something similar to target oil rigs? Is there a guy at the CIA saying, "Oh don't worry about it boys; it's a one off, they'll never be able to figure it out or respond in kind."
At one point Persians were one of the most educated minorities in the US. They have good universities in Iran and I wouldn't put it past them to develop the capabilities to push back against this attack.
If Iran is going to do, or is already doing, cyberwarfare then they'll do it whether or not they get attacked first. But now, everyone will be on guard.
I think for the most part, Stuxnet will be a one of a kind event in history. Though it's a nasty thing to do, only one team ever gets to do it, and I'd rather it be us than them.
If Iran is going to do, or is already doing, cyberwarfare then they'll do it whether or not they get attacked first.
Why? Is that because you assume that Iranians are irrational and evil?
Usually people do stuff because it benefits them somehow. So, why exactly would Iran launch a cyberwarfare attack against the US in a world where the US didn't strike first?
But now, everyone will be on guard.
Given how completely we've failed at building secure systems, I'm not sure that really helps.
Iran's top people have been established to desire the destruction of Israel at minimum, and they can't fathom the destruction of the US, but if they could, I'm pretty sure they would want that too. So, at minimum, they would want to do shit like this to Israel if they remotely had the capability. My impression is that they don't have remotely the brain-capital to do so.
'Rational' and 'personal gain' are kind of relative to your worldview. The people running Iran believe that if they launch a missile into Tel Aviv, the worst thing that can happen is they get sent to paradise for eternity and Allah is waiting to give them a high-five for wiping Israel off the map. Is it still 'irrational' for them to do so?
The people running Iran believe that if they launch a missile into Tel Aviv, the worst thing that can happen is they get sent to paradise for eternity and Allah is waiting to give them a high-five for wiping Israel off the map.
I have met a lot of Iranians here who do not like the regime in Iran but I have little perspective on those in Iran. I had a Farsi teacher who said that those in rural areas were more loyal to the current regime than those in populated cities.
Why is it so surprising/impressive that the worm was tested on centrifuges similar to those it was targeting? More than once, the article emphasizes that this is unusual and interesting...am I missing something?
You Americans don't get it.
Israel and US murder our scientists.
They try to stop our progress towards nuclear energy.
They put sanction on us so we can't buy things like air planes and our planes are old and they crash and people die.
...
All because of what? Because they believe we want to build stupid nuclear bomb -which we don't- and they have no evidence of it.
So we stay in a war. Peace is never going to become a reality. And It's Americans fault.
Why is Iran developing long-range missiles with the capability of carrying nuclear warheads in parallel to its nuclear program?
Iran has been involved in multiple wars by proxy for a while now, it is unlikely an opportunity to arm itself with nukes will arise and they will not take it.
Most likely because it is a non-Arab power in the Middle East that is threatened on two sides by the world's only standing super power -- a super power that has routinely threatened invasion of Iran. Look at the WikiLeaks cables that exposed the pressure from other Middle Eastern governments for the US to invade Iran. Given the geopolitics, Iran's desire for nuclear weapons is perfectly rational.
I think the story would be more interesting if the malware appeared to have come from aliens from outside our solar system who knew that Iran getting nuclear capability would destroy the world and eventually set the galaxy out of balance. They send a virus back through time to stop Iran.
This reporter finds evidence of this in the virus, and additionally finds indications of future events that have yet to unfold, but which this virus will also disrupt.
Otherwise, I think you're left with a pretty mundane story.
the net positive is that cyber-security is brought to the forefront for the US gov, more importantly this will be a great movie staring colin farrell as an Israeli ruby developer that came up with the plan
I probably shouldn't be surprised by willful ignorance anymore, but it amazes me that everybody in the article can celebrate this achievement and at the same time admit that it's just "pushing back the clock." Israel's still going to get hit by a nuclear weapon some time, because the technology to build one is just going to keep getting cheaper and more accessible.
You think it's inevitable that Israel gets nuked? I find that very unlikely, especially since the attacking nation would definitely be destroyed as well.
Iran doesn't want nukes so that they can destroy Israel. They wants nukes, because obtaining them immediately makes them powerful on the world stage. (and I say that as someone who really doesn't want to see them get nukes too because they're a crazy religious theocracy)
"You think it's inevitable that Israel gets nuked? I find that very unlikely, especially since the attacking nation would definitely be destroyed as well."
The biggest fear isn't that Iran attacks Israel. The biggest fear is that they'll make a few nuclear weapons, give them to terrorists that aren't officially affiliated with them, and let the terrorists nuke Israel.
In a case where there is a terrorist nuclear attack on Israel, that can't be directly tied to Iran, I'm not sure what Israel could do.
"give them to terrorists that aren't officially affiliated with them"
I'm not convinced that this will happen, although I used to think so. Those terrorists could turn on Iran. 'Suckers you gave us a nuke, but now we want more or else.' Any proliferation at all would alter the balance of power. The Iraninan regime know this, and I predict that the only thing the regime wants more than to destroy Israel is to stay in power whilst watching this happen, and giving away nukes would not necessarily bode all that well with this goal. Terrorists with nukes could usurp power in Iran before they even lay a finger on Israel.
add: In my opinion, the most Iran can hope for is a direct confrontation with Israel that involves nuclear missiles, which ideally would see the decimation of Israel. These missiles will be fired from Iran. But I think there would be an Iranian uprising or some type of coup before that occurs: the people of Iran like themselves more than they hate Israel, and definitely don't want to suicide for it. Israel also has counter-measures to defend against it.
Iranian controlled mobile nuke scuds parked in south Lebanon - that's a possibility, but not now at least. I don't think the Lebanese would like that very much, and what if they're sabotaged by Israel or confiscated by Hizbollah? Risky.
Its certainly probably that Iran doesn't want nukes in order to use them against Israel. But that doesn't mean you get to discount their rhetoric about destroying Israel, and the fact that such rhetoric aligns horrifically neatly with the notion of a nuclear Iran.
Still, the prospect of an Iran that is powerful on the world stage and the inevitable proliferation that will result probably increases the chances that someone crazy enough to nuke an Israeli city will get ahold of enough material to do so exponentially.
So this doesn't make it inevitable, just a hell of a lot more likely.
>I find that very unlikely, especially since the attacking nation would definitely be destroyed as well.
You're talking about a region where suicide bombing is perhaps the most common attack method now. I think its clear that our definition of rationality is different from Iran's regime (as opposed to Iranian people).
I agree Israel is a relatively minor issue. The real conflict here is Sunni-Shiite and Farsi-Arab (Iran-Iraq war alone probably had more casualties than the entire 100 year Arab-Israeli conflict). If Iran has a nuclear capability, it's unthinkable that Saudi Arabia or Egypt or, at a later stage, Iraq, will not strive to have it as well. You will get a multi-lateral arms race in the most volatile region in the world.
On the other hand, it's impossible to stop Iran forcefully. The best you could hope for is to delay it, hoping that the current regime will be replaced by a more rational one.
Not sure what your point is. The worst of effects of nuclear weapons weren't known at the time (yes, killing all those civilians was terrible too, but worse things happened in WW2).
Here's a few questions for you: who has a leader that bizarrely denies the holocaust? who has a religious paramilitary force that murders their own civilians? who keeps innocent students hostage so that they can play with them like pawns in the game of international politics?
And here's a bonus wikileaks reveal: who is so disliked by their neighbors that ALL nearby countries want the US to attack them?
So really?!
Holocaust? You really want to get into this? holocaust happened or not is one thing, Murdering innocent Palestinians and kicking them out of their country, and supporting this is another.
who has a religious paramilitary force that murders their own civilians?
I don't know, but I know how kills Iranians: http://en.wikipedia.org/wiki/Iran_Air_Flight_655
And who supported Iraq in the war against Iran.
who keeps innocent students hostage so that they can play with them like pawns in the game of international politics?
I've no idea what are you referring to?
who is so disliked by their neighbors that ALL nearby countries want the US to attack them?
And who is the most disliked country in the word? Who has military attacks on most countries in the world? Let's say Iraq. Iraqis dislike Iran or US? How about Afghans? How about Pakistanis?
Iran is disliked by the nation of his neighbors or by the governments? Who is disliked by the nations?
According to Wikipedia, if this is true than 2010 had the first occurrence of cyber-warfare between nation states in our history.
http://en.wikipedia.org/wiki/Stuxnet