Forgot your password?
typodupeerror
Security

+ - Stuxnet Sux or Stuxnet Success Story? ->

Submitted by wiredmikey
wiredmikey (1824622) writes "Sophistication apart, how dangerous is Stuxnet? Well, SCADA sites are not altogether typical of other corporate sites. There are concerns that many cannot easily take the same countermeasures as a “normal” business, since a PLC controlling a critical function cannot always be taken down easily, even to apply such commonsense precautions as disabling unnecessary ports, applying patches, updating unsupported Operating Systems, and so on.

Win32/Stuxnet might be described as a worm of a slightly different color, though it’s attracted interest from the media that’s comparable in intensity to Conficker, or Code Red, or Blaster. I’m not saying that it isn’t technically interesting, of course: it has too many novel features to be accused of that. I certainly don’t remember seeing so many 0-day exploits in a single malicious package.

Apart from the (now patched) LNK vulnerability (MS10-046) that originally attracted our attention, the more recently patched print spooler attack (MS10-061) proved almost as scary, since it allows a remote user using a Guest account (which should be unprivileged) privileged write access into the %SYSTEM% directory of the target machine. Stuxnet takes this as an opportunity to write (malicious) binary files into %SYSTEM%, so we’re glad to see that one go. Then there are the two privilege escalation issues I can’t discuss yet because of responsible disclosure issues; a new twist on an older patch (MS08-067); an almost incidental sideswipe at Siemens’ naive and persistent and use of a hardcoded password; and a sly use of stolen certificates that should worry anyone who still believes that white-listing and code-signing have rendered all reactive security software obsolete. And I haven’t even mentioned some SQL code that isn’t likely to give up all its secrets until we establish exactly which system (or kind of system, even) is being targeted...(continued)"

Link to Original Source
Government

Obama Wants Broader Internet Wiretap Authority 646

Posted by CmdrTaco
from the tap-this-way dept.
An anonymous reader writes "The White House plans to deliver a bill to Congress next year that will require Internet-based communication services that use encryption to be capable of decrypting messages to comply with federal wiretap orders. The bill will go beyond CALEA to apply to services such as Blackberry email. Even though RIM has stated that it does not currently have an ability to decrypt messages via a master key or back door, the bill may require them to. Regarding this development, James Dempsey of the Center for Democracy and Technology commented on the proposal, saying, 'They basically want to turn back the clock and make Internet services function the way that the telephone system used to function.'"

To understand a program you must become both the machine and the program.

Working...