fsyed3at September 27,2015 “Cyber warfare against physical infrastructure is absolutely possible” – true, and terrifying. Stuxnet is an impressive case study, I remember it being mentioned in one my undergrad Computer Science classes, though not it this much detail. As the video mentions, it is not only an engineering feat that must have taken months, if not years, to write, but also an impressive espionage/social engineering infiltration. Though if broken down, there was nothing fundamentally new or proprietary about the code, the combination of logic and exploitation measures that would require knowledge of Windows OS vulnerabilities (achievable in this capacity by reverse engineering or dissecting the low level programming, which is insane). This video was definitely geared to a less technical audience, but I’d like to definitely look in to the technical part of this.
aholcom2at September 28,2015 This was a very good and interesting video about Stuxnet. I remember when Stuxnet was first discovered; some computer experts were calling it the cyber version of a nuclear bomb. They also warned that it opened the flood gates for others nations to design and deploy similar malicious worms and viruses. Its also amazing that the amount of complexity Stuxnet even though it was only 500KB in size.
zsesayat October 08,2015 Wow, this is scary. But I thought when a software is first created or invented for the Government, or big company, the first thing programmers do is to create an anti-virus for that particular software. Could it be that the software developers themselves are the ones that created the virus Stuxnet? They are the only people that would know how to target a software because they know the weak holes to get into the software. I think a law or policy should be passed for every software developer or inventor to take responsibility of any attack of their invention. I think they are doing this to make more money. They create a software, sell it, then create anti-virus, sell it, then create a more powerful virus to destroy ones network or computer, then reach out to them again to fix the problem. If a law is passed that any software attack should be taken care of the manufacturer for free. I think virus issues would slow down.
Despite I know that other parties are out there to destroy peoples' computers, they should be able to know what powerful anti-virus to create to prevent all attacks despite how powerful is that virus like Stuxnet
Beggsseat October 22,2015 This was rather eye-opening for me with my non-computer background. What impressed me the most was the overall comprehensive coordination of so many interactive details and the stealth applied in creating changes in spin speed by alternating increases and decreases with specific dormant days to divert attention. There was so much logic applied in creating aspects that wouldn't be uncovered by anti-virus software and stolen digital certificates. It truly seems like the perfect all around case to analyze so many different elements involved in computer espionage. It would be really interesting to know how long it took the creators to carefully construct the many aspects and what type of testing procedures they would have needed to do in the interim. On a side note, it really provides strong support to disable default passwords supplied by software manufacturers. We tend not to think about how this small oversight can add up to some major damage.
hanna88at October 26,2015 So basically, a bunch of geniuses created Stuxnet. To consider all of the different facets of a complex operation so well, and to demonstrate the proficiency required to integrate such a program without detection, yeah, it seems impossible. Even if you are not incredibly technical, it's hard not to be fascinated by this story. I'm glad he brought up the QC aspect because I was thinking that surely someone would have noticed or detected the extreme increases and drops in the centrifuge rates but Stuxnet even had an answer for that! The end was particularly disturbing; hearing someone so smart talk about the potential damage a mass-scale attack would have on our infrastructure certainly makes you think twice about our technological dependencies.