Internet Anthropologist Think Tank: Missed lesson of Stuxnet.

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Tuesday, December 14, 2010

    Missed lesson of Stuxnet.

    This blog set to display 20 days of posts. Sorry Blogspot only shows 3 days, waiting for a Google fix, G



    Missed lesson of Stuxnet.

    While everyone is focused on the Threat
    many have missed the context.

    This type of WMD can only be programed
    by a State because of the cost, time and expertise
    to develop it.

    Stuxnet was conceived to by pass all anti-virus
    and anti-malware system. And it successfully did
    so. No known security suite could stop it.

    Iran and the Security Vendors can't get rid of it.
    Iran has tried for 5 months now to rid its computer
    systems of stuxnet, and only achieved momentary
    success.

    It can infect computers not connected to the WWW.

    This context says the paradigm for computer security
    is a total failure.

    The security vendors turn out to be "patent medicine"
    purveyors, Sellers of nostrum remedium, snake oil.

    Proof of concept, there is NO security on the WWW
    for computers.



    Further proof even Google caretaker of the worlds
    biggest data base, holder of humankind's personal
    secrets couldn't stop Chinese hackers. I'm convinced
    it was an inside job. Google is so big, world wide in scope
    of servers, even knowing where to go to steal prime code
    had to have inside info. Spys inside Google is a National 
    Security risk.




    The Pentagon and Sate Dept. couldn't keep hackers
    out. they sat inside DOD for 3 days just observing.

    These proof of concept attacks portend a massive
    cyber strike crippling not only a state but our civilization.

    Our seminal song a dos attack on the WWW nodes,
    song we have been singing since 2007, goes unheard.
    As US cyber forces continue to focus on defending
    intranets, leaving the WWW unprotected.


    These capable US cyber forces will find themselves
    behind a well defended intranet un-connected to
    any thing else, with the WWW down, in effect an
    useless safe intranet without connections to the
    outside world.

    Conflicker is such a botnet capable of bringing
    down the WWW with an attack on the nodes.

    And Conflicker continues unabated. Security
    vendors unable to take it down for over 3 yrs
    now. And researchers able to penetrate some
    botnets have been eunuchs. Ball-less kids
    unwilling to take a shot at the botnets.
    Lacking in any intestinal fortitude.

    The failure of the WWW paradigm lies with
    the Operating systems. MicroSoft continues
    to focus on bells and whistles rather than core
    security.

    This lack of security on the WWW puts civilization
    as we know it at risk.



    The recent attacks by Anonymous point to 
    the desire to destroy without consideration
    Anonymous so has al qaeda duped Islam.


    The paradigm to bring down the whole
    system is there, the desire is there, 
    and we have seen proofs of concept.
    Its only a matter of time.

    Security Vendors are an epic fail,
    they are not capable of securing MS
    operating system.

    The hackers have won, 
    the "coup de gras" just has not yet
    been administered yet.

    We are sheep awaiting the slaughter.
    Buying snake oil security suites.

    Naked with our Heads buried in the Sand.




    We must pay attention to the security
    Context, and start a crash program
    for a secure OS.



    Gerald
    War Anthropologist
    Tactical Internet Systems analyst.
    .

    0 Comments:

    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home