Missed lesson of Stuxnet.

This blog set to display 20 days of posts. Sorry Blogspot only shows 3 days, waiting for a Google fix, G

Missed lesson of Stuxnet.

While everyone is focused on the Threat

many have missed the context.

This type of WMD can only be programed

by a State because of the cost, time and expertise

to develop it.

Stuxnet was conceived to by pass all anti-virus

and anti-malware system. And it successfully did

so. No known security suite could stop it.

Iran and the Security Vendors can't get rid of it.

Iran has tried for 5 months now to rid its computer

systems of stuxnet, and only achieved momentary

success.

It can infect computers not connected to the WWW.

This context says the paradigm for computer security

is a total failure.

The security vendors turn out to be "patent medicine"

purveyors, Sellers of nostrum remedium, snake oil.

Proof of concept, there is NO security on the WWW

for computers.

Further proof even Google caretaker of the worlds

biggest data base, holder of humankind's personal

secrets couldn't stop Chinese hackers. I'm convinced

it was an inside job. Google is so big, world wide in scope

of servers, even knowing where to go to steal prime code

had to have inside info. Spys inside Google is a National 

Security risk.

Google's foreign Spys

The Pentagon and Sate Dept. couldn't keep hackers

out. they sat inside DOD for 3 days just observing.

These proof of concept attacks portend a massive

cyber strike crippling not only a state but our civilization.

Our seminal song a dos attack on the WWW nodes,

song we have been singing since 2007, goes unheard.

As US cyber forces continue to focus on defending

intranets, leaving the WWW unprotected.

Internet Anthropologist Think Tank: 

CYBERWARS's Pearl Harbour

These capable US cyber forces will find themselves

behind a well defended intranet un-connected to

any thing else, with the WWW down, in effect an

useless safe intranet without connections to the

outside world.

Conflicker is such a botnet capable of bringing

down the WWW with an attack on the nodes.

And Conflicker continues unabated. Security

vendors unable to take it down for over 3 yrs

now. And researchers able to penetrate some

botnets have been eunuchs. Ball-less kids

unwilling to take a shot at the botnets.

Lacking in any intestinal fortitude.

The failure of the WWW paradigm lies with

the Operating systems. MicroSoft continues

to focus on bells and whistles rather than core

security.

This lack of security on the WWW puts civilization

as we know it at risk.

The recent attacks by Anonymous point to 

the desire to destroy without consideration

for the cause. Just as Wikileaks has duped

Anonymous so has al qaeda duped Islam.

The paradigm to bring down the whole

system is there, the desire is there, 

and we have seen proofs of concept.

Its only a matter of time.

Security Vendors are an epic fail,

they are not capable of securing MS

operating system.

The hackers have won, 

the "coup de gras" just has not yet

been administered yet.

We are sheep awaiting the slaughter.

Buying snake oil security suites.

Naked with our Heads buried in the Sand.

We must pay attention to the security

Context, and start a crash program

for a secure OS.

Gerald

War Anthropologist

Tactical Internet Systems analyst.

.