|
REPLY TO THREAD
|
|
Subject
|
Stuxnet: For those of you who don't follow the Full-Disclosure digest, a daily mailing list of computer exploits and theories etc. Take from it w
|
|
User Name
|
|
|
|
|
|
|
| Font color:
Font:
|
|
|
|
|
|
Original Message
|
Copy/pasted from the newsletters:
----------------------------------------
Message: 2
Date: Thu, 29 Jul 2010 10:49:25 -0700
From: coderman <[email protected]>
Subject: [Full-disclosure] the real stuxnet authors plz stand up
To: Full Disclosure <[email protected]>
Message-ID:
<[email protected]>
Content-Type: text/plain; charset=ISO-8859-1
stuxnet is strategic, and misleading. ... red team off roading?
cybercommand grinning ear to ear, revoked sig mitigates for licensed
and vigilant users while Iran and other distrustfuls remain
particularly exposed, what splendifortuitousness! tis easier to seek
forgiveness ...
one of you two of eight snitches knows the details, full-disclosure! [0]
0. "Blowing the Whistle on the Snitch Racket"
[link to cryptome.org]
e.g. Pulling a Lamo, etc.
( in particular, detail sufficient to buttress commentary on
100721305-0305-01. wonder what lucre load that's tagged by wapo, if
they're watching... when does sunshine press pick up that metric? )
------------
------------------------------
Message: 3
Date: Fri, 24 Sep 2010 20:35:44 -0700
From: coderman <[email protected]>
Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
To: Full Disclosure <[email protected]>
Message-ID:
<[email protected]>
Content-Type: text/plain; charset=ISO-8859-1
On Thu, Jul 29, 2010 at 10:49 AM, coderman <[email protected]> wrote:
> stuxnet is strategic, and misleading. ... red team off roading?
> ...
> one of you two of eight snitches knows the details, full-disclosure! [0]
h0 h0 h0!
this gift keeps on giving...
no more for me thanks.
e4ffa4d8cb70e97af381aea2232d1064b51ecf9bdcd70824fe4675679d9fbf93
------------------------------
Message: 4
Date: Fri, 24 Sep 2010 21:00:08 -0700
From: coderman <[email protected]>
Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
To: Full Disclosure <[email protected]>
Message-ID:
<[email protected]>
Content-Type: text/plain; charset=ISO-8859-1
natanz focus, not bushehr.
costs and delays to both sites a bonus...
(everyone else, well, you're collateral damage that learned a valuable
lesson, right? :)
------------------------------
Message: 5
Date: Fri, 24 Sep 2010 22:57:35 -0700
From: coderman <[email protected]>
Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
To: Full Disclosure <[email protected]>
Message-ID:
<[email protected]>
Content-Type: text/plain; charset=ISO-8859-1
On Thu, Jul 29, 2010 at 10:49 AM, coderman <[email protected]> wrote:
> stuxnet is strategic, and misleading...
misleading because the failures induced in target present as
inefficiencies and mechanical fatigue in centrifuge process; intent is
to cast suspicion and resources on manufacturing and/or assembly of
centrifuge hardware as cursory checks of digital systems (data
presumably acquired from floor) return normative.
good game, sirs!
target spends dollars and weeks/months pursuing errors in physical
supply and installation paths en-route to / on site, all the while the
wear is digitally done; out of sight, out of mind...
this game (offensive, methodical, precision targeted high-assurance
malware) is an odd sort of global-actor assasination politik. like
china blasting sats in space, it was bound to happen sooner or later
:P
------------------------------
Message: 6
Date: Fri, 24 Sep 2010 23:30:06 -0700
From: coderman <[email protected]>
Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
To: Full Disclosure <[email protected]>
Message-ID:
<[email protected]>
Content-Type: text/plain; charset=ISO-8859-1
On Fri, Sep 24, 2010 at 10:57 PM, coderman <[email protected]> wrote:
> On Thu, Jul 29, 2010 at 10:49 AM, coderman <[email protected]> wrote:
>> stuxnet is strategic, and misleading...
>
> misleading because the failures induced in target present as
> inefficiencies and mechanical fatigue in centrifuge process...
Qom also hit - the fingerprinting mechanism is essentially mapped to
form and function, rather than specific instance. That is to say, the
Qom centrifuge enrichment deployment is sufficiently similar in
devices and software applied (WinCC, 6ES7-417, 6ES7-315-2, etc.) as to
also fall under precision targeting.
yay full disclosure.
0x04
------------------------------
Message: 7
Date: Sat, 25 Sep 2010 00:54:23 -0700
From: coderman <[email protected]>
Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
To: [email protected]
Cc: Full Disclosure <[email protected]>
Message-ID:
<[email protected]>
Content-Type: text/plain; charset=ISO-8859-1
On Fri, Sep 24, 2010 at 11:48 PM, Kenneth Voort <[email protected]> wrote:
> Get real...
i did not say bushehr was not impacted; a side effect of the re-use of
same real-time PLC workflow controller there resulted in cluster fuck
and non-operation.
however, the target was centrifuges and in this regard, it worked
perfectly: the only outward signs of interest at natanz and qom while
affected was then un-explained 2x to 4x under-yield from the
cascades... the running total spinning looked nice though - steady
progress! heh
in any case, you confuse me with someone who has something to say.
really EOT this time...
------------------------------
----------------------------------------------------------------------
Message: 1
Date: Sat, 25 Sep 2010 06:48:26 +0000
From: "Kenneth Voort" <[email protected]>
Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
To: "coderman" <[email protected]>,
[email protected], "Full Disclosure"
<[email protected]>
Message-ID:
<415269286-1285397308-cardhu_decombobulator_blackberry.rim.net-442219815-@bda2043.bisx.prod.on.blackberry>
Content-Type: text/plain
Get real...
Kenneth Voort
[email protected] | 647.987.5381
-Sent from my handheld.
-----Original Message-----
From: coderman <[email protected]>
Sender: [email protected]
Date: Fri, 24 Sep 2010 22:57:35
To: Full Disclosure<[email protected]>
Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
On Thu, Jul 29, 2010 at 10:49 AM, coderman <[email protected]> wrote:
> stuxnet is strategic, and misleading...
misleading because the failures induced in target present as
inefficiencies and mechanical fatigue in centrifuge process; intent is
to cast suspicion and resources on manufacturing and/or assembly of
centrifuge hardware as cursory checks of digital systems (data
presumably acquired from floor) return normative.
good game, sirs!
target spends dollars and weeks/months pursuing errors in physical
supply and installation paths en-route to / on site, all the while the
wear is digitally done; out of sight, out of mind...
this game (offensive, methodical, precision targeted high-assurance
malware) is an odd sort of global-actor assasination politik. like
china blasting sats in space, it was bound to happen sooner or later
:P
------------------------------
Message: 8
Date: Mon, 4 Oct 2010 12:02:21 +0200
From: huj huj huj <[email protected]>
Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
To: coderman <[email protected]>
Cc: Full Disclosure <[email protected]>
Message-ID:
<[email protected]>
Content-Type: text/plain; charset="iso-8859-1"
coderman its puff puff pass.. you smoked the whole thing!
2010/9/25 coderman <[email protected]>
> On Fri, Sep 24, 2010 at 11:48 PM, Kenneth Voort <[email protected]> wrote:
> > Get real...
>
> i did not say bushehr was not impacted; a side effect of the re-use of
> same real-time PLC workflow controller there resulted in cluster fuck
> and non-operation.
>
> however, the target was centrifuges and in this regard, it worked
> perfectly: the only outward signs of interest at natanz and qom while
> affected was then un-explained 2x to 4x under-yield from the
> cascades... the running total spinning looked nice though - steady
> progress! heh
>
> in any case, you confuse me with someone who has something to say.
> really EOT this time...
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: [link to lists.grok.org.uk]
> Hosted and sponsored by Secunia - [link to secunia.com]
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: [link to lists.grok.org.uk]
------------------------------
|
|
Pictures (click to insert)
|
 |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  | | | Next Page >> |
|
