REPLY TO THREAD
|
Subject
|
Stuxnet: For those of you who don't follow the Full-Disclosure digest, a daily mailing list of computer exploits and theories etc. Take from it w
|
User Name
|
|
|
|
|
Font color:
Font:
|
|
|
|
Original Message
|
Copy/pasted from the newsletters: ----------------------------------------
Message: 2 Date: Thu, 29 Jul 2010 10:49:25 -0700 From: coderman <[email protected]> Subject: [Full-disclosure] the real stuxnet authors plz stand up To: Full Disclosure <[email protected]> Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1
stuxnet is strategic, and misleading. ... red team off roading?
cybercommand grinning ear to ear, revoked sig mitigates for licensed and vigilant users while Iran and other distrustfuls remain particularly exposed, what splendifortuitousness! tis easier to seek forgiveness ...
one of you two of eight snitches knows the details, full-disclosure! [0]
0. "Blowing the Whistle on the Snitch Racket" [link to cryptome.org] e.g. Pulling a Lamo, etc.
( in particular, detail sufficient to buttress commentary on 100721305-0305-01. wonder what lucre load that's tagged by wapo, if they're watching... when does sunshine press pick up that metric? )
------------
------------------------------
Message: 3 Date: Fri, 24 Sep 2010 20:35:44 -0700 From: coderman <[email protected]> Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up To: Full Disclosure <[email protected]> Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1
On Thu, Jul 29, 2010 at 10:49 AM, coderman <[email protected]> wrote: > stuxnet is strategic, and misleading. ... red team off roading? > ... > one of you two of eight snitches knows the details, full-disclosure! [0]
h0 h0 h0!
this gift keeps on giving...
no more for me thanks.
e4ffa4d8cb70e97af381aea2232d1064b51ecf9bdcd70824fe4675679d9fbf93
------------------------------
Message: 4 Date: Fri, 24 Sep 2010 21:00:08 -0700 From: coderman <[email protected]> Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up To: Full Disclosure <[email protected]> Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1
natanz focus, not bushehr.
costs and delays to both sites a bonus...
(everyone else, well, you're collateral damage that learned a valuable lesson, right? :)
------------------------------
Message: 5 Date: Fri, 24 Sep 2010 22:57:35 -0700 From: coderman <[email protected]> Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up To: Full Disclosure <[email protected]> Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1
On Thu, Jul 29, 2010 at 10:49 AM, coderman <[email protected]> wrote: > stuxnet is strategic, and misleading...
misleading because the failures induced in target present as inefficiencies and mechanical fatigue in centrifuge process; intent is to cast suspicion and resources on manufacturing and/or assembly of centrifuge hardware as cursory checks of digital systems (data presumably acquired from floor) return normative.
good game, sirs! target spends dollars and weeks/months pursuing errors in physical supply and installation paths en-route to / on site, all the while the wear is digitally done; out of sight, out of mind...
this game (offensive, methodical, precision targeted high-assurance malware) is an odd sort of global-actor assasination politik. like china blasting sats in space, it was bound to happen sooner or later :P
------------------------------
Message: 6 Date: Fri, 24 Sep 2010 23:30:06 -0700 From: coderman <[email protected]> Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up To: Full Disclosure <[email protected]> Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1
On Fri, Sep 24, 2010 at 10:57 PM, coderman <[email protected]> wrote: > On Thu, Jul 29, 2010 at 10:49 AM, coderman <[email protected]> wrote: >> stuxnet is strategic, and misleading... > > misleading because the failures induced in target present as > inefficiencies and mechanical fatigue in centrifuge process...
Qom also hit - the fingerprinting mechanism is essentially mapped to form and function, rather than specific instance. That is to say, the Qom centrifuge enrichment deployment is sufficiently similar in devices and software applied (WinCC, 6ES7-417, 6ES7-315-2, etc.) as to also fall under precision targeting.
yay full disclosure.
0x04
------------------------------
Message: 7 Date: Sat, 25 Sep 2010 00:54:23 -0700 From: coderman <[email protected]> Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up To: [email protected] Cc: Full Disclosure <[email protected]> Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1
On Fri, Sep 24, 2010 at 11:48 PM, Kenneth Voort <[email protected]> wrote: > Get real...
i did not say bushehr was not impacted; a side effect of the re-use of same real-time PLC workflow controller there resulted in cluster fuck and non-operation.
however, the target was centrifuges and in this regard, it worked perfectly: the only outward signs of interest at natanz and qom while affected was then un-explained 2x to 4x under-yield from the cascades... the running total spinning looked nice though - steady progress! heh
in any case, you confuse me with someone who has something to say. really EOT this time...
------------------------------
----------------------------------------------------------------------
Message: 1 Date: Sat, 25 Sep 2010 06:48:26 +0000 From: "Kenneth Voort" <[email protected]> Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up To: "coderman" <[email protected]>, [email protected], "Full Disclosure" <[email protected]> Message-ID: <415269286-1285397308-cardhu_decombobulator_blackberry.rim.net-442219815-@bda2043.bisx.prod.on.blackberry>
Content-Type: text/plain
Get real... Kenneth Voort [email protected] | 647.987.5381
-Sent from my handheld.
-----Original Message----- From: coderman <[email protected]> Sender: [email protected] Date: Fri, 24 Sep 2010 22:57:35 To: Full Disclosure<[email protected]> Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up
On Thu, Jul 29, 2010 at 10:49 AM, coderman <[email protected]> wrote: > stuxnet is strategic, and misleading...
misleading because the failures induced in target present as inefficiencies and mechanical fatigue in centrifuge process; intent is to cast suspicion and resources on manufacturing and/or assembly of centrifuge hardware as cursory checks of digital systems (data presumably acquired from floor) return normative.
good game, sirs! target spends dollars and weeks/months pursuing errors in physical supply and installation paths en-route to / on site, all the while the wear is digitally done; out of sight, out of mind...
this game (offensive, methodical, precision targeted high-assurance malware) is an odd sort of global-actor assasination politik. like china blasting sats in space, it was bound to happen sooner or later :P
------------------------------
Message: 8 Date: Mon, 4 Oct 2010 12:02:21 +0200 From: huj huj huj <[email protected]> Subject: Re: [Full-disclosure] the real stuxnet authors plz stand up To: coderman <[email protected]> Cc: Full Disclosure <[email protected]> Message-ID: <[email protected]> Content-Type: text/plain; charset="iso-8859-1"
coderman its puff puff pass.. you smoked the whole thing!
2010/9/25 coderman <[email protected]>
> On Fri, Sep 24, 2010 at 11:48 PM, Kenneth Voort <[email protected]> wrote: > > Get real... > > i did not say bushehr was not impacted; a side effect of the re-use of > same real-time PLC workflow controller there resulted in cluster fuck > and non-operation. > > however, the target was centrifuges and in this regard, it worked > perfectly: the only outward signs of interest at natanz and qom while > affected was then un-explained 2x to 4x under-yield from the > cascades... the running total spinning looked nice though - steady > progress! heh > > in any case, you confuse me with someone who has something to say. > really EOT this time... > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: [link to lists.grok.org.uk] > Hosted and sponsored by Secunia - [link to secunia.com] > -------------- next part -------------- An HTML attachment was scrubbed... URL: [link to lists.grok.org.uk]
------------------------------
|
Pictures (click to insert)
|
| | | | | | | | | | | | | | | | | | | | | | | | | Next Page >> |
|