Thursday, September 30, 2010

Stuxnet Finger-Wagging

"Stuxnet worm + Iran + mainstream media = Global nuclear meltdown," says Woody Leonhard of InfoWorld Tech Watch. His subhead reads, "What's wrong with the wild-eyed speculation in mainstream coverage of the Stuxnet worm? Let me count the ways."

Your headline writer forgot about the Israel aspect, Woody, but we get your point. And thanks. This is a sensible reminder of the known unknowns, to put it mildly.

As an aside, see also a related piece, via the above, which is kind of comical at first glance, but does speak to something everyone should find nearly as troubling as the sad reality that Windows-based computers continue to be deployed in highly critical applications: "Siemens warns users: Don't change passwords after worm attack/The worm uses a default password that, if changed, could crash Siemens' large-scale industrial automation systems."

I don't know how many of you have read Cliff Stohl's great book The Cuckoo's Egg, but if you have, you'll recall that one of the takeaways was this: the guy he caught breaking into all of those military computers was doing so, in large part, by trying default system passwords.

This was more than twenty years ago.


Which is not at all to say that The Cuckoo's Egg is not still well worth your time. Besides the strong suggestion from above that some of the same problems persist, it is a hugely entertaining read if you like any sort of detective story.

(h/t: KK and LK, via email)

No comments: