undefined | Better HN

0 pointsstickfigure6y ago0 comments

I don't think Stuxnet forfeits the moral high ground. It was narrowly focused on attacking a specific military project. It's exactly the kind of thing I want the CIA (or whatever) doing, especially if the alternative is sending bombs.

State sponsored attempts to hack public network infrastructure fit into a totally different category. These are not the same.

0 comments

A2017U16y ago

Before stuxnet Iran had absolutely no cyber capabilities. In the years following it they have built some of the most formidable offensive teams on the planet.

There's plenty of literature on this. Whoever created stuxnet created another monster too.

stickfigureOP6y ago

You imply that without Stuxnet, Iran would not have developed these capabilities. That seems improbable. At some point every "bad actor" is going to realize the possibilities of cyber warfare - even if just for ransomware revenue - and want in on the gold rush.

A2017U16y ago

I'll bet everything I have that they wouldn't have anywhere near the capability they now have in $currentyear after stuxnet.

From what we know the US was doing everything possible to be restrained about this stuff, keep it on the downlow as is the way, and history has shown they were very much right. It's insane what's happened in the aftermath.

We created a monster. We really did. It's clear to anyone watching.

gdy6y ago

And why is it ok to attack another country's military project in the peace time?

There are plenty of American military projects that deeply worry other countries.

stickfigureOP6y ago

I challenge you to name any American military project that is as worrisome as Iran's 'Supreme Leader of the Islamic Revolution' having control of a nuclear weapon.

gdy6y ago

Challenge accepted.

"The US nuclear forces modernization program has been portrayed to the public as an effort to ensure the reliability and safety of warheads in the US nuclear arsenal, rather than to enhance their military capabilities. In reality, however, that program has implemented revolutionary new technologies that will vastly increase the targeting capability of the US ballistic missile arsenal. This increase in capability is astonishing—boosting the overall killing power of existing US ballistic missile forces by a factor of roughly three—and it creates exactly what one would expect to see, if a nuclear-armed state were planning to have the capacity to fight and win a nuclear war by disarming enemies with a surprise first strike."

https://thebulletin.org/2017/03/how-us-nuclear-force-moderni...

stickfigureOP6y ago

Box 1: A large western democracy with a free press, who has possessed nuclear weapons since their invention 75 years ago. Has been fully capable of destroying the world all that time... and hasn't. Wants to upgrade existing weapons.

Box 2: A small theocratic dictatorship, ruled by a Supreme Leader for life, who has been at constant war with its neighbors for pretty much all of modern history and still openly calls for the obliteration of some of them. It's a place where people are executed for adultery and homosexuality, and until recently the preferred method was stoning. After losing a half-million people in human wave attacks during its last big war, the country's Supreme Leader wants a bigger badder boom.

If these two things are the same in your mind, you are so far outside the bounds of rational thought that I'll just have to assume you're trolling.

1 more reply

jfnixon6y ago

Let's see if I have this straight... the US is increasing the precision of its nuclear weaponry to use against military targets, and that's as bad as Iran's program to acquire nuclear weaponry (in violation of the NPT) and long range rockets?

1 more reply

SiempreViernes6y ago

Meh, it merely caused delays in peacetime so its lasting legacy will be the official declaration of world wide cyber war. The actual "victory" over the Iranian, nuclear program starts in 2013, and was embodied by the JCPOA signed in 2015 (entering to force 2016), before the USA decided to violate it in 2018.

As other pointed out, before stuxnet cyberwarfare wasn't as firmly acknowledged as an official arena, so this type of high profile attack on unprotected target is something you get to do once, and the CIA used it to toot its own horn basically.

I expect it was much like the Manhattan project: they spent all that time developing a weapon so when it came time to use it there wasn't much reflection about how to employ it strategically.

jfnixon6y ago

The JCPOA was not signed by the US, so it is hard to understand how it is 'violating' the agreement. The US has a process for obligating the country to observe treaties and agreements. Treaties and agreements become binding only upon Senate ratification. That didn't happen.

joshuaissac6y ago

The agreement was signed on behalf of the US by John Kerry. See here: https://commons.wikimedia.org/wiki/File:JCPOA_Signatures.png It is the first one directly under the word "Action".

mmrezaie6y ago

> It was narrowly focused on attacking a specific military project.

Stuxnet targeted some common industrial controllers being sold not only to Iran, and one usage was the control flows on the dams. Basically it just caused the control flow gates to jam. This one that I know of is not military at all!

belorn6y ago

I tried to find a source for your claim but the best I could find was a study that said that future PLCs attacks could include targets like dams.

The stuxnet targeted parameters was Siemens S7-300, connected with a Vacon or Fararo Paya PLC, spinning between 807 Hz and 1,210 Hz. It then periodically modified the frequency to 1,410 Hz and then to 2 Hz and then to 1,064 Hz.

What specific dam had their control flow gates jammed because of this? Please provide name, date and optionally a link.

j / k navigate · click thread line to collapse

0 comments

A2017U16y ago

Before stuxnet Iran had absolutely no cyber capabilities. In the years following it they have built some of the most formidable offensive teams on the planet.

There's plenty of literature on this. Whoever created stuxnet created another monster too.

stickfigureOP6y ago

A2017U16y ago

I'll bet everything I have that they wouldn't have anywhere near the capability they now have in $currentyear after stuxnet.

We created a monster. We really did. It's clear to anyone watching.

gdy6y ago

And why is it ok to attack another country's military project in the peace time?

There are plenty of American military projects that deeply worry other countries.

stickfigureOP6y ago

I challenge you to name any American military project that is as worrisome as Iran's 'Supreme Leader of the Islamic Revolution' having control of a nuclear weapon.

gdy6y ago

Challenge accepted.

https://thebulletin.org/2017/03/how-us-nuclear-force-moderni...

stickfigureOP6y ago

If these two things are the same in your mind, you are so far outside the bounds of rational thought that I'll just have to assume you're trolling.

1 more reply

jfnixon6y ago

1 more reply

SiempreViernes6y ago

I expect it was much like the Manhattan project: they spent all that time developing a weapon so when it came time to use it there wasn't much reflection about how to employ it strategically.

jfnixon6y ago

joshuaissac6y ago

The agreement was signed on behalf of the US by John Kerry. See here: https://commons.wikimedia.org/wiki/File:JCPOA_Signatures.png It is the first one directly under the word "Action".

mmrezaie6y ago

> It was narrowly focused on attacking a specific military project.

belorn6y ago

I tried to find a source for your claim but the best I could find was a study that said that future PLCs attacks could include targets like dams.

What specific dam had their control flow gates jammed because of this? Please provide name, date and optionally a link.

j / k navigate · click thread line to collapse