To get notices of new blogs via email, click here:

Monday, March 19, 2012

15 months ago, I predicted the authorship of Stuxnet & Duqu

Egads, 15 months ago—on December 6, 2010—I posted the following:
I BELIEVE THE STUXNET VIRUS was created by a lone male individual who is at least 60 years old and is working for British Intelligence, supported by U.S., German and Israeli intelligence. One of the features of any A.I. inference engine is the ability to ask it "why" it made such an inference. So in keeping with that protocol, I'll answer the "why" question. Of course, you'll see just how fuzzy my logic truly is. First, the location and frequency of countries following this blog leads me to those players: the USA, the UK, Israel and Germany, in that order. Of course, hackers from other countries could be using compromised servers in my suspect countries to make their queries, but I'm placing my bet on these four main players. My second reason for asserting that a single individual wrote Stuxnet is my long experience in the software business. Nothing truly genius ever came out of a committee or even a team. Nothing. And by all accounts, Stuxnet is not just good. It's genius. The kind of genius, by the way, that had to evolve with the industry since the beginning of the minicomputer revolution. Which would make my virus genius at least 60 years old. Finally, my assertion of male gender. Sorry ladies, but I have yet to see, meet or hear about a decent female hacker. And certainly not a world-class hacker. If I'm wrong, let me know and I'll make a public and abject apology. As my mother never said (but should have), I'm frequently wrong but never in doubt.
Either it's a slow news day, or the media is recycling old stuff because they don't have a new story. Computerworld reports today that a Kaspersky Labs researcher says Duqu may have been written by "experienced, old school programmers." I may have been wrong about an old-school Brit being the author, as the time-out of both Stuxnet and Duqu smacks (according to Richard Clarke) of American Congressional legal oversight, but "old school" rings true. Heck, my greatest programming achievements were in assembly language, and I don't think the new generation has the least appreciation of the real genius that can be unleashed by a gifted bit-diddler who's "gone native" with assembly language.

My old buddy Joseph from Spain is on the case. He solved the FBI's "unsolvable problem." It's only a matter of time before this Genius of the First Waters unveils the Duqu "old guys." Eh, Joseph?

2 comments:

  1. Hello:

    + Sometimes the "new" is something old and forgotten (and i am not talking about Paris or Milan Fashion). It is a common characteristic of a University or Experimental laboratory.

    + SIEMENS has two research laboratories in Germany and United States.

    + Stuxnet is very large and complicated as they say:
    "IRISH MAN WHO DECIPHERED THE CYBER-VIRUS ATTACK ON IRAN" - irishtime.com - saturday, March 17_2012 - by Lara Marlowe. (from twitter: @Meir_J -Meir Javendafar-).

    + If i understand correctly:

    -The centrifuges were disordered neatly

    -Stuxnet began an orderly process of desynchronization of the control system to operate industrial machinery know as SCADA.

    -The creators of STUXNET must necessarily have had advanced knowledge menagement industrial system called SCADA distributed by SIEMENS under the name Simatic WinCC.

    -Iranian scientist say STUXNET shipping information on IT systems operated on computers located in Texas (US).

    -Some people say STUXNET a virus, other than a worm; it seems to me that is a negative update (perhaps OUTDATENESS, DOWGRADE or DEGRADATION).

    -The language used must be compatible or equal with the machine and the manufacturing process required: a ASSEMBLY LANGUAGES.

    -This language is currently used in academic and research environments especially when it requires direct hardware manipulation, high yields or use of controlled and limited resources.

    -Anyway the author knows very well the SIEMENS SCADA system.

    bye.

    ReplyDelete
  2. Hello

    + From Houston, Texas, EE UU, this is a video showing STUXNET in action:

    http//www.tofinosecurity.com/sites/default/files/flash/Stuxnet_Demo_ENGlobal.swf

    +Texas is the motherland of Stuxnet?

    Bye.

    ReplyDelete

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?