1. Home
  2. General Telecommunications Forum
  3. The heart of Stuxnet [telecom]

The heart of Stuxnet [telecom]

Here's an article from Wired: "A Four-Day Dive Into Stuxnet's Heart"

formatting link
Those in the know says that the Stuxnet worm is a game-changer in cyber-security. Althought apparently aimed at Iran's nuclear processing efforts, the same principles and practices could be use to compromise the ever-more-computer-dependent telecommunications networks.

Bill Horne (Filter QRM for direct replies)

-- "I've been up and down this highway, far as my eye can see No matter how fast I run, I can never seem to get away from me". - Jackson Browne

Reply to
Bill Horne
Loading thread data ...

If a road vehicle had the same ongoing quantity of potentially disastrous flaws as is inherent in *all* versions of Microsoft Windows, I would contend that it would be immediately banned from the public roads.

This sort of thing could be used to compromise virtually any utility - power, telecommunications, water etc. - that are silly enough to use these inherently unsafe platforms.

For all the inefficiencies and expense of the older telecoms equipment with their individual operating systems, they at least were not vulnerable to widespread attacks now available because of the "convenience" of using a common platform.

Reply to
David Clayton

In the commercial or business or military leadership communities -- not just in the IT parts of those organizations, but in their senior leadership and administrative circles (corporate presidents, CEOs, CFOs, Generals, Admirals) -- is it explicitly considered to be professionally unacceptable and unethical to use Windows software in _any_ mission-critical aspects of their organizations?

Should it be?

Reply to
AES

IMHO, Windows platforms should not be used for mission-critical systems.

It also should not be used in unattended applications. More than once, I have seen the Windoes Blue Screen of Death on unattended information kiosks. A few years ago, I saw it on the electronic sign of a casino.

Richard

Reply to
Richard

Maybe if the tech-heads specifically pointed out that these things were inherently insecure, and using them would open up their organisations to all sort of vulnerabilities, then perhaps they may not be used?

I would imagine that there are multiple issues here, firstly the information being made clear by those who know, secondly whether it is either disregarded (or covered up) on its way to the top, and thirdly if those at the top care enough to take notice.

Reply to
David Clayton

I've seen this and other various Windows errors on the flight boards at airline terminals. Makes you wonder if they use the same systems for more critical applications?

Reply to
annie

They use Windows because that's the platform most developers are trained to use, there are a plethora of development tools available, with stuff like .net available prototyping and development is quick and there's broad platform support already cooked in. In other words, the development and maintenance cost is considerably less than would be the case for a more appropriate embedded OS like QNX or VxWorks.

Contract bids only care about initial up-front costs. Same for internal development projects. Subsequent issues are someone else's problem.

john-

Reply to
jmeissen

On Fri, 07 Jan 2011 10:41:25 -0800, jmeissen wrote: ........

Sounds like the summary of the Gulf oil spill report, don't it?

Reply to
David Clayton

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.