flat assembler
Message board for the users of flat assembler.

Index > Heap > Russian cosmonaut accidentally infected ISS w/ stuxnet

Author
Thread Post new topic Reply to topic
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
http://www.theatlanticwire.com/global/2013/11/russian-cosmonaut-accidentally-infected-iss-stuxnet/71470/

So what's the Kaspersky guy thinking right now? He wants to make anti-malware for space stations.

Striking fear into your hearts like never before. I thought it was just funny. I mean don't they have special computers for these kinds of things. But then of course in soviet Russia, space stations infect malware.

Now we all know where Stuxnet came from, is this cyber war? Rolling Eyes

So whoever uses SIEMENS hardware should now ditch them, another loss perhaps?
Post 12 Nov 2013, 15:05
View user's profile Send private message Reply with quote
cod3b453



Joined: 25 Aug 2004
Posts: 619
cod3b453
IIRC the ISS is full of off-the-shelf IBM thinkpads with Windows on them, so this is going to happen sooner or later if they're allowing anyone to bring any USB stick along.
Post 12 Nov 2013, 18:06
View user's profile Send private message Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr
: Đ lolz funny shit.
Post 12 Nov 2013, 21:23
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17273
Location: In your JS exploiting you and your system
revolution
It seems to me to be very similar to running Java, flash and/or JS in a web page. When USB devices can run code automatically without any prompting this is why we have such easy vectors for the spread of malicious code. In the desperate desire for companies to pander to the LCD by making things "simpler" we end up making things less secure and less trustworthy. Perhaps we need to go back to the time when computers were programmed by flicking switches on the front panel. Question
Post 12 Nov 2013, 21:58
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
revolution wrote:
It seems to me to be very similar to running Java, flash and/or JS in a web page. When USB devices can run code automatically without any prompting this is why we have such easy vectors for the spread of malicious code. In the desperate desire for companies to pander to the LCD by making things "simpler" we end up making things less secure and less trustworthy. Perhaps we need to go back to the time when computers were programmed by flicking switches on the front panel. Question


The funny thing is this autorun exploit is so old it goes back to XP.
As I recall it's automatically disabled on Windows7 so I'm guessing they're using an outdated OS.
Post 12 Nov 2013, 23:30
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17273
Location: In your JS exploiting you and your system
revolution
On all new computers I run this with regedit:
Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveAutoRun"=dword:03ffffff    
Post 12 Nov 2013, 23:49
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17273
Location: In your JS exploiting you and your system
revolution
typedef wrote:
The funny thing is this autorun exploit is so old it goes back to XP.
It goes back further than that.
Post 12 Nov 2013, 23:50
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
Maybe instead of spending on counter measures organizations should spend more time institutionalizing computer literacy to at least the basic level of turning on/off a computer. From 1st grade up, teach kids how to actually and safely use a computer(like revolution).

Computer for dummies? Who wants to spend time reading a book when someone can explain better and better yet be able to answer related questions.
Post 13 Nov 2013, 04:51
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4237
Location: 2018
edfed
i wonder if there is a copy of fasmw in the iss....
Post 13 Nov 2013, 17:59
View user's profile Send private message Visit poster's website Reply with quote
matefkr



Joined: 02 Sep 2007
Posts: 1291
Location: Ukraine, Beregovo
matefkr

this is very grotesque u do realize.
Post 13 Nov 2013, 18:28
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
edfed wrote:
i wonder if there is a copy of fasmw in the iss....


If they use a supported architecture maybe. ..
Post 13 Nov 2013, 22:45
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8897
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
imagine if this forum is accessed by astronauts from outerspace, ISS, kinda cool if you start imagine. =)
Post 13 Nov 2013, 23:01
View user's profile Send private message Reply with quote
Fixit



Joined: 22 Nov 2012
Posts: 161
Fixit
Stuxnet was made to overload a centrifuge and destroy it.

Sounds like the Russians ignored a number of safety protocols in getting the Space Station and a nuclear plant infected. Smile

Surely
Post 16 Nov 2013, 16:53
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.