SBS - The Best Value in QMS software

Stuxnet: The Curious Incident of the Second Certificate

Marc

Fully vaccinated are you?
Staff member
Admin
#1
Stuxnet: The Curious Incident of the Second Certificate

William Ockham shares some interesting thoughts about the Stuxnet virus.

From the article: "The revocation of the first certificate by VeriSign didn’t change any of that. Windows will happily and silently install drivers with revoked signatures. Believe it or not, there are actually good reasons for Windows to install drivers with revoked signatures. For example, Realtek is an important manufacturer of various components for PCs. If Windows refused to install their drivers after the certificate was withdrawn, there would be a whole lot of unhappy customers."
 
Elsmar Forum Sponsor
G

Gert Sorensen

#2
Interesting article. Does make one think a bit more about the roots of internet evil. Qui bono??
 

Marc

Fully vaccinated are you?
Staff member
Admin
#3
Well, Stuxnet wasn't really an internet 'virus'. It was made to essentially reprogram industrial equipment containing Siemens S7-300 systems and its associated modules via USB flash drives in Windows PCs so home/business PCs weren't a target - Unless you have a PC controlling something with one or more Siemens PLC(s).

Wikipedia reference-linkStuxnet

US + Israel = Stuxnet = Screw up Iran's centrifuges is the most prominent theory.
 
M

MIREGMGR

#4
Particularly because the reprogramming was highly specific to that type of PLC controlling a particular drive system that's powering a particular design of centrifuge, with critical speeds and resonances that are characteristic of the Khan design used by Iran.

As far as is known, only Iran, probably North Korea and maybe still Pakistan are using that design of centrifuge, and possibly Iran has the only combination of that PLC, that drive and that centrifuge design.
 
Thread starter Similar threads Forum Replies Date
M Interesting Discussion Curious old drawings about electrical shock and safety IEC 60601 - Medical Electrical Equipment Safety Standards Series 1
I Curious if a List of Current Standards Revisions Exsists Other Medical Device Related Standards 3
Marc The Strange & Curious Tale of the Last True Hermit Coffee Break and Water Cooler Discussions 0
A Elsmar's Social Group "Mexican Curious" reached 100 Members Coffee Break and Water Cooler Discussions 8
G Implementing Taguchi Loss Function in COQ - A Curious Case Misc. Quality Assurance and Business Systems Related Topics 1
GStough Anyone Else Curious About the Loremo? World News 8
M Ford Team Center - Ford Supplier - I am curious as to what is involved Supplier Quality Assurance and other Supplier Issues 4
S Curious - Are there many Software Developers who visit this forum? Software Quality Assurance 17
T Using SPC for DOE - Just Curious Statistical Analysis Tools, Techniques and SPC 2
R Not every INCIDENT report will lead to a corrective action EU Medical Device Regulations 6
M Vigilance - incident found in an article EU Medical Device Regulations 3
F Risk for Quality Assurance Department in a Hospital - Hospital Incident Reporting ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
M Informational EU – Manufacturer incident report (MIR) for serious incident- template 2020 (Directives and new regulations) version 7.2 and related documents Medical Device and FDA Regulations and Standards News 2
M Informational TGA – Medical device incident reporting (MDIR) guide Medical Device and FDA Regulations and Standards News 0
I How to handle pending FSN when incident happens? EU Medical Device Regulations 1
J Circadian Software Accident/Incident Analysis Business Continuity & Resiliency Planning (BCRP) 1
M Informational Manufacturer Incident Report (MIR) for Serious Incidents (MDR/IVDR) and Incidents (MDD/IMDD/IVDD) Medical Device and FDA Regulations and Standards News 5
JoCam Incident Reporting MHRA (Medical & healthcare regulatory agency) EU Medical Device Regulations 3
E Incident Report or Nonconformance Report for Equipment Failure? Quality Manager and Management Related Issues 5
L OHSAS 18001 Participation and Consultation - Incident investigation under 4.4.3.2 Occupational Health & Safety Management Standards 15
A Customer Complaint - Incident Reporting Hardcopy Signoff Customer Complaints 8
V Is non-conformance (incident) required for any observation in equipment qualification Nonconformance and Corrective Action 5
V How long can a development stage incident be open? Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 4
S Incident Investigation Procedure for Critique Document Control Systems, Procedures, Forms and Templates 3
M What Indicator should we use to follow Incident Containment Nonconformance and Corrective Action 2
T Information System Security (infosec) Incident Form - Looking for samples IEC 27001 - Information Security Management Systems (ISMS) 4
V Should there be a incident/deviation for breakdown or missed calibration date? Nonconformance and Corrective Action 7
Richard Regalado ISO 27035:2011 Infosec Incident Management - Hot Off the Grill! IEC 27001 - Information Security Management Systems (ISMS) 0
P Incident Reporting or a Complaint? IEC 27001 - Information Security Management Systems (ISMS) 9
K Incident Investigation vs. Root Cause Analysis ? What?s the difference? Customer Complaints 16
C Accident And Incident Investigation and Report procedure example wanted Miscellaneous Environmental Standards and EMS Related Discussions 6
S Qantas Airbus incident - What really happened? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
S Is an accident an 'incident' or a 'nonconformance? Occupational Health & Safety Management Standards 29
P Transparency / Reciprocity - Medical device incident reported in the EU 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
L Looking for Incident/Change/Problem Management Audit Checklist Document Control Systems, Procedures, Forms and Templates 3
A Looking for an FDA MDR/Incident Report Decision Tree ISO 13485:2016 - Medical Device Quality Management Systems 6
C Safety issue help - Request a Corrective Action (CA) for Safety Incident? Preventive Action and Continuous Improvement 9
M ISO 14001 Incident Reporting Procedure ISO 14001:2015 Specific Discussions 6

Similar threads

Top Bottom