Stuxnet: The Curious Incident of the Second Certificate

[Marc]

Stuxnet: The Curious Incident of the Second Certificate

William Ockham shares some interesting thoughts about the Stuxnet virus.

From the article: "The revocation of the first certificate by VeriSign didn’t change any of that. Windows will happily and silently install drivers with revoked signatures. Believe it or not, there are actually good reasons for Windows to install drivers with revoked signatures. For example, Realtek is an important manufacturer of various components for PCs. If Windows refused to install their drivers after the certificate was withdrawn, there would be a whole lot of unhappy customers."

 

[Gert Sorensen]

Interesting article. Does make one think a bit more about the roots of internet evil. Qui bono??

 

[Marc]

Well, Stuxnet wasn't really an internet 'virus'. It was made to essentially reprogram industrial equipment containing Siemens S7-300 systems and its associated modules via USB flash drives in Windows PCs so home/business PCs weren't a target - Unless you have a PC controlling something with one or more Siemens PLC(s).

Stuxnet

US + Israel = Stuxnet = Screw up Iran's centrifuges is the most prominent theory.

 

[MIREGMGR]

Particularly because the reprogramming was highly specific to that type of PLC controlling a particular drive system that's powering a particular design of centrifuge, with critical speeds and resonances that are characteristic of the Khan design used by Iran.

As far as is known, only Iran, probably North Korea and maybe still Pakistan are using that design of centrifuge, and possibly Iran has the only combination of that PLC, that drive and that centrifuge design.