Schneier on Security: Stuxnet

Reading time ~1 minute

From Schneier on Security: Stuxnet:

Computer security experts are often surprised at which stories get picked up by the mainstream media. Sometimes it makes no sense. Why this particular data breach, vulnerability, or worm and not others? Sometimes its obvious. In the case of Stuxnet, theres a great story.

As the story goes, the Stuxnet worm was designed and released by a government--the U.S. and Israel are the most common suspects--specifically to attack the Bushehr nuclear power plant in Iran. How could anyone not report that? It combines computer attacks, nuclear power, spy agencies and a country thats a pariah to much of the world. The only problem with the story is that its almost entirely speculation.

What strikes me about the Stuxnet story is that it's really "nothing new." Yes there were some new zero-day vulnerabilities found. However, a virus that propagates by rogue USB keys? Didn't we learn anything from the 1980s when viruses propagated by floppy disks?

How Long is Long Enough for a Password?

As much as we might want to see different authentication methods available, passwords aren't going anyway anytime soon. This means a sign...… Continue reading

Cloudflares with a Chance of Goatse

Published on February 24, 2017

Automation, Orchestration, and The Cloud

Published on January 04, 2017