lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 06 Jun 2012 10:41:24 -0400
From: Laurelai <laurelai@...echan.org>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Obama Order Sped Up Wave of Cyberattacks
 Against Iran

On 6/5/12 2:52 AM, Alexander Georgiev wrote:
> http://en.wikipedia.org/wiki/Argument_from_ignorance
>
> Am 04.06.2012 21:01, schrieb Joel Esler:
>> So, a quote, from a book?  Isn't that kinda circular?
>>
>> Also, there are no quotes from anyone in the room and no one is
>> referenced except by association.  Not saying it's not true, but
>> there's nothing there that indicates it is. 
>>
>> The only people who will know if this is 100% true were in the Oval
>> Office at the time, and those people aren't going to be quoted in a
>> NYTimes article.  
>>
>> http://upload.wikimedia.org/wikipedia/commons/1/18/%22Citation_needed%22.jpg  
>>
>> -- 
>> Joel Esler
>>
>> On Monday, June 4, 2012 at 2:52 PM, Jeffrey Walton wrote:
>>
>>> https://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
>>>
>>> WASHINGTON --- From his first months in office, President Obama secretly
>>> ordered increasingly sophisticated attacks on the computer systems
>>> that run Iran's main nuclear enrichment facilities, significantly
>>> expanding America's first sustained use of cyberweapons, according to
>>> participants in the program.
>>> Hasan Sarbakhshian/Associated Press
>>>
>>> Mr. Obama decided to accelerate the attacks --- begun in the Bush
>>> administration and code-named Olympic Games --- even after an element of
>>> the program accidentally became public in the summer of 2010 because
>>> of a programming error that allowed it to escape Iran's Natanz plant
>>> and sent it around the world on the Internet. Computer security
>>> experts who began studying the worm, which had been developed by the
>>> United States and Israel, gave it a name: Stuxnet.
>>>
>>> At a tense meeting in the White House Situation Room within days of
>>> the worm's "escape," Mr. Obama, Vice President Joseph R. Biden Jr. and
>>> the director of the Central Intelligence Agency at the time, Leon E.
>>> Panetta, considered whether America's most ambitious attempt to slow
>>> the progress of Iran's nuclear efforts had been fatally compromised.
>>> ...
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Is anyone else the least bit concerned that stuxnet was carried out by
the US Government? I mean lets look at this, the US Government committed
an act they themselves would consider cyber terrorism, infecting
millions of civilian machines. While they say it got "out of control"
and lets just go with that for simplicity, once it got out of control
wouldn't the right thing have been to shut it down instead of trying to
evade detection and continuing the project? How many antivirus vendors
were kept from doing their jobs during this? And how many were actively
cooperating? I know for a fact HBGary was working with the NSA in
regards to stuxnet. Was it really worth it to compromise the security
and privacy of millions of innocent people just to shut down some power
plants?

Oh and lets not forget the assassination of civilian scientists.

People seem to think that since the US Gov did it that makes it ok, well
I do not think it does. Especially when they throw kids with small
botnets in jail for being mad at the system cause its crooked.

I mean that has to be the largest cyber attack of all time, this makes
the shit the lulzsec people carried out look mild in comparison, and
those guys are facing a decade in jail and the person who wrote stuxnet
probably got a medal and a fat check.

Oh and message to the feds im sure watch this list.

http://pwnies.com/winners/

You guys might want to go claim that award and present it to Obama, he
did earn it after all ;) (and he beat lulzsec for the award)


I mean this mailing list is about threats to information security, so
lets call a spade a spade.

Right now the biggest threat to cyber-security is the US Government, it
has proven it can silently infect machines with worms powered by zero
day exploits and "stolen" driver certificates. (they were able to
acquire them twice at least with no issue, my bet is they just asked for
them)

And another thing, I somehow doubt the new york times would publish
unless they have reliable sources.

Combined with this
http://online.wsj.com/article/SB10001424052702303506404577448563517340188.html?utm_source=twitterfeed&utm_medium=twitter

It pretty much tells me the article was spot on.

Can we now discuss the fact the US Gov committed an act of cyber war
against its own people, the people of other sovereign nations and *itself* ?


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ