Thursday, October 7, 2010

Stuxnet

whats this Stuxnet?
Its a sort of computer virus or worm which controls the physical devie, sounds of interesting but very dangerous.

Once within a network -- initially delivered via an infected USB device -- Stuxnet used the EoP vulnerabilities to gain administrative access to other PCs, sought out systems running the WinCC and PCS 7 SCADA management programs, hijacked them by exploiting either the print spooler or MS08-067 bugs, then tried the default Siemens passwords to commandeer the SCADA software.They could then reprogram the so-called PLC (programmable logic control) software to give machinery new instructions.Stuxnet could actually use four zero-day vulnerabilities to gain access to corporate networks. Once it had access to a network, it would seek out and infect the specific machines that managed SCADA systems controlled by software from German electronics giant Siemens.

Liam o'murchu of symantec on his papers explain like this:
Stuxnet is the first publicly known worm to target industrial control systems, often generically referred to as SCADA systems. Not only did Stuxnet include malicious STL (Statement List) code, an assembly-like programming language, which is used to control industrial control systems, it included the first ever PLC (programmable logic controller) rootkit hiding the STL code. It also included a zero-day vulnerability to spread via USB drives, a Windows rootkit to hide its Windows binary components, and it signed its files with certificates stolen from other unrelated third-party companies. All of these characteristics are noteworthy in their own right, however when they all converge within one threat it is clear that there is a special force at work.
Why it is dangerous?
Check out this video:


To prove the possibilities, O Murchu set up a basic air pump, controlled by a Siemens system, on the stage in front of him. The pump delivered a timed burst of air into a balloon, which inflated slowly. O'Murchu then infected the system with Stuxnet, pressed a button. The pump pumped, but did not stop. The balloon went on inflating till it burst.Now the problem is that if the Stuxnet affected computers are used in Nuclear Plant it will cause a huge problem and losses.

who are the targets?
 Probably nuclear plants, in this case as the statistics(nearly 60% of all infected PCs world wide were found in Iran) suggests that Stuxnet was found more in Iran than any other country.The possible aim of the creator of Stuxnet was to stop/destroy/control Iran's nuclear plant.India is also in top of the list of most affected countries along with Indonesia,China and Malaysia.

Conspiracy or just another game ?
The necessary resources, and the money to finance the attack, puts it out the realm of a private hacking team, O Murchu said.


When Stuxnet succeed, it leaves a number imprinted on its new host: 19790509. That number, Mr O Murchu says, seems to be a date – May 9, 1979.That day anything would have happened but search on Wikipedia reveals the following  "On May 9, 1979, Elghanian was executed by a firing squad in Tehran sending shock waves through the closely knit Iranian Jewish community. He was the first Jew and one of the first civilians to be executed by the new Islamic government". Who was the Elghanian?  he was the first Iranian Jew to be hanged for spying by the new Islamic Republic. is this the work of Isreal to undermine Iran's nuclear quest?
There are many reasons to suspect Israel’s involvement in Stuxnet. Intelligence is the single largest section of its military and the unit devoted to signal, electronic and computer network intelligence, known as Unit 8200, is the largest group within intelligence.


Computer security researchers  discovery of a trace of a keyword in Stuxnet's instructions: Myrtus. Myrtus, or Myrtle, in Hebrew becomes Hadassah, and Hadassah was the birth-name of Esther, the Jewish biblical heroine married to a king of Persia. Esther discovered that a courtier was plotting the murder of all of Persia's Jews, and persuaded her husband to allow them to rise up pre-emptively to slaughter their assailants.will it leads to the creator of  Stuxnet?

Cyberwar all around the world
Telegraph website which quoted Forbes blog mentioned that in July a glitch on a satellite used by most of India's satellite television stations blacked them out, forcing operators to turn to a Chinese competitor. The Indian space programme uses Siemens operating systems.During the same time Chinese hackers infiltrated computers of Tibetan government in exile.Russian cyber attack on Georgia and Slovenia etc.. Sooner or latter things will go even worse as the technology grows .Is there a way to control these things? 
Cyberwar and economy 

Tuesday, October 5, 2010

10 Promises to my dog (Inu to watashi no 10 yakusoku)


I heard lot about Japanese movies but have not watched much, but now i think i have to watch selective Japanese movies. This movie "10 Promises to my dog"  is a wonderful movie, its like reading a poem.The story revolves around Akira and Socks, the Golden Retriever .
Akira is a 14 year old school girl living in Hokkaido,Japan.One day a puppy wanders into her court yard , the puppy looks frightened and lost.Akira is very much interested to keep the puppy as her pet, so she as her mother's consent and she approves.The 10 year journey begins with the death of Akira's mother , then her father leaving his job(as a matter of fact her father is an doctor),the her romance.Before her death Akira's mother gave 10 promises that Akira should make with Socks. I should say each and everyone who has any kind of pet must have some sort of promises like this.
Hoshi is a guitarist,who went to paris music school.They met after 10 years. As years passes Akari  become preoccupied with her job at a zoo and after reuniting with her childhood boyfriend Susumu she stops spending  much time with Socks.However Socks helped Hoshi to overcome his fingers problem ,which happened because of an road accident.This incident reminded Akari  about how much Socks helped her through her hard times and she feels very bad for not spending enough time with Socks during Sock's aging process.Socks dies at the age of 10.Its  a heart warming story.The father and daughter relationship was nicely portrayed .Her father who quit his job and started a clinic on his own explains her about the things he learnt by spending time in his own clinic and with Socks, it was touching.

Directed by Katsuhide Motoki.
Mayuko Fukuda as Akira is cute and brilliant.Etsushi Toyokawa as Akira's father is amazing and his varied expressions are flawless.Ryo Kase  as Hoshi is also good. I must say background music is just amazing,it makes the movie more poetic. The  movie is based on the novel  written by Hare kawaguchi which in turn based on "The 10 Commandments of Dog Ownership".They are
1. My life just lasts for ten to fifteen years. Any separation from you will be painful for me. Remember that before you choose to buy me.
2. Give me time to understand what you want.
3. Please trust me! That's what I'm happy with...
4. Don't be angry at me for a long time or lock me up as punishment. You have your work, your entertainment and your friends. But I only have you.
5. Talk to me sometimes. Eventhough I don't understand your words, but I can still understand your tone when you talk.
6. Be aware that however you treat me, I'll never forget.
7. Remember before you hit me that I have teeth that could easily crush the bones of your hand but I chose not to bite you.
8. Before you scold me for being uncooperative, obstinate or lazy, Ask yourself if something might be bothering me. Perhaps I'm not getting the right food, or I've been out in the sunfor too long, or my heart is getting old and weak.
9. Take care of me when I am getting old...
10.Please be with me on any difficult journeys. Please never say, "I can't bear to watch it" or "Let it happen in my absence." Everything is easier for me if you are here. Remember...I Love you always.

Watch it .. 

Friday, October 1, 2010

The Girl who played with the fire



This is the second book of the series 'Millennium' by Stieg Larsson.Again a great book, the story starts from where the first book ended.Lisabeth Salander ,the hacker had stolen 2 billion euros from wennerstrom and started the company in the name 'Wasp Enterprise' at Gibraltar.This book is about how Salander finds her father 'Zala' and take revenge on him for his behavior towards her mother and her suffering.The story starts with the killing of Dag and Dia , the journalist and researcher who works on trafficking.The journalist is working for 'Millennium' where Mikel Blomkovist is also working.Blomkovist started digging about the murderer by reading the research papers of them , Salander as usual hack the computers of the journalist and found out research result.
Blomkovist and Salander found out that the mention of the name 'Zala' in many places in that research and started formulating ways to find the truth.Gunnar Bjorck , an Immigration police officer , through blackmail by 
Blomkovist gave the report of Salander which was about the incident happened in 1991 where Salander threw  petrol and fired her father 'Zala'.Since that document was considered as 'classified', Salander was put into mental rehab institute for more than one year.That report is important since it shows the existence of 'Zala' .Zala was a Russian agent ,who came as a refugee.While the investigation was undergoing Salander was subjected to sexual harassment by her new guardian Advokat Bjurmann , to take revenge on him, she recorded his sexual behavior in the hidden camera, she used the tape to get rid of him.As Bjurman was a well known guy , he never reported anything to police and he devised a plan to murder Salander, so he hired 'Zala's guys to kill her.Bjorck and Bjurmann worked together in the police department earlier in their carrier, they knew each other well .


As the serious events unfolds,Mirium Wu and Paulo Roberts were also involved and almost beaten to death by the Niedermann.Mirium Wu was a friend of Salander and Paulo was a boxing coach of Salander.To take revenge Salander follows Zala and almost killed him but Niedermann escaped as he was scared of darkness and illusion.Salander was also got fired by the on the head , luckily Blomkovist who followed everything reached the spot on time to call police.
One has to read this book , the story is fast and thrilling as events unfolds with lots of surprise.I really enjoyed reading this book.I have not described many things in this review, but will elaborate more when i write about the third book of this series ' The Girl who kicked the Horner's Nest'.Already finished reading but need time to write .
Heard: Daniel Craig of James Bond fame will be acting  as Mikael Blomkovist in movie version of this series.
More on movie