Iran's nuclear ambitions facing delays

Point out news stories, on the net or in mainstream media, related to polywell fusion.

Moderators: tonybarry, MSimon

icarus
Posts: 819
Joined: Mon Jul 07, 2008 12:48 am

Post by icarus »

The Iranians were offered Russian fuel under strict control and declined.
... so, in short, no credible evidence Iran is building a nuclear weapon then, but plenty of guilt by association you would say.
I do not believe the Israelis want a nuclear war.
Me neither. But they have made loud and repeated demands for blowing up nuclear facilities of other countries, what better recipe for nuclear fall-out do you want? In that light, the Stuxnet PLC virus is not all that surprising, but probably less well-understood in terms of its capacity for bringing about similar nuclear fall-out results.

E.g., can you imagine explaining to a Saudi crown prince, or some such, how a PLC worm program might dump radioactive particles on Mecca, if the winds are blowing the right way?

polyill
Posts: 150
Joined: Tue Jan 18, 2011 12:29 am

Post by polyill »

So what are you suggesting? Everybody should leave Iran alone and just wait and see if it presents Hizbollah with a dirty nuke? Or maybe a real one, if time is given...

OK, Then what? :)

Betruger
Posts: 2321
Joined: Tue May 06, 2008 11:54 am

Post by Betruger »

polyill wrote:So what are you suggesting? Everybody should leave Iran alone and just wait and see if it presents Hizbollah with a dirty nuke? Or maybe a real one, if time is given...

OK, Then what? :)
Didn't you say you'd rather not join in on the politics? Just curious.
icarus wrote:... adapt or die is the predictable wisdom to this also I guess, from our resident borg-hive mind types.
patent icarus troll bait.

choff
Posts: 2447
Joined: Thu Nov 08, 2007 5:02 am
Location: Vancouver, Canada

Post by choff »

According to the Russian scientists report to Putin, the Iranian nuclear scientists have no regard for safety or human life, the priority is the schedule set by their political masters. So if a Iranian Chernobyl takes place, the worm might not have much or anything to do with it.

If the Persians weren't so hell bent on destroying Israel, they might avoid destroying their own country in the process. That leaves the question of the fallout. How much of Iran would have to be evacuated and abandoned for how long, and if a flood of refuges spill into other countries, and to what extend the neighbours suffer.
CHoff

icarus
Posts: 819
Joined: Mon Jul 07, 2008 12:48 am

Post by icarus »

So by that logic, hypothetically Stuxnet could infect Three-mile Island causing a reactor meltdown and it would be the operator's fault?

Pretty duplicitous to wash your hands of the whole thing after the virus has been deployed into a nuclear complex .... it's a big cluster-mess and nobody is innocent. While one side or the other claims (and believes) an absolute moral high ground (righteousness) the mess will continue, (it's as simple as a he said, she said thing 5 year olds get into)

choff
Posts: 2447
Joined: Thu Nov 08, 2007 5:02 am
Location: Vancouver, Canada

Post by choff »

I've know Iranians where I live who worked as volunteers in Lebanon, educated, wonderful people to talk too until they causually say things like,'we have 10,000 rockets in Lebanon aimed at Israel.'

In their minds, they totally dehumanize and demonize the enemy, and consequently make no connection between attacks on Jews and subsequent retaliation, propaganda does that.

If the Iranian reactor hasn't been loaded with fuel yet, the Israelis might actually be doing the local population a favour by launching a conventional bombing raid to take it out. Better that than they melt it down themselves.
CHoff

Betruger
Posts: 2321
Joined: Tue May 06, 2008 11:54 am

Post by Betruger »

choff wrote:I've know Iranians where I live who worked as volunteers in Lebanon, educated, wonderful people to talk too until they causually say things like,'we have 10,000 rockets in Lebanon aimed at Israel.'
Yeah, or, casually, over dinner (in Toronto), "We could take all of Toronto right now, more than enough AK's for everyone."

polyill
Posts: 150
Joined: Tue Jan 18, 2011 12:29 am

Post by polyill »

ppl, you are talking nonsense regarding the Stuxnet. It targets SPECIFIC models of PLC's. Two specific ones. It cannot infect anything it likes...

http://www.symantec.com/content/en/us/e ... ossier.pdf

moreover, it is programmed to do SPECIFIC things with the targeted equipment.

BenTC
Posts: 410
Joined: Tue Jun 09, 2009 4:54 am

Post by BenTC »

polyill wrote:ppl, you are talking nonsense regarding the Stuxnet. It targets SPECIFIC models of PLC's. Two specific ones. It cannot infect anything it likes...

http://www.symantec.com/content/en/us/e ... ossier.pdf

moreover, it is programmed to do SPECIFIC things with the targeted equipment.
Wow. That looks like it could have been a year or more of quiet recon, reporting back to the command & control centre to be analysed so that specific functionality of specific PLCs could be targetted. Not your backyard script kiddie. These targetted attacks have always been theorectically possible. For you and I our greatest protection is our lack of importance, as long as you do't get caught up in the collateral damage.
Industrial control systems (ICS) are operated by a specialized assembly like code on programmable logic controllers (PLCs). The PLCs are often programmed from Windows computers not connected to the Internet or even the internal network. In addition, the industrial control systems themselves are also unlikely to be connected to the Internet.

First, the attackers needed to conduct reconnaissance. As each PLC is configured in a unique manner, the attackers would first need the ICS’s schematics. These design documents may have been stolen by an insider or even retrieved by an early version of Stuxnet or other malicious binary. Once attackers had the design documents and potential knowledge of the computing environment in the facility, they would develop the latest version of Stuxnet. Each feature of Stuxnet was implemented for a specific reason and for the final goal of potentially sabotaging the ICS.

Attackers would need to setup a mirrored environment that would include the necessary ICS hardware, such as PLCs, modules, and peripherals in order to test their code. The full cycle may have taken six months and five to ten core developers not counting numerous other individuals, such as quality assurance and management.

While their choice of using self-replication methods may have been necessary to ensure they’d find a suitable Field PG, they also caused noticeable collateral damage by infecting machines outside the target organization. The attackers may have considered the collateral damage a necessity in order to effectively reach the intended target.
In theory there is no difference between theory and practice, but in practice there is.

ladajo
Posts: 6258
Joined: Thu Sep 17, 2009 11:18 pm
Location: North East Coast

Post by ladajo »

I have worked extensively with PLCs and programming them in the past. You must have a physical test bed as the system simulators never catch the realities of operating equipment. IMO this could not have been fielded without a physical optest and refinement cycle.
I have worked on several brands of PLCs with diverse applications. While it is true that PLCs (due mostly to physical location) are maintained with laptops, I do not agree that those laptops typically reside off of networks. In my case, as soon as I could, I set up the programming package on a LAN (with internet connectivity) in order to ease my ability to centrally access or make changes. Where I could I even placed the PLCs on the LAN themselves to enable networked cooperation and even the linking of previous different machine systems to act as an integrated entity.
My laptop became too valuable, and a critical point of failure. Placing my work on the LAN meant that it was more protected in a continuity sense. Ie dropping my laptop did not mean a total loss.
I was very interested in how they co-opted the PLC operating system as well as the PLC programming in order to mask the actual physical events on the machines. Very slick.

kurt9
Posts: 588
Joined: Mon Oct 15, 2007 4:14 pm
Location: Portland, Oregon, USA

Post by kurt9 »

I, too, have made PLC-based control systems for process equipment and understand the issues involved. In order to have infected the PLC's running the nuclear facilities, stuxnet had to first infect the laptop computers that the PLC control programs were developed on. The PLC development software is what was initially infected with stuxnet. It was the development software that was used by stuxnet to download itself into the PLC's themselves.

What this tells me is that the control system engineers (probably Iranian or Russian) were not careful to use dedicated laptops to develop the control system program, and to never connect these laptops to the internet or use them for some other purpose. If they had used such quarantined computer practices, they would never have had the stuxnet infection in their facility to begin with.

It is also possible that one of the Russian control system guys was paid to introduce the stuxnet into the system.

In any case, if I ever do PLC control system development in the future, I will install the development software on a dedicated laptop (which will be the cheapest laptop I can buy new, since the system requirments for the development tool are much less than any current laptop).

ladajo
Posts: 6258
Joined: Thu Sep 17, 2009 11:18 pm
Location: North East Coast

Post by ladajo »

I would agree. I would setup an isolated netwrork to link the PLCs together, and do it that way.
Of course, you run a risk if you look to upgrade the programming software, or the PLC operating system.
But, if you build what you need, and get the job done, you could resist the "desire" to get more guchi with upgrades.

MSimon
Posts: 14334
Joined: Mon Jul 16, 2007 7:37 pm
Location: Rockford, Illinois
Contact:

Post by MSimon »

ladajo wrote:I would agree. I would setup an isolated netwrork to link the PLCs together, and do it that way.
Of course, you run a risk if you look to upgrade the programming software, or the PLC operating system.
But, if you build what you need, and get the job done, you could resist the "desire" to get more guchi with upgrades.
The problem is always management.

"I heard that you could _____ with a simple upgrade. What will it cost? How long will it take."

BTW machines with Wireless connections always scared me. I would say: "What if......" and management would tell me "encrypted". "And besides wires are expensive and take longer to develop". So I would say: what will one plant shut down cost? And management would tell me. "Not going to happen."

And then one time in aircraft development. I said - "Why are you using IP? It is well known and thus easily hackable. Why not roll your own? (I was a serial bus hardware and protocol expert)."

And they told me - "IP developers are cheap because it is well known. And besides no one is going to hack it."

Idiots.
Engineering is the art of making what you want from what you can get at a profit.

CaptainBeowulf
Posts: 498
Joined: Sat Nov 07, 2009 12:35 am

Post by CaptainBeowulf »

There's just no reason for so many things to be connected to the internet, let alone have wireless. Complete lack of security. I can't understand what people are thinking.

MSimon
Posts: 14334
Joined: Mon Jul 16, 2007 7:37 pm
Location: Rockford, Illinois
Contact:

Post by MSimon »

CaptainBeowulf wrote:There's just no reason for so many things to be connected to the internet, let alone have wireless. Complete lack of security. I can't understand what people are thinking.
Thinking? Not much.

"If everything goes right "think" of the money we will save."

“Physicists dream of Nobel prizes, engineers dream of mishaps.” Hendrik Tennekes

Let me add - managers dream of money.
Engineering is the art of making what you want from what you can get at a profit.

Post Reply