I don't even know what you are trying to say at this point

So as long as all of those don't give them up Iran shouldn't either. Right?

Yes, and let Russia and the UK and France and Israel and India and Pakistan and North Korea keep theirs because they'll surely disarm right after us

Why are you excusing the Dutch, German, British and Israeli foundations?

[removed]

How's all that prosecution of US war crimes in Afghanistan, Vietnam and Iraq coming along?

And war is the very foundation of the US, so everything is good

I don't expect it to happen; concepts of justice like that everyone is equal under the law and that the law exists to restrict the government as much as it does us are not popular with people who only want us to be a country of laws when its convenient for them.

> In an attempt to stop a terrorist state getting nuclear weapons.

also known as refining their own ore for nuclear power. I have seen no evidence other than the claims of mealy mouthed politicians that they had a weapons program at that time.

We already have nuclear weapons in the US.

Will check it out. Thanks.

Software exploits that are "brand new" (ie. that the general public did not previously know about). Once an exploit is publically known about, the companies usually work quickly to patch them. They are therefore rare and highly sought after by bad actors.

The going rate is about $100,000 each on the dark web. When a bad guy writes malware, they typically use one zero-day exploit, maybe even two.... but to have NINE or whatever Stuxnet had, is unheard of and was a tell-tale sign that the software was created by a nation-state since the average bad guy is not going to spend $900,000+ to write their malware.

What would a fuzzer do, then?

>Absolutely is not. Most intelligence departments, Department of justice, homeland etc all have some departments with air gapped machines for security reasons.

This is actually not true except in some edge cases. Most of the "air gapped" networks are actually only logically separated. For example DOD's NIPR (often referred to as the "low side") is their version of what most companies have, the network most directly connected to the internet, as well as the DREN (for research and development). No classified data is allowed here.

But they also have other networks, sometimes referred to as the "high side" (i.e. SIPR, JWICS), where classified data (Secret and Top Secret, respectively) can be stored. It's a common misconception that these are air gapped, but they're actually more like a VPN on top of NIPR. Additionally, there are various "gateways" (i.e. DOTS, Cross Domain Enterprise Email Service) to allow limited communication and data transfer between low and high sides.

Absolutely is not. Most intelligence departments, Department of justice, homeland etc all have some departments with air gapped machines for security reasons. They can never be “hacked” or the like due to that. And as for the Iranian governments uranium enrichment center the air gapped machine’s control all aspects of the enrichment process, the centrifuges, etc for the same reason.

Yeah Estops into PLCs should only really be for signal/logging. Stand-alone safety relays should be in use.

Yeah dude/dudette, Stuxnet was absolutely insane!! It was straight out of a spy novel or something. The NSA/CIA broke their backs trying to find a way to hit the Iranian process plant, then their wishes were granted due to finding a propaganda video of the plant along with high res footage of their control system on monitors as well as noticing a piece of hardware that controlled the timing. 2 days later they had a full report detailing all the running programs as well as testing to trigger the piece of hardware that controlled the on/off times. Even with the Iranian plant having air gapped systems (when your main cpu isn’t connected to the internet to maintain strict security), all they had to do was send a small ass bug all around the world which would eventually make its way to Iran & then would attack other systems until it told the “auto stop hardware” instead of running for 20 minutes at 1700 rpm it would run for 45 minutes at 3500 rpm which would literally explode all of their centrifuges which ruined whatever uranium was being processed as well as making all the machines completely useless.

Ps the goddamn IDF has always been so damn jumpy & rush everything which causes 💩 to go down. Again, goddamn that was an absolutely intense documentary.

software vulerabilities that are unknown but to the people exploiting then

I know almost nothing about computers. I remember in the documentary they made this seem pretty significant. Can you tell me a little about what a zero day is and why it is so significant? Are they really hard to do/make/get? Maybe EILI5.

I would say it makes you stand out more. Not that anyone is going to believe it really is, but someone that knows about Stuxnet likely has cooler stuff to poke around on than the person with SSID “Netgear781” or “Grandma”.

Thank you. Not sure what this guy has been smoking but he's got some type of imaginary cyber security world built in his head.

... autorun... exploits? (I'm going to pretend that's a term in the cyber security and forensics industry that actually makes sense to continue on here). In any context that has anything to do with being relevant about getting into air gapped networks? You sure you know what you're talking about?

You then reference the use of a fuzzer in a highly targeted attack? Wth? You think they're going in there and potentially bluescreening machines and trying "best guesses" at what they need to do to perform command and control operations? That would have already been known before deploying their malware and tools.

Safe to say even if you worked there then you still don't know what you're talking about.

That scenario sounds pretty preposterous. Remember this was a remote secure compound. Where one key feature of their security is the air-gapped network.

Does it sound at all possible for someone to first wander onto the Natanz facility, second drop things around people's cars, & then third have those people with access to the centrifuge hall & who know how important the sanctity of the internal network is to just insert a random thumb drive?

That said it was likely a usb drive, but one designed to pass stringent inspection that came from a trusted source & was needed to update internal software.

I believe I heard somewhere it got into the facility from USB drives that were dropped in the parking lot near employee cars

They absolutely did describe both those things. The weird graphic woman even swore about the Israelis f-big everything up by being overly aggressive.