Running off half cocked again.:rolleyes:

sexobon's "surgical strike was referring to using this dedicated worm/virus to ferret out how much Siemens' equipment they have, and how it's distributed. We already know what type of processes use which Siemens' gear and software.

Exactly.

[T]w, xoB interpreted my post as I intended for it to be understood. When I said "A surgical strike of this nature", I was referring to the virtual attack using the narrow spectrum Stuxnet.

I gather from the following quote that you'd agree we have the ability to benefit from their internal communications "fallout."

That's why I'm suggesting the primary reason for the attack may have been reconnaissance rather than disruption.

:gray: But, but but ... what about the Aliens? :gray:

Reconnaissance makes more sense. It is harder to detect. Disruption would cause investigations that might discover the malware.

Disruptions must target the few parts that are difficult to obtain or manufacturer. Malware is unlikely to properly target such parts.

Consider how easy it can be accomplished. Take your own computer. The NIC or 'USB to ethernet' adaptor can contain malware that anti-virus software would never detect. Malware could be triggered when needed. Nobody would know it exists before hand. And no anti-virus software would find it before being triggered.

From the NY Times of 25 Sept 2010: From the NY Times of 29 Sept 2010:

it's pretty clear that what's going on here is that Colossus is displeased.

I heard a news radio report today that indicated that most of the transmission was accomplished using infected USB devices. Virus transmission via what we used to call sneakernet. How cool is that?

I read that was how it was moved from the Iranian Industrial plant computers that are connected to the net, to the ones that aren't. I didn't state however, who did the moving, or if they knew they were doing it.

From the Washington Post of 2 Oct 2010: Apparently, the reason why it can do this and remain undetected - it also reprograms itself.

It doesn't so much reprogram itself as check for updates from the programmers.

I wonder if it would be possible to send out an "update" with the biggest possible version number and a harmless payload, and let it spread its own antidote.

How can it check for updates when it's on a machine isolated from the net?

The same way it got there in the first place. It doesn't check a home server (that would make it too easy to track back to that home server), it checks any machines it can contact for newer infections, and grabs them. An isolated machine would have to wait for an infected USB drive, or whatever else gave it its initial infection.

How does the newer, updated infection get to the "other machines"?

The same way the older, non-updated infection got there. Over the internet, if they're connected; USB drives or other infected media if they're not.

I thought they weren't connected to the internet. Wasn't that part of the issue? How are these USB's getting there.
Oh forget it - I'll just wait for the movie to come out.

I still don't see what the problem is. I guess it beats a tactical nuke.