So I just watched Zero Days, a nice documentary “focused on Stuxnet, a piece of self-replicating computer malware that the U.S. and Israel unleashed to destroy a key part of an Iranian nuclear facility, and which ultimately spread beyond its intended target.”
For what it’s worth, it’s a decent documentary that won’t win any awards but I recommend anyone who isn’t from this field to watch it to understand a bit of what’s going on.
What to me was most interesting in the movie was the second half, with interviews both with former heads of the CIA and off the record operators who discussed the problem with cyber warfare as it stands now.
The more interesting problem is the democratic process. We have a new category of weapons (and I’m more than willing to debate this) that are insanely effective, very hard to use and develop and very classified. How can you have a debate on if it’s a legit weapon, on the blow back effects on the West, if no one is even willing to speak off the record on this? This leads into the accountability problem with any covert operation but in cases such as drone attacks, most people at least have a mental model (flawed as it may be) on what goes on. Here? Most people’s understanding of cyber is “viruses” and that’s it.
The second problem, which is more policy themed, is how do you use this shit when despite the best of intentions, software has bugs and in this case, the bugs may have drastic side effects such as turning a very targeted attack into a widespread worm that did nothing outside the target but still made waves.
Zero Days Documentary
Moderator: Alyrium Denryle
- Ace Pace
- Hardware Lover
- Posts: 8456
- Joined: 2002-07-07 03:04am
- Location: Wasting time instead of money
- Contact:
Zero Days Documentary
Brotherhood of the Bear | HAB | Mess | SDnet archivist |
Re: Zero Days Documentary
I would suppose you design them sorta around what Stuxnet was designed to do: have them focus on a very specific target and only affect that target. This way if (or rather when) the cyber weapon spreads to other computers it doesn't have any adverse effects beyond what you want it to have.Ace Pace wrote:The second problem, which is more policy themed, is how do you use this shit when despite the best of intentions, software has bugs and in this case, the bugs may have drastic side effects such as turning a very targeted attack into a widespread worm that did nothing outside the target but still made waves.
'Ai! ai!' wailed Legolas. 'A Balrog! A Balrog is come!'
Gimli stared with wide eyes. 'Durin's Bane!' he cried, and letting his axe fall he covered his face.
'A Balrog,' muttered Gandalf. 'Now I understand.' He faltered and leaned heavily on his staff. 'What an evil fortune! And I am already weary.'
- J.R.R Tolkien, The Fellowship of the Ring
Gimli stared with wide eyes. 'Durin's Bane!' he cried, and letting his axe fall he covered his face.
'A Balrog,' muttered Gandalf. 'Now I understand.' He faltered and leaned heavily on his staff. 'What an evil fortune! And I am already weary.'
- J.R.R Tolkien, The Fellowship of the Ring