Greg's bite: Building a house upon the sand
TweetFollow Us on Twitter

Greg's bite: Building a house upon the sand

By Greg Mills

The Stuxnet worm news continues to resonate around the world regarding the malware that hides in Microsoft Windows operating systems and is still infecting industrial control systems. As civilians, this seems a bit out of our area of concern, until we really understand the implications and solutions.  

Most of us can agree that the nuclear reactor and uranium enrichment facilities in Iran that is being targeted represents a serious threat to the free world. However, the "blowback" from this attack may be unexpected catastrophic manmade industrial disasters down the line. Most experts think the target of Stuxnet has already been hit, and we are now seeing the collateral damage. We do know there was some sort of "accident" that hit the uranium enrichment facility that the Iranians are not talking about.

We live in a world infrastructure operated by countless computer systems. These control systems operate the valves and switches that regulate the natural gas that heats our homes, the water we expect to flow from our taps, and the electricity that makes so much of our lives tick. The gas we burn in our car comes from refineries that are controlled by complex valves and regulators that are controlled by software that is now subject to infection by Stuxnet and, soon, the copycat worms that are sure to follow.   

What makes the problem so "contagious" is that rather than infecting the isolated mini computers that control the world's valves and switches directly, the worm, with all the malware tricks and triggers is contained in about a half a meg of very complicated software. The worm infects the Windows OS and can then spread through use of an infected USB thumb drive or through the Internet. The worm checks every five seconds to see if it can find a certain Siemens control program that Iran modified to use in its plutonium refinement operations and in its nuclear reactor. If it does not find the Iranian version of the Siemens software, it doesn't seem to do anything but keeps checking for the target software every five seconds and stays dormant.  

Jesus told the parable of a foolish man who built his house upon the sand. A storm came and, because of the lack of a firm foundation, the house fell down. Folks, Windows is the sandy foundation our infrastructure is built on. While Apple went back to the drawing board and completely started over when the Mac went to OS X, Microsoft continues to build upon the ancient DOS program base from the early beginning of the PC revolution.  

Thousands of "holes" in that vulnerable OS can be used to infect Windows OS computers with malware such as Stuxnet. Unfortunately, with 90% of the world's computers running on an OS with so many weaknesses, malware spreads far and wide.  

The solutions are varied and not an easy fix.  

1. First of all, the world has to understand that running 90% of the world's computers on one common operating system is nuts. Diversity of operating systems alone would offer some protection, because a virus will only work on one specific bit of software or program. While some programs or applications are cross platform, the underlying OS and chip set may protect some computers from specific threats that the targeted systems are wide open targets for.  

2. While it may seem far fetched, there ought to be a way to filter out malware as it flows through choke points on the Internet. While isolated systems were apparently infected by using USB thumb drives, Wi-Fi and internet connections are the way most malware is being passed on.

3. The Siemens control programs that are the target of the current attack need to be made more secure to prevent infections like Stuxnet. Alternative programs need to be written and installed that work differently enough to prevent them being hijacked. Some sort of back-up system needs to be a standard in industrial controls.

4. Microsoft needs to get its act together. The Stuxnet worm used at least four newly found holes in Windows that it used to infect PCs. People shouldn't excuse crappy operating systems that are so full of holes that this sort of problem is common. Steve Balmer should be deported to Indonesia and publicly caned.

5. Certificate verification failed to prevent infection through counterfeit certificates. The notion of certificates needs to be reexamined.

6. The government and critical industries need to diversify software control systems and reduce interconnection of vulnerable systems.  

7. Buy a Mac! That's Greg's Bite for today

(Greg Mills, is a Faux Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. He's working on a solar energy startup, www.CottageIndustrySolar.com using a patent pending process of turning waste dual pane glass into thermal solar panels used to heat water. Greg writes for intellectual web sites and Mac related issues. See Greg's art web site at www.gregmills.info ; His email is gregmills@mac.com )

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Soft Drummer (Music)
Soft Drummer 1.0 Device: iOS Universal Category: Music Price: $14.99, Version: 1.0 (iTunes) Description: Soft Drummer is the closest thing to a pro session subtle drummer in your pocket. Easy to use and fast, it's much more than a... | Read more »
Is GO Gear the Pokemon GO map app you...
Now that we've settled into something of a Pokemon GO status quo, the number one desire of most players can best be summed out by modifying a quote from Rod Tidwell of Jerry Maguire: "Show me the Pokemon!" [Read more] | Read more »
Rodeo Stampede update: Mountains, new an...
The Savannah and Jungle were just the beginning in Rodeo Stampede. Get ready to head for the Mountains. I think I heard that in a beer ad once. [Read more] | Read more »
COSMOS RINGS (Games)
COSMOS RINGS 1.0.0 Device: iOS iPhone Category: Games Price: $5.99, Version: 1.0.0 (iTunes) Description: This game cannot be played without the Apple Watch.Released anniversary sale until August 31,2016 PST! A tragic tale of time's... | Read more »
How to get started selling on Mercari
As far as ecommerce has come over the last decade or so, there's still a tremendous opportunity to make it easier for people to buy and sell goods. That's especially true when it comes to shopping apps, which should only continue to increase in... | Read more »
Human Anatomy Atlas 2017 Edition - Compl...
Human Anatomy Atlas 2017 Edition - Complete 3D Human Body 1.0.24 Device: iOS iPhone Category: Medical Price: $24.99, Version: 1.0.24 (iTunes) Description: | Read more »
Heroes of Normandie (Games)
Heroes of Normandie 1.5 Device: iOS Universal Category: Games Price: $14.99, Version: 1.5 (iTunes) Description: The game does not support iPhone 4s and below | Read more »
Why you should never power up Pokemon in...
There's no question that candy is dandy in Pokemon GO. You need big quantities of it to evolve your Pokemon, and when combined with stardust, it can be used to power up your favorite pocket monsters as well, making them more formidable for the gym... | Read more »
Webzen launches 3D MMORPG MU Origin on i...
Mu Origin is featured time and time again at the very top of App Stores in China, and within the top five worldwide top-grossing charts on Google Play.Its popularity in Korea and China, featuring more than 120 registered players in China and 6... | Read more »
Severed (Games)
Severed 1.0 Device: iOS Universal Category: Games Price: $5.99, Version: 1.0 (iTunes) Description: LAUNCH DISCOUNT ON NOW!! ENDS AUGUST 4! ==== Take control of a one-armed warrior named Sasha, wielding a living sword on her journey... | Read more »

Price Scanner via MacPrices.net

Second-Quarter Tablet Shipments Fell 4.8% –...
The latest report from the global market research firm TrendForce finds that worldwide tablet shipments for this second quarter totaled 33.54 million units, representing a quarterly drop of 4.8% and... Read more
Global Smartphone Sales Volumes Mark Second S...
According to preliminary results from the International Data Corporation (IDC) Worldwide Quarterly Mobile Phone Tracker, vendors shipped a total of 343.3 million smartphones worldwide in the second... Read more
Apple TVs on sale for $20-$40 off MSRP
Best Buy has 32GB and 64GB Apple TVs on sale for $20-$40 off MSRP on their online store. Choose free shipping or free local store pickup (if available). Sale prices for online orders only, in-store... Read more
Mac minis on sale for $50-$100 off MSRP
B&H Photo has Mac minis on sale for $50 off MSRP including free shipping plus NY sales tax only: - 1.4GHz Mac mini: $449 $50 off MSRP - 2.6GHz Mac mini: $649 $50 off MSRP - 2.8GHz Mac mini: $949... Read more
Clearance 2015 13-inch MacBook Airs available...
B&H Photo has clearance 2015 13″ MacBook Airs available for $300 off original MSRP. Shipping is free, and B&H charges NY sales tax only: - 13″ 1.6GHz/4GB/128GB MacBook Air (MJVE2LL/A): $799... Read more
Apple certified refurbished iPad mini 4s avai...
Apple has certified refurbished iPad mini 4s now available for up to $120 off the cost of new models. An Apple one-year warranty is included with each iPad, and shipping is free. The following models... Read more
Notebook Makers In No Rush To Adopt USB-C – R...
Digitimes’ Cage Chao and Joseph Tsai note that while the USB Type-C interface is enjoying growing popularity among smartphones and tablet makers, notebook and all-in-one (AIO) PC vendors (other than... Read more
iMacs on sale for up to $250 off MSRP
B&H Photo has 21″ and 27″ Apple iMacs on sale for up to $250 off MSRP including free shipping plus NY sales tax only: - 27″ 3.3GHz iMac 5K: $2049 $250 off MSRP - 27″ 3.2GHz/1TB Fusion iMac 5K: $... Read more
12-inch 1.1GHz Retina MacBooks on sale for up...
Amazon has 2016 12″ 1.1GHz/256GB Retina MacBooks on sale for up to $100 off MSRP including free shipping: - 12″ 1.1GHz Space Gray Retina MacBook: $1199 $100 off MSRP - 12″ 1.1GHz Silver Retina... Read more
Bare Bones Software Releases Free TextWrangle...
Bare Bones Software has announced the release and immediate availability of TextWrangler 5.5, a significant update to its powerful, free, general purpose text editor for Mac OS X. TextWrangler is a... Read more

Jobs Board

*Apple* Solutions Consultant - APPLE (United...
Job Summary As an Apple Solutions Consultant, you'll be the link between our future customers and our products. You'll showcase your entrepreneurial spirit as you Read more
Lead *Apple* Solutions Consultant - APPLE (...
Job Summary The Lead ASC is an Apple employee who serves as the Apple business manager and influencer across a number of Reseller locations. The Lead ASC's role Read more
*Apple* Retail - Multiple Positions, Charles...
Job Description:SalesSpecialist - Retail Customer Service and SalesTransform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
*Apple* Retail - Multiple Positions, Willow...
Job Description:SalesSpecialist - Retail Customer Service and SalesTransform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
*Apple* Evangelist - JAMF Software (United S...
The Apple Evangelist is responsible for building and cultivating strategic relationships with Apple 's small and mid-market business development field teams. This Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.