Greg's bite: Building a house upon the sand
TweetFollow Us on Twitter

Greg's bite: Building a house upon the sand

By Greg Mills

The Stuxnet worm news continues to resonate around the world regarding the malware that hides in Microsoft Windows operating systems and is still infecting industrial control systems. As civilians, this seems a bit out of our area of concern, until we really understand the implications and solutions.  

Most of us can agree that the nuclear reactor and uranium enrichment facilities in Iran that is being targeted represents a serious threat to the free world. However, the "blowback" from this attack may be unexpected catastrophic manmade industrial disasters down the line. Most experts think the target of Stuxnet has already been hit, and we are now seeing the collateral damage. We do know there was some sort of "accident" that hit the uranium enrichment facility that the Iranians are not talking about.

We live in a world infrastructure operated by countless computer systems. These control systems operate the valves and switches that regulate the natural gas that heats our homes, the water we expect to flow from our taps, and the electricity that makes so much of our lives tick. The gas we burn in our car comes from refineries that are controlled by complex valves and regulators that are controlled by software that is now subject to infection by Stuxnet and, soon, the copycat worms that are sure to follow.   

What makes the problem so "contagious" is that rather than infecting the isolated mini computers that control the world's valves and switches directly, the worm, with all the malware tricks and triggers is contained in about a half a meg of very complicated software. The worm infects the Windows OS and can then spread through use of an infected USB thumb drive or through the Internet. The worm checks every five seconds to see if it can find a certain Siemens control program that Iran modified to use in its plutonium refinement operations and in its nuclear reactor. If it does not find the Iranian version of the Siemens software, it doesn't seem to do anything but keeps checking for the target software every five seconds and stays dormant.  

Jesus told the parable of a foolish man who built his house upon the sand. A storm came and, because of the lack of a firm foundation, the house fell down. Folks, Windows is the sandy foundation our infrastructure is built on. While Apple went back to the drawing board and completely started over when the Mac went to OS X, Microsoft continues to build upon the ancient DOS program base from the early beginning of the PC revolution.  

Thousands of "holes" in that vulnerable OS can be used to infect Windows OS computers with malware such as Stuxnet. Unfortunately, with 90% of the world's computers running on an OS with so many weaknesses, malware spreads far and wide.  

The solutions are varied and not an easy fix.  

1. First of all, the world has to understand that running 90% of the world's computers on one common operating system is nuts. Diversity of operating systems alone would offer some protection, because a virus will only work on one specific bit of software or program. While some programs or applications are cross platform, the underlying OS and chip set may protect some computers from specific threats that the targeted systems are wide open targets for.  

2. While it may seem far fetched, there ought to be a way to filter out malware as it flows through choke points on the Internet. While isolated systems were apparently infected by using USB thumb drives, Wi-Fi and internet connections are the way most malware is being passed on.

3. The Siemens control programs that are the target of the current attack need to be made more secure to prevent infections like Stuxnet. Alternative programs need to be written and installed that work differently enough to prevent them being hijacked. Some sort of back-up system needs to be a standard in industrial controls.

4. Microsoft needs to get its act together. The Stuxnet worm used at least four newly found holes in Windows that it used to infect PCs. People shouldn't excuse crappy operating systems that are so full of holes that this sort of problem is common. Steve Balmer should be deported to Indonesia and publicly caned.

5. Certificate verification failed to prevent infection through counterfeit certificates. The notion of certificates needs to be reexamined.

6. The government and critical industries need to diversify software control systems and reduce interconnection of vulnerable systems.  

7. Buy a Mac! That's Greg's Bite for today

(Greg Mills, is a Faux Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. He's working on a solar energy startup, www.CottageIndustrySolar.com using a patent pending process of turning waste dual pane glass into thermal solar panels used to heat water. Greg writes for intellectual web sites and Mac related issues. See Greg's art web site at www.gregmills.info ; His email is gregmills@mac.com )

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Safari Technology Preview 10.1 - The new...
Safari Technology Preview contains the most recent additions and improvements to WebKit and the latest advances in Safari web technologies. And once installed, you will receive notifications of... Read more
TunnelBear 3.0.8 - Subscription-based pr...
TunnelBear is a subscription-based virtual private network (VPN) service and companion app, enabling you to browse the internet privately and securely. Features Browse privately - Secure your data... Read more
NeoFinder 7.0 - Catalog your external me...
NeoFinder (formerly CDFinder) rapidly organizes your data, either on external or internal disks, or any other volumes. It catalogs all your data, so you stay in control of your data archive or disk... Read more
Coda 2.6 - One-window Web development su...
Coda is a powerful Web editor that puts everything in one place. An editor. Terminal. CSS. Files. With Coda 2, we went beyond expectations. With loads of new, much-requested features, a few surprises... Read more
File Juicer 4.51 - Extract images, video...
File Juicer is a drag-and-drop can opener and data archaeologist. Its specialty is to find and extract images, video, audio, or text from files which are hard to open in other ways. In computer... Read more
PDFpenPro 8.3 - $124.95
PDFpenPro allows users to edit PDF's easily. Add text, images and signatures. Fill out PDF forms. Merge or split PDF documents. Reorder and delete pages. Create fillable forms and tables of content... Read more
PDFpen 8.3 - $74.95
PDFpen allows users to easily edit PDF's. Add text, images and signatures. Fill out PDF forms. Merge or split PDF documents. Reorder and delete pages. Even correct text and edit graphics! Features... Read more
BetterTouchTool 1.963 - Customize Multi-...
BetterTouchTool adds many new, fully customizable gestures to the Magic Mouse, Multi-Touch MacBook trackpad, and Magic Trackpad. These gestures are customizable: Magic Mouse: Pinch in / out (zoom... Read more
iFFmpeg 6.2.2 - Convert multimedia files...
iFFmpeg is a comprehensive media tool to convert movie, audio and media files between formats. The FFmpeg command line instructions can be very hard to master/understand, so iFFmpeg does all the hard... Read more
ForeverSave 2.1.6 - Universal auto-save...
ForeverSave auto-saves all documents you're working on while simultaneously doing backup versioning in the background. Lost data can be quickly restored at any time. Define your preferred time... Read more

Latest Forum Discussions

See All

Clash of Clans is getting its own animat...
Riding on its unending wave of fame and success, Clash of Clans is getting an animated web series based on its Clash-A-Rama animated shorts.As opposed to the current shorts' 60 second run time, the new and improved Clash-A-Rama will be comprised of... | Read more »
Leaks hint at Pokémon GO and Starbucks C...
Leaked images from a hub for Starbucks employees suggests that a big Pokémon GO event with the coffee giant could begin this very week. The images appeared on Reddit and hint at some exciting new things to come for Niantic's smash hit game. | Read more »
Silent Depth Submarine Simulation (Game...
Silent Depth Submarine Simulation 1.0 Device: iOS Universal Category: Games Price: $7.99, Version: 1.0 (iTunes) Description: | Read more »
Enneas Saga lets you lead your own demon...
Defend the land of Enneas Continent from the forces of evil in the new fantasy MMORPG from Lyto Mobi: Enneas Saga. Can’t wait? No problem. It’s available to download now on Android devices. | Read more »
Great zombie games in the spirit of Dead...
Dead Rising 4 arrives tomorrow, giving enthusiasts a fresh chance to take selfies with zombies and get up to other ridiculous end-of-the-world shenanigans. To really get into the spirit of things, we've gone and gathered the best zombie games that... | Read more »
Amateur Surgeon 4 Guide: Advanced tips a...
Amateur Surgeon 4 is still tackling the competition at the top of the App Store charts, so if you haven't tried it out yet, you should probably do that right away. If you've been at it for a while, though, perhaps you're ready to start expanding... | Read more »
Amateur Surgeon 4 Guide: Become the worl...
It's time to wield your trusty pizza cutter again, as Amateur Surgeon has returned with a whole fresh set of challenges (and some old, familiar ones, too). Starting anew isn't easy, especially when all you have at your disposal is a lighter, the... | Read more »
Le Parker: Sous Chef Extraordinaire (Ga...
Le Parker: Sous Chef Extraordinaire 1.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: | Read more »
Telltale Games really is working on a Gu...
Telltale Games' next episodic adventure is indeed Guardians of the Galaxy. A document tied to the voice actors strike suggested that the project was in the work, but now we have direct confirmation following an announcement at the Game Awards that... | Read more »
Amateur Surgeon returns to iOS and Andro...
Amateur Surgeon and its two sequels disappeared from the App Store some time and it was sad days for all. But now, just in time for the holidays, the Adult Swim favorite makes its joyous return in the shape of Amateur Surgeon 4, a remake with... | Read more »

Price Scanner via MacPrices.net

Twenty-Five Years Of Apple Laptops – A person...
Among many other things, the often tumultuous 16th year of the new century marked the 25th anniversary of Apple laptop computers, not counting the optimistically named 16-pound Mac Portable of 1989.... Read more
Landlordy iOS App Adds Support For Appliances...
Riga, Latvia based E-protect SIA is releasing major update (version 1.8) to its Landlordy app for managing rental business financials on the go. Landlordy is iPhone and iPad app designed for self-... Read more
Holiday sale, Apple iMacs for up to $200 off...
B&H Photo has 21″ and 27″ Apple iMacs on sale for up to $200 off MSRP including free shipping plus NY sales tax only: - 27″ 3.3GHz iMac 5K: $2099 $200 off MSRP - 27″ 3.2GHz/1TB Fusion iMac 5K: $... Read more
Holiday sale: Mac minis for $50 to $100 off M...
B&H Photo has Mac minis on sale for up to $100 off MSRP free shipping plus NY sales tax only: - 1.4GHz Mac mini: $449 $50 off MSRP - 2.6GHz Mac mini: $629 $70 off MSRP - 2.8GHz Mac mini: $899 $... Read more
Mac Pros on sale for up to $300 off MSRP, ref...
B&H Photo has Mac Pros on sale for up to $300 off MSRP. Shipping is free, and B&H charges sales tax in NY only: - 3.7GHz 4-core Mac Pro: $2799, $200 off MSRP - 3.5GHz 6-core Mac Pro: $3699, $... Read more
12-inch WiFi Apple iPad Pros on sale for up t...
B&H Photo has 12″ WiFi Apple iPad Pros on sale for up to $50 off MSRP, each including free shipping. B&H charges sales tax in NY only: - 12″ Space Gray 32GB WiFi iPad Pro: $749 $50 off MSRP... Read more
9-inch Apple WiFi iPad Pros on sale for $20-$...
B&H Photo has 9.7″ Apple WiFi iPad Pros on sale for $20-$50 off MSRP, each including free shipping. B&H charges sales tax in NY only: - 9″ Space Gray 256GB WiFi iPad Pro: $779.95 $20 off MSRP... Read more
Apple refurbished 2015 15-inch MacBook Pros a...
Apple has Certified Refurbished 2015 15″ Retina MacBook Pros available starting at $1699. An Apple one-year warranty is included with each model, and shipping is free: - 15″ 2.2GHz Retina MacBook Pro... Read more
Back in stock! 13-inch 2.7GHz Retina MacBook...
Apple has Apple Certified Refurbished 2015 13″ 2.7GHz/128GB Retina MacBook Pros (MF839LL/A) available again for $1099 including free shipping. That’s $200 off MSRP, and it’s the lowest price... Read more
Slate Tablet Market Share to Fall Below 75% i...
After two years of decline, the tablet market is showing signs of new life as productivity trumps entertainment, and tablets become cost-effective computing devices for both entertainment and... Read more

Jobs Board

*Apple* Products Tester Needed - Apple (Unit...
…we therefore look forward to put out products to quality test for durability. Apple leads the digital music revolution with its iPods and iTunes online store, Read more
SW Engineer *Apple* TV Frameworks - Apple I...
The Apple TV team is looking for a software...create features that reflect the look and feel of Apple TV. Description: Were looking for someone who is Read more
Hardware Design Validation Engineer - *Apple...
The Apple Watch team is looking for a Hardware Design Validation Engineer. This person will be part of the Apple Watch hardware team with responsibilities for Read more
*Apple* Retail - Multiple Positions - Apple,...
Job Description: Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
Lead *Apple* Solutions Consultant - Apple (...
# Lead Apple Solutions Consultant Job Number: 53586123 Pittsburgh, Pennsylvania, United States Posted: Nov. 28, 2016 Weekly Hours: 40.00 **Job Summary** The Lead ASC Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.