Go Back   Tech Support Forum > The Relaxation Room > Current Events

User Tag List

Technical Questions about Stuxnet, Reading "Countdown to Zero Day", by Kim Zetter

This is a discussion on Technical Questions about Stuxnet, Reading "Countdown to Zero Day", by Kim Zetter within the Current Events forums, part of the Tech Support Forum category. It's a good read. Well written, just heavy enough on technical details to lend it credibility, but not so much


Closed Thread
 
Thread Tools Search this Thread
Old 11-04-2016, 12:30 AM   #1
Troubled
 
Join Date: Oct 2016
Posts: 173
OS: Win7



It's a good read. Well written, just heavy enough on technical details to lend it credibility, but not so much that you end up snoring into a puddle of your own drool on the keyboard.

I'm still in the beginning of the book, where the story of the book starts with a little-known computer security company first discovering the existence of this undocumented, "zero day" malware, and one of the unique qualities was that it was using "stolen" driver signatures, which up to that point, had never been found "in the wild", but Microsoft had just built in a new security features were unsigned drivers were treated with suspicion, and so it was predicted that eventually malware was going to start using stolen signatures in order to get past Microsoft's new security feature.

And this is where I have problems because I really don't understand the idea of "signing" a driver. I'm assuming that it can't be as simple as copying (for example) the signature off of a Realtek driver and simply pasting into your malware and expecting everyone to believe that your malware was "signed". There has to be some kind of relationship between the code of your malware and the signature, where the signature is unique and specific to your malware, and yet is something that cannot be forged.

This is where I find it difficult to just keep on reading. How do signatures work? Is it like the public/private key thing of PGP encryption, where you can sign your messages with your private key and only people that have your public key can read them? I only sort of understand this too, but it's the only thing I have that seems like a parallel to driver signing.
Walter Mitty is offline  
Sponsored Links
Advertisement
 
Old 11-04-2016, 03:57 AM   #2
Microsoft-Team Manager
Hardware - Team Manager
 
joeten's Avatar
 
Join Date: Dec 2008
Location: Glasgow Scotland
Posts: 68,208
OS: win 10 Home



Not hard to find some info with google https://msdn.microsoft.com/en-us/win...driver-signing
Practical Windows Code and Driver Signing
Those are just a couple of the articles out there.
__________________






Eliminate all other factors, and the one which remains must be the truth.
joeten is offline  
Old 11-07-2016, 08:21 AM   #3
Troubled
 
Join Date: Oct 2016
Posts: 173
OS: Win7



The purpose of the Stuxnet malware was to destroy the centrifuges being used by the Iranian government to enrich uranium enough to make it "weapons grade". At the time (2010), the Symantec malware researchers believed that they were in the process of discovering the 1st example of "cyberwarfare" where malignant code was used to physically destroy equipment, however they were not aware of a test that took place in 2007, commonly known as the "Aurora Generator Test", where code was used to destroy a 5,000 lb. diesel-powered electrical generator, which was the size of a small bus.

https://en.wikipedia.org/wiki/Aurora_Generator_Test

I thought this was interesting, and thought I'd post it.
Walter Mitty is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
error 680
Hi everyone I have lenovo x200 windows 7ult updated, trying to use 3g sim card iin the internal modem and am getting error 680 no tone. here are the diagnostics could you tell me what to do\? Remote Access Diagnostic Report
rur Networking Support 1 09-19-2013 09:57 PM
Looking to get better quality on my scans
I have HP C4180 All-in-one (print, scan, copy) Right now I'm trying to scan a yearbook that I never got myself, back when I was in middle school. I want to scan the whole thing and return it to the owner, who has not had it in months. Only thing is, I don't want the quality to be bad as I probably...
PC person Printer Support 4 06-15-2011 06:02 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 06:17 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts