On Dec 22, 10:44*pm, f...@rahul.net (Edward A. Falk) wrote:
> In article <26712083-1276-45ca-b049-d1bcb5c26...@f2g2000vby.googlegroups.com>,
>
> RayLopez99 *<raylope...@gmail.com> wrote:
> >If they used Windows with the latest patches from Norton, arguably
> >this would never have happened. *But thank Allah for Linux and "virus
> >free computing", *LOL!
>
> My understanding is that Stuxnet is a Windows-specific virus. *Where
> does Linux enter into it?
>

Yes, you are correct. Linux does not enter into it. But had the
Israelis wanted to penetrate Linux, they could have. After all this
virus was one of the most sophisticated ever, see below. And it
spread via a classic "zero-day"attack.

RL


This kind of service can extend the life of outdated malware, or
extend the time new threats stay
undetected. However, the use of such technologies to resist detection
by antivirus software can be used
as a heuristic for the detection of previously unknown samples. But
the converse case also holds true:
avoiding using any techniques aimed at bypassing antivirus software
and making the program resemble
legitimate software more closely can be a way of protecting malware.
This is the case with the attack
mechanism used by the Stuxnet worm

The Stuxnet attack constituted a serious threat to trust in software
using legal digital signatures. This
creates a problem for white-listing, where security software is based
on the a priori assumption that a
trusted program meets certain conditions and is therefore indeed
trustworthy. And what if the program
closely resembles legitimate software and even has digital
certificates for installed modules published in
the name of reputable companies? All this suggests that targeted
attacks could persist much longer over
time than we previously imagined. Stuxnet was able to stay undetected
for a substantial period where
no one saw anything suspicious. The use of a self-launching, 0-day
vulnerability in the attack allowed the
rapid distribution of Stuxnet in the targeted region. The choice of
this kind of vulnerability is quite
deliberate, because in the absence of information about its existence,
use of the exploit will not be
detected. All these facts suggest a well-planned attack which remained
unnoticed until long after it was
launched. But it is precisely the existence of such threats that
inspires us to look at the new vector and
the possibility of attacks that use it, in order to reduce the impact
of future attacks.