General discussion


Conspiracy Theory 101: Was Microsoft in on Stuxnet?

By robo_dev ·
The Stuxnet Worm, as we all know, was a cyber-weapon deployed to disrupt Iran's nuclear program.

Stuxnet was successful due to two vulnerabilities.

One vulnerability was found in the Siemens PLC equipment and the other was a zero-day exploit in Windows.

The Siemens vuln was identified when security testing was done on that equipment at a prominent US-based security test lab. Not too coincidentally, after that security testing was completed, Stuxnet was developed to take advantage of it.

In theory, let's say there was an issue that could affect the security of a nation, like if a hostile country were developing nuclear weapons. And, in theory, there were an operating system that was used by both countries, but the software maker was based in the first country.

It would be possible, in theory, that the software company might share knowledge of a vulnerability....or even create one, to support the nation where they are based. All, in theory, of course....

So the question is, does Microsoft have a secret locked room full of zero-day exploits?

Surely the people who wrote the software, and those who know every line of code must know where there are chinks in the armor? So if they were asked to reveal their weaknesses, in the name of national security, or for a large suitcase full of cash from a friendly nation, would they do it?

In terms of efficiency, instead of taking the time to discover and perfect a vulnerability and exploit, why not go to the source?

Consider too, that many hardware and software vendors accidentally re-introduce faults in patches that were fixed in prior releases (cough *Cisco* cough).

Would it not be terribly convenient if a specific very useful vulnerability were baked into a software update? (obviously this would fail if the target is lax when it comes to patch management).

Again, this is all theoretical conjecture, not meant to disparage or impugn the reputation or practices of Microsoft, it's employees, or their products.

Sorry, I'm off to fashion my shiny new tinfoil hat now.....

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums