I watched a short report on the Stuxnet bot, virus, trojan, worm, thing. All the super-spy stuff scared the crap out of me. I do not care how sophisticated it is/was. Whether it has really been detected. Or whether or not it’s actually real.
What bother’s me about it is (a) it is said to have been running silent. (b) seemed to know exactly what it was looking for. So I find myself asking a number of questions:
(1) have my computers been infected with something I need to be worried about?
(2) has the infrastructure that I depend on daily been infected or compromised?
(3) what happens if/when Stuxnet-lite or #2 completes the Stuxnet mission?
Two days ago I wanted to FAX a 30 page document. I took my document to the local USPS store. They scanned it and sent it. I also asked them to email me a copy of the same docs. The funny thing is… I have a stack of thumb drives on my desk. I could have easily used one to transport the scanned image home. But I started to think about Stuxnet and it’s attack vector. Thumb drives. Thus the USPS agent emailed my document to me.
Sandboxing as described by Apple is going to resolve a number of security issues but it is not going to solve them all. It’s not going to help if OSX has been compromised with a backdoor from the source. It’s not going to help if there are some bugs in the hardware (think SQL injection to a website). And so on.
The thing that Stuxnet was was supposed to do was provide some plausible deniability. Consider that in the forest of BSOD that Windows receives in a year. How many are real and how many are something else?