Tuesday, January 24, 2012

From new ideas in biometrics to stuxnet

Great idea (from bruce schneier's blog):

"DARPA is funding research into new forms of biometrics that authenticate people as they use their computer: things like keystroke patterns, eye movements, mouse behavior, reading speed, and surfing and e-mail response behavior. The idea -- and I think this is a good one -- is that the computer can continuously authenticate people, and not just authenticate them once when they first start using their computers."

Ralph Langner, an independent security researcher, presented his deep research results on stuxnet. It is proved now that the malware's target was Iran's nuclear program, specifically the applications used in Natanz. A few interesting notes from the report:

"Langner painstakingly connected the dots between components of the Stuxnet code with clues about the Iranian uranium enrichment culled from a variety of open source intelligence, including public statements by Iranian officials and photos from a visit to Natanz by Iranian President Ahmadinejad that inadvertently provided details on the configuration of centrifuges within Natanz."

"Sophisticated attackers have no need to develop sophisticated, zero day exploits for SCADA and ICS systems, Langner said, because those systems already have so many inherent design flaws. "If I were your attacker, I wouldn't bother to discover a buffer overflow," he said. "I'd just go to the design flaws, because they can be exploited much more reliably," he said. "This is how the pros do it.""