Stuxnet

not visible


Traceback (most recent call last):
  File "/srv/mikeboers.com/beta/var/venvs/Linux-x86_64/lib/python3.7/site-packages/flask_mako.py", line 228, in _render
    rv = template.render(**context)
  File "/srv/mikeboers.com/beta/var/venvs/Linux-x86_64/lib/python3.7/site-packages/mako/template.py", line 476, in render
    return runtime._render(self, self.callable_, args, data)
  File "/srv/mikeboers.com/beta/var/venvs/Linux-x86_64/lib/python3.7/site-packages/mako/runtime.py", line 883, in _render
    **_kwargs_for_callable(callable_, data)
  File "/srv/mikeboers.com/beta/var/venvs/Linux-x86_64/lib/python3.7/site-packages/mako/runtime.py", line 920, in _render_context
    _exec_template(inherit, lclcontext, args=args, kwargs=kwargs)
  File "/srv/mikeboers.com/beta/var/venvs/Linux-x86_64/lib/python3.7/site-packages/mako/runtime.py", line 947, in _exec_template
    callable_(context, *args, **kwargs)
  File "memory:0x7f16efad9910", line 9, in render_body
    </%text>${remote_content("http://www.reddit.com/r/TrueReddit/comments/krqs1/stuxnet_worlds_most_powerful_worm_a_creation_of/")}
  File "/srv/mikeboers.com/www.stage2/app/models/blog.py", line 151, in get_remote_content
    return str(obj)
  File "/srv/mikeboers.com/www.stage2/app/models/remote.py", line 116, in __str__
    html = render_template(self.template_name, **data)
  File "/srv/mikeboers.com/beta/var/venvs/Linux-x86_64/lib/python3.7/site-packages/flask_mako.py", line 250, in render_template
    context, ctx.app)
  File "/srv/mikeboers.com/beta/var/venvs/Linux-x86_64/lib/python3.7/site-packages/flask_mako.py", line 235, in _render
    raise translated
TemplateError: <mako.template.Template object at 0x7f16f0399950>

<%text>I recently watched [a TED talk](http://www.ted.com/talks/lang/eng/ralph_langner_cracking_stuxnet_a_21st_century_cyberweapon.html) by Ralph Langner, lead of one of the teams attempting to reverse engineer the virus to determine its purpose. My original reaction on Twitter was:

</%text>${remote_content("http://twitter.com/#!/mikeboers/status/118385382009212929")}<%text>

The most terrifying part about this attack is that while it was highly targeted, all of the exploits and actions it took are remarkably generic and can easily be retargeted to many other types of systems. There are many targets, and they are very vulnerable. The community of engineers and developers working with these sorts of control systems have, up to this point, not felt the need for a level of security paranoia that many software systems presently require.

There is some good discussion in the comments on Reddit:

</%text>${remote_content("http://www.reddit.com/r/TrueReddit/comments/krqs1/stuxnet_worlds_most_powerful_worm_a_creation_of/")}

Posted on September 27, 2011. Categories:

"Are we getting the same SSL cert?"

A tiny webapp to help answer that question.

Posted on July 23, 2014 to development / security