Holy Shit, Stuxnet!

In June of 2010, researchers at a cyber security firm in Belarus called VirusBlokAda discovered a troubling bit of malware with a mysterious purpose. It used USB drives to transmit itself, bypassing Internet security. This was nothing new, nor was it overly troubling.

What was both of those things was the fact that this new malware was using multiple zero-day exploits. That's what programmers call an exploitable bug that hasn't been discovered or patched yet. Which means a fully-patched, fully up-to-date operating system with cutting edge security would still be vulnerable to it.

So not like the malware you'd only find on grandma's computer

It takes an enormous amount of effort and resources to discover a zero-day exploit, largely because there are legions of hackers constantly working to do just that in the interest of proactively preventing security problems. This malware, which came to be known as Stuxnet, used four of them. No malware up to that point had ever managed such a feat.

Even more baffling, Stuxnet did not appear to cause any harm once it infected a new system. It just sat in wait until either it could infect a new computer or a specific piece of hardware was attached to it. By painstakingly reading through countless lines of code, security experts were able to determine that its target was specific PLC systems.

Which basically look like boxes of plastic with some wires and lights on them.

A PLC is used to automate industrial processes, which is where you might start to feel uneasy about this whole story. A bit more digging and the process of elimination revealed the bombshell. The PLCs that Stuxnet was intended to target were almost certainly used to regulate industrial centrifuges at a nuclear facility in Natanz, Iran.

The other ways in are well-guarded and way less subtle. So flash drive it is, I guess.

At this point, the perpetrator of the Stuxnet cyber attack has all but tacitly acknowledged its role. But I'll give you two guesses. Who would have a major interest in sabotaging a nuclear facility in Iran?

Certainly a motive there.

But who would have the resources to assemble the team of gifted programmers, industrial experts and spies necessary to pull off a feat like that?

Spoiler Alert: it was probably both.

And make no mistake. It worked. It's hard to say how well it worked since any official planning or execution documentation is certainly and highly classified, but thousands of Iranian centrifuges mysteriously failed before Stuxnet was discovered.

This is obviously a win for American espionage, but it has broader implications that are staggeringly bleak. At some point, this operation, (known as Operation Olympic Games), and by extension the United States government, determined that there were four vulnerabilities which could potentially lead to industrial sabotage. Maybe even to catastrophic attacks on infrastructure. And rather than take defensive measures to fix the problem, they used it against another nation.

The use of zero-day exploits by nation states is potentially a Pandora's Box on par with the use of weapons of mass destruction. Stuxnet opened the box.

Holy shit.





"Gas centrifuge cascade" by U.S. Department of Energy - Public Domain

"Bonzi buddy". Licensed under Fair use via Wikipedia

"S7300" by Ulli1105 - Own work. Licensed under CC BY-SA 2.5 via Commons
\
"Natanz nuclear" by Hamed Saber - http://www.flickr.com/photos/hamed/237790717. Licensed under CC BY 2.0 via Commons

Holy Shit, Turing!

I briefly mentioned Alan Turing in his capacity as a code breaker during World War II, but I didn't really elaborate. How about I do that now?

Turing was a goddamn genius. He had a mind that handled intricate logic the way most of us handle tying our shoes. During World War II, he helped build the framework for what would eventually become computers, and he did so in an effort to decode the German Enigma Machine. When his efforts paid off, he moved on to a more difficult version used by the Nazi navy, and he did that part himself. Because he felt like it.

How hard could it be?

When the war ended, he decided to continue working on this newfangled "computer" idea, and it's largely because of that decision that you're reading this post today. At one point during his research, a strange question arose. He and his team were creating machines with stored memory. Machines that employed logic with relatively little input from users. The question was, "At what point can these machines be considered intelligent?"

And so the concept of realistic artificial intelligence was born. Turing even gave us a way to determine when we were approaching or crossing that threshold. He got the idea from a party game where two people would go out of sight and type answers to a series of questions, trying to imitate each other so that the rest of the group can't tell who's who.

The game was adapted into film in 1997

The Turing Test is like that, except one of the two players is not a human. The best way to go about it, Turing argued, would be to create a child-like computer then subject it to an education of sorts. And that's what people did. Chatter bots are all based on the principle of the Turing Test. They learn new tricks by talking to people. None of them have quite gotten the hang of it, though.

Well, until last week. At the University of Reading, a chatter bot named Eugene managed to convince a third of a panel of judges that it was a 13-year-old Ukrainian boy. Granted, there are some concerns about the methods, the judges, and the parameters. But the test itself was never a dichotomy so much as a general idea of where the fine line is between a machine and a mind. What Eugene tells us is that, while we might not have created a mind yet, we're very close.

And it doesn't at all resemble the terrifying love child of Macauley Culkin and Heinrich Himmler

As for Turing, he became the victim of archaic moral legislation. Alan Turing was a gay man, which was not something you wanted to be in the United Kingdom back in his day. It was illegal for him to be who he was. One day, his house was robbed, so he called the police. It came out while they were interviewing him that he was in a relationship with a man. He was promptly arrested and convicted of "indecency." His punishment was a combination of probation and chemical castration, as well as the revocation of his security clearance. This effectively ended his career.

Two years later, Alan Turing imitated his favorite fairy tale (Snow White) by lacing an apple with cyanide and eating it, killing himself. And that's how Britain showed its appreciation for one of the greatest minds their country had ever produced. A mind that not only laid the groundwork for modern computer science, but saved countless lives by taking the enigma out of the Enigma machine. It only took them 55 years to apologize for the way they treated him. Then 4 more for the Queen to give him a pardon.

Holy shit.