Security industry will profit
The security industry will love this, its a profit vector.
9 publicly visible posts • joined 27 Feb 2008
"Motivation behind Stuxnet." BP lobbied for the release of the Lockerbie bomber, and the people responsible for Stuxnet wanted to make sure they paid. To make sure the oil deal from releasing the bomber, BP couldn't make a profit from. Stuxnet targeted the oil well. There were a lot of unhappy people after the release of Abdelbaset Ali al-Megrahi. Abdelbaset Ali al-Megrahi was convicted for blowing up Pan Am Flight 103 over Lockerbie, Scotland, on December, 21, 1988. He was freed on compassionate grounds by the Scottish government on August, 20, 2009. The claim was he had terminal prostate cancer and was expected to have less than three months to live. It was a lie and he is still alive living the life of riley in Libya. Originally posted by me at http://www.schneier.com/blog/archives/2010/10/stuxnet.html#c467887
Type your comment here — plain text only, no HTML
I'm calling for an independent investigation to get to the truth, not one that is relying on information from a spy agency who houses some of America's top hackers who's job it is to support US foreign policy and could be involved in the attack.
The report originated from security vendor McAfee, who will by trade make a small issue appear massive and will try and create a hype. Sure, US-Cert had no choice but to follow up with an alert. The truth is though this is a small outbreak, if there is any infection activity at all. If a trojan report originally comes from a non-security vendor then a report has more weight. As soon as I noticed the report of this mobile trojan last night I took the report with caution and didn't post it to my mailing list.In truth this is a non-event, just hyped up by McAfee for business interests. The security vendor inustry are desperate for the whole mobile hacking thing to explode right now, they have their products to protect against it already built up and waiting for use, accept no one is buying them, because there is no attack vector to cause alarm yet amoung normal folks. However, the security vendor industry should be careful with this, because if you cry wolf too many times, your going to weaken your credibility when the real mobile threats are rolled out by hackers. Sure, its good to release these reports on a globally known press release day Tuesday's and Thursday's, but you're doing yourself as a vendor more damage than its worth. I suggest the written media take a backseat approach to folks like McAfee making these announcement's and what the motivation might be, to inform the masses of a real threat or one that's going to keep a vendor's company name in circulation and associated with mobile protection products, to trick the general public into thinking third party application's are necessary for your mobile phone's existence at such a premature time in mobile phone research time frame of february 2008. In 2008, there is still no real mobile security threat and there is certainly no need for any third party security vendor products from McAfee or any other vendor.