|
Ukraine is never going to have a moment's peace without an independent deterrent and a sub-based second strike capability or equivalent imo (not sure what the equivalent would be really, maybe something translunar).
|
#
?
Jan 13, 2023 13:33
|
|
|
|
| # ? Jun 5, 2024 19:40 |
|
|
One of the fears of undeterred acute threats is that smaller countries may seek nuclearization. Not a fan of that idea…
|
|
#
?
Jan 13, 2023 14:33
|
|
|
mlmp08 posted:One of the fears of undeterred acute threats is that smaller countries may seek nuclearization. Not a fan of that idea… Pretty much unavoidable at this point. GOP's drumming the Iran war drums and Russia invading Ukraine basically says, geopolitically, either you get a nuclear weapon or two or you are at the whims of the world.
|
|
#
?
Jan 13, 2023 15:16
|
|
|
I think the Convention on Cluster Munitions is likely going to be a more proximate victim of this conflict.
|
|
#
?
Jan 13, 2023 15:25
|
|
|
slurm posted:Ukraine is never going to have a moment's peace without an independent deterrent and a sub-based second strike capability or equivalent imo (not sure what the equivalent would be really, maybe something translunar). Ugh yeah, terrible lesson for the world how NK got more prestige and is much less likely to be regime changed since going nuclear, while Libya gave up their program and it didn’t work out for their leader. CommieGIR posted:Pretty much unavoidable at this point. GOP's drumming the Iran war drums and Russia invading Ukraine basically says, geopolitically, either you get a nuclear weapon or two or you are at the whims of the world. I know there are reasons that explain it but I still don’t totally understand how if the US was able to have a successful nuclear program in the 1940s, and South Africa did it in the 1970s, why any significant present day country can’t do the same. Especially as Iran faces plausible threats of invasion (I know that would be insane but it’s the GOP) that a nuclear stockpile would deter.
|
|
#
?
Jan 13, 2023 15:39
|
|
|
Hyrax Attack! posted:Ugh yeah, terrible lesson for the world how NK got more prestige and is much less likely to be regime changed since going nuclear, while Libya gave up their program and it didn’t work out for their leader. NK has no prestige or protection from building nukes. Their protection is that they're an economic basket case and Chinese client. No one will mess with them because no one wants to be the one to deal with its reconstruction. The only fear its nukes inspire is that it will use one stupidly and cause an international incident with large loss of life. It would cease to exist as a nation the moment it did use one.
|
|
#
?
Jan 13, 2023 16:25
|
|
|
Hyrax Attack! posted:I know there are reasons that explain it but I still don’t totally understand how if the US was able to have a successful nuclear program in the 1940s, and South Africa did it in the 1970s, why any significant present day country can’t do the same. Especially as Iran faces plausible threats of invasion (I know that would be insane but it’s the GOP) that a nuclear stockpile would deter. The main focus of nuclear arms control has been on the manufacturing side. The science and math is pretty well understood and publicly available, but its hard to get the materials. Enriching uranium requires a lot of very specialized equipment and has a large physical footprint, both of which are closely monitored.
|
|
#
?
Jan 13, 2023 16:30
|
|
|
Xenoborg posted:The main focus of nuclear arms control has been on the manufacturing side. The science and math is pretty well understood and publicly available, but its hard to get the materials. Enriching uranium requires a lot of very specialized equipment and has a large physical footprint, both of which are closely monitored. Its also readily detectable from the air, which makes it hard to do without being obvious. There's also the fact that enrichment devices are incredibly engineering intensive and generally requires components specially manufactured that cannot just be made in house.
|
|
#
?
Jan 13, 2023 17:25
|
|
|
CommieGIR posted:Its also readily detectable from the air, which makes it hard to do without being obvious. There's also the fact that enrichment devices are incredibly engineering intensive and generally requires components specially manufactured that cannot just be made in house. Some of those enrichment devices are also susceptible to damage if their control software were to suddenly...uh..."malfunction". 
|
|
#
?
Jan 13, 2023 17:30
|
|
|
Neophyte posted:Some of those enrichment devices are also susceptible to damage if their control software were to suddenly...uh..."malfunction". And this, children, is why we don't plug in unknown USB drives to SCADA equipment.
|
|
#
?
Jan 13, 2023 18:25
|
|
|
CommieGIR posted:And this, children, is why we don't plug in unknown USB drives to SCADA equipment. But how will we know what's on it?????
|
|
#
?
Jan 13, 2023 18:37
|
|
|
CommieGIR posted:And this, children, is why we don't plug in unknown USB drives to SCADA equipment. On that note, new SCADA vulnerability just dropped. https://arstechnica.com/information-technology/2023/01/a-widespread-logic-controller-flaw-raises-the-specter-of-stuxnet/
|
|
#
?
Jan 13, 2023 18:58
|
|
|
CommieGIR posted:And this, children, is why we don't plug in unknown USB drives to SCADA equipment. Do we have confirmation that was what happened? Everything I read had it going back to infecting someone’s laptop which put a foothold into the public accessible network. They then lurked and modified drivers which is what caused the imbalances to occur and cause the centrifuges to break. But it was a poster child of long term planning and acting slowly to achieve the result.
|
|
#
?
Jan 13, 2023 19:04
|
|
|
Nystral posted:Do we have confirmation that was what happened? Everything I read had it going back to infecting someone’s laptop which put a foothold into the public accessible network. They then lurked and modified drivers which is what caused the imbalances to occur and cause the centrifuges to break. I was partially joking, but there's a lot we don't know but I know there's rumors that an Israeli asset within the Iran Enrichment Program managed to get a USB drive into the facility and plugged it into a system on network with the SCADA. As far as I am aware Stuxnet never managed to actually get to the Enrichment program just via spreading over the wild internet. There was some deliberate action required in the end. Even then, its not clear if Stuxnet even achieved its goals at all.
|
|
#
?
Jan 13, 2023 19:11
|
|
|
Nystral posted:Do we have confirmation that was what happened? Everything I read had it going back to infecting someone’s laptop which put a foothold into the public accessible network. They then lurked and modified drivers which is what caused the imbalances to occur and cause the centrifuges to break. The Stuxnet worm deployed the embedded PLC sabotage code. https://en.m.wikipedia.org/wiki/Stuxnet
|
|
#
?
Jan 13, 2023 19:11
|
|
|
Specifically, https://community.broadcom.com/syma...ibrarydocuments
|
|
#
?
Jan 13, 2023 19:12
|
|
|
Nystral posted:Do we have confirmation that was what happened? Everything I read had it going back to infecting someone’s laptop which put a foothold into the public accessible network. They then lurked and modified drivers which is what caused the imbalances to occur and cause the centrifuges to break. I've seen public speculation that the attack chain involved compromising internet facing workstations that engineers used to download firmware, and then it inserted the malware into the firmware patches before they were carried across the airgap. Which is theoretically plausible but especially at that time would require a very sophisticated cyber operations group to pull off 
|
|
#
?
Jan 13, 2023 19:13
|
|
|
Nystral posted:Do we have confirmation that was what happened? Everything I read had it going back to infecting someone’s laptop which put a foothold into the public accessible network. They then lurked and modified drivers which is what caused the imbalances to occur and cause the centrifuges to break. The PLCs on the centrifuge network were airgapped. The CIA/Mossad knew that they still needed to get the program logic from the engineering workstations to the PLCs themselves, and used a zero day exploit tied to the Windows USB autorun feature to slip-stream the malware onto the USB drives they used to transfer the files. Once the USB drive was inserted into the EWS on the PLC network, it leveraged an exploit within the PLCs to surreptitiously install compromised firmware without notice. This contained controller logic that modified the centrifuge operations, which would cause them to fail more quickly over time. The malware also infected the HMIs (the monitoring systems - basically a dashboard for OT devices) to show fake values, despite the real values (outside the tolerance of the contributes) being reported back. The moral of the story is that airgaps don't work, and you should always assume a network can and will be compromised. psydude fucked around with this message at 19:37 on Jan 13, 2023 |
|
#
?
Jan 13, 2023 19:33
|
|
|
CommieGIR posted:And this, children, is why we don't plug in unknown USB drives to SCADA equipment. 
|
|
#
?
Jan 13, 2023 19:34
|
|
|
Soylent Pudding posted:I've seen public speculation that the attack chain involved compromising internet facing workstations that engineers used to download firmware, and then it inserted the malware into the firmware patches before they were carried across the airgap. Which is theoretically plausible but especially at that time would require a very sophisticated cyber operations group to pull off This is in line with how SANS kept talking about Stuxnet. Of course no attribution is ever made, but that is in line with what I’ve seen from them and other (now-outed) former NSA folk. Malware Jake is still bitter about it if the topic ever comes up. He also names all of his test / demo systems something bear in his IANS classes I’ve been on.
|
|
#
?
Jan 13, 2023 19:36
|
|
|
Nystral posted:This is in line with how SANS kept talking about Stuxnet. Of course no attribution is ever made, but that is in line with what I’ve seen from them and other (now-outed) former NSA folk. Malware Jake is still bitter about it if the topic ever comes up. He also names all of his test / demo systems something bear in his IANS classes I’ve been on. I've worked in OT security for the better part of 6 years. This space somehow manages to be even more full of insufferable douchebags than normal cyber security. e: The extreme, overwhelming majority of stuff that we see is garden-variety malware that inadvertently makes its way onto the OT network. But every so often - and it is rare - we get a customer or partner that's caught and defeated something related (directly or secondarily) to the topic of this thread, and it really is immensely fulfilling on a basic human level. psydude fucked around with this message at 19:51 on Jan 13, 2023 |
|
#
?
Jan 13, 2023 19:39
|
|
|
Worth noting for all of the planning and time, the year after Iran's network was compromised Iran actually increased their enrichment output by 60% so in the end it really didn't make a difference. Which is why Israel started bombing/killing scientists including with remote control machine guns in cars.
|
|
#
?
Jan 13, 2023 19:39
|
|
|
Russia is doing a USSR speed run at the moment. Finnish war 2.0 now in Ukraine. 2023 will probably be year of purges and further suppressions of local populace within Russian borders. Hopefully we’ll skip the whole world war thing. That brings us to the Cuban missile crisis. And there is currently one country that’s helping Russians and west would hate to negotiate with as equals. So put nuclear Iran on your bingo cards as a primo trolling tactic by Putin.
|
|
#
?
Jan 13, 2023 20:33
|
|
|
iv46vi posted:Russia is doing a USSR speed run at the moment. Finnish war 2.0 now in Ukraine. 2023 will probably be year of purges and further suppressions of local populace within Russian borders. Hopefully we’ll skip the whole world war thing. That brings us to the Cuban missile crisis. And there is currently one country that’s helping Russians and west would hate to negotiate with as equals. So put nuclear Iran on your bingo cards as a primo trolling tactic by Putin. Who wants to join my summoning circle so we can ask Tom Clancy who would win between Mossad remote controlled machine gun cars and FSB nerve agent umbrellas?
|
|
#
?
Jan 13, 2023 20:38
|
|
|
idk the cubans seem more chill these days
|
|
#
?
Jan 13, 2023 20:44
|
|
|
*dusts off the old ouija board*
|
|
#
?
Jan 13, 2023 20:45
|
|
|
What makes me laugh about CR2 is that 10 is such a poo poo number and I wonder how they'll integrate ukr Comms in to the las
|
|
#
?
Jan 13, 2023 23:00
|
|
|
Sorry, the best I could do was use ChatGPT as a lovely Ouija board.Undead Tom Clancy posted:It was a typical day in the bustling city of Moscow when suddenly, chaos erupted. The streets were filled with the sound of gunfire and screams as a group of Mossad agents, operating remotely controlled machine gun cars, engaged in a fierce battle with FSB agents wielding nerve agent umbrellas. Also, lol @ "avoiding civilian casualties" standard.deviant fucked around with this message at 23:02 on Jan 13, 2023 |
|
#
?
Jan 13, 2023 23:00
|
|
|
psydude posted:I've worked in OT security for the better part of 6 years. This space somehow manages to be even more full of insufferable douchebags than normal cyber security. Dumb question, but what is OT?
|
|
#
?
Jan 13, 2023 23:08
|
|
|
EasilyConfused posted:Dumb question, but what is OT? Not a dumb question. Operational technology - basically the hardware and software that manipulates industrial equipment and processes.
|
|
#
?
Jan 13, 2023 23:19
|
|
|
EasilyConfused posted:Dumb question, but what is OT? Operational Technology. IT's industrial counterpart.
|
|
#
?
Jan 13, 2023 23:20
|
|
|
standard.deviant posted:Sorry, the best I could do was use ChatGPT as a lovely Ouija board. P good but nowhere near long enough and a little light on the extraneous descriptors
|
|
#
?
Jan 13, 2023 23:21
|
|
|
CommieGIR posted:Pretty much unavoidable at this point. GOP's drumming the Iran war drums and Russia invading Ukraine basically says, geopolitically, either you get a nuclear weapon or two or you are at the whims of the world. I don't want to give up on the idea of the middle east all deciding to nuclearize (or at least KSA, Iran, probably others who can afford it), a fully nuclearized Korean peninsula, etc. There's been a lot of often hard work into minimizing nuclear proliferation, often with good effects. I'd like to think we can keep that sort of nuclear arms race among small regional powers under wraps for some time yet. Iran still has not decided to build nukes. Saudi Arabia isn't pursuing a nuke, but that could change if Iran decides to build nukes. South Korea occasionally flirts with the idea, but hasn't committed and is under the US nuclear umbrella.
|
|
#
?
Jan 13, 2023 23:24
|
|
|
psydude posted:Operational Technology. IT's Bizarro cousin. It's a freakshow. It's so fun. (I am GICSP)
|
|
#
?
Jan 13, 2023 23:30
|
|
|
MonkeyLibFront posted:What makes me laugh about CR2 is that 10 is such a poo poo number and I wonder how they'll integrate ukr Comms in to the las 10 is also small enough to just scrape a t-72 for the internal and external comms and refit by hand in a matter of days, not needing to design a larger-lasting plan for C2UKR variant.
|
|
#
?
Jan 13, 2023 23:57
|
|
|
Valtonen posted:10 is also small enough to just scrape a t-72 for the internal and external comms and refit by hand in a matter of days, not needing to design a larger-lasting plan for C2UKR variant. Yeah makes sense to rip out all the bowman, more room for the commander as well without the combat screen. I swear if I see a registration that I've commanded absolutely taking names I'll be proud and also sad. T72s popping lids is all I dreamt about 😂
|
|
#
?
Jan 14, 2023 00:07
|
|
|
Rust Martialis posted:It's a freakshow. It's so fun. Is the job market as hopping as it is on the IT side? I have an 18 yr old that is looking for some advice on possible careers.
|
|
#
?
Jan 14, 2023 00:19
|
|
|
Coasterphreak posted:Or we could just park a full fleet in the Black Sea and tell Russia to knock it off, but that won’t happen unfortunately. Based on what we've seen so far, we could probably send Constitution.
|
|
#
?
Jan 14, 2023 00:51
|
|
|
I want to watch a wooden sailing ship launch an ASM
|
|
#
?
Jan 14, 2023 00:56
|
|
|
|
| # ? Jun 5, 2024 19:40 |
|
|
Godholio posted:Based on what we've seen so far, we could probably send Constitution. My escalation worries are rapidly decreasing as I contemplate a FFGW
|
|
#
?
Jan 14, 2023 00:58
|
|
