mike wightman
SOC-14 10K
I watched this latest offering from Arvin Ash and couldn't help wondering what a TL15/16 version of stuxnet could do to the computer architecture used all across the Imperium.
So you think Virus is silly?
- Thread starter mike wightman
- Start date
Hmm well for ship computers the way I’m doing them, not much.
I’m using a hybrid of the LBB8 robot brains and the CT computers. Half of that budget are the sensor fit, which has their own rules.
The idea is to turn that CT rugged computer that takes ridiculous amounts of damage and make that a defined architecture. This was inspired by the Nyotekundu ship computer in 2300.
So take the robot brain, and design so that model number equals INT.
Then, build 12 of them. Each one is a node that is assigned to a function or specific officer. So there is a pilot node, navigator node, engineering node etc. The captain normally has a master console/security settings node, the chief steward will usually have a life support environment node for stateroom controls and so on.
The nodes will typically be less then 1/10 a dton, and built into the hull behind access panels and near the officer or function they are supporting.
They are networked to each other and can take over other functions of a damaged or destroyed node, meaning each node is also hooked into all ship systems.
There is no computer room like most deck plans, just a bridge workstation and wall screens for most of the rest. Unless they are add on backup systems in which case they will be in a room repurposed for the computer.
If the originally specced computer takes damage, it is as per CT, degrading check vs doing functions. If it’s a backup room computer, a hit drops the model number per HG.
The relevant point about a Traveller stuxnet or other takeover attempt is that it would have to be introduced/installed in one node, then progress through the whole system one node at a time.
As each node succumbs, it is as though the node was damaged/destroyed and the ship’s computer degrades but doesn’t crash.
Presumably if it’s not extraordinarily swift and the ship’s crew has a competent computer person, they can attempt to retake control of the nodes.
I’m using a hybrid of the LBB8 robot brains and the CT computers. Half of that budget are the sensor fit, which has their own rules.
The idea is to turn that CT rugged computer that takes ridiculous amounts of damage and make that a defined architecture. This was inspired by the Nyotekundu ship computer in 2300.
So take the robot brain, and design so that model number equals INT.
Then, build 12 of them. Each one is a node that is assigned to a function or specific officer. So there is a pilot node, navigator node, engineering node etc. The captain normally has a master console/security settings node, the chief steward will usually have a life support environment node for stateroom controls and so on.
The nodes will typically be less then 1/10 a dton, and built into the hull behind access panels and near the officer or function they are supporting.
They are networked to each other and can take over other functions of a damaged or destroyed node, meaning each node is also hooked into all ship systems.
There is no computer room like most deck plans, just a bridge workstation and wall screens for most of the rest. Unless they are add on backup systems in which case they will be in a room repurposed for the computer.
If the originally specced computer takes damage, it is as per CT, degrading check vs doing functions. If it’s a backup room computer, a hit drops the model number per HG.
The relevant point about a Traveller stuxnet or other takeover attempt is that it would have to be introduced/installed in one node, then progress through the whole system one node at a time.
As each node succumbs, it is as though the node was damaged/destroyed and the ship’s computer degrades but doesn’t crash.
Presumably if it’s not extraordinarily swift and the ship’s crew has a competent computer person, they can attempt to retake control of the nodes.
I love STUXNET.
What an amazing accomplishment. Amazing way to set back the Iranian nuclear program. Vast improvement, IMHO, to just outright bombing that reactor in Iraq.
Someone needs to dramatize it and get Netflix movie out on it. There's a movie on NF (the name eludes me) about a WWII operation, involving Ian Fleming no less, about placing a dead allied pilot? Courier? Something like that, with fake D-Day plans for the German to find. Fascinating story.
But let's highlight two of the things that happened with this.
One, is mentioned in the video. The bridging of the air gap. Getting the code into a facility with no external connection. It could have easily been accomplished via the USB drive as described in the video.
But, not mentioned, is one of the things that the code included, was signed code. Code signing is when code is hashed, and the code hash is then encrypted with a private key. A public key is used to decrypt the hash, and if the payload hash matches, it's deigned authentic.
This is the fundamental concept behind all of our modern security systems. For example, it's why an Apple iPhone can only be updated with code from Apple. Apple has the private keys, the phone has the public keys, so only Apple can sign the code. The phone will otherwise reject anything that's not signed.
The security around something like Apples signing keys has to be up there with nuclear secrets in the US. A compromised key would be devastating.
Stuxnet included signed code. The creators of Stuxnet, among other things, had to physically compromise one of the vendors in the supply chain and get their private key. For example, they could have broken into a Siemens office and stolen the keys. Or Siemens could have colluded. (It could well not have been Siemens at all).
But, simply, not only was there a lot of just overall work and planning and such involved in this, it looks like there was some boots on the ground sneak and peek skullduggery going on as well.
Just an amazing operation.
And, it should be noted, in the past month, a very ambitious, very powerful attack on Secure Shell was thwarted by dumb luck. It came very close to being pulled off, and the operation was at least 2 years in the making.
What an amazing accomplishment. Amazing way to set back the Iranian nuclear program. Vast improvement, IMHO, to just outright bombing that reactor in Iraq.
Someone needs to dramatize it and get Netflix movie out on it. There's a movie on NF (the name eludes me) about a WWII operation, involving Ian Fleming no less, about placing a dead allied pilot? Courier? Something like that, with fake D-Day plans for the German to find. Fascinating story.
But let's highlight two of the things that happened with this.
One, is mentioned in the video. The bridging of the air gap. Getting the code into a facility with no external connection. It could have easily been accomplished via the USB drive as described in the video.
But, not mentioned, is one of the things that the code included, was signed code. Code signing is when code is hashed, and the code hash is then encrypted with a private key. A public key is used to decrypt the hash, and if the payload hash matches, it's deigned authentic.
This is the fundamental concept behind all of our modern security systems. For example, it's why an Apple iPhone can only be updated with code from Apple. Apple has the private keys, the phone has the public keys, so only Apple can sign the code. The phone will otherwise reject anything that's not signed.
The security around something like Apples signing keys has to be up there with nuclear secrets in the US. A compromised key would be devastating.
Stuxnet included signed code. The creators of Stuxnet, among other things, had to physically compromise one of the vendors in the supply chain and get their private key. For example, they could have broken into a Siemens office and stolen the keys. Or Siemens could have colluded. (It could well not have been Siemens at all).
But, simply, not only was there a lot of just overall work and planning and such involved in this, it looks like there was some boots on the ground sneak and peek skullduggery going on as well.
Just an amazing operation.
And, it should be noted, in the past month, a very ambitious, very powerful attack on Secure Shell was thwarted by dumb luck. It came very close to being pulled off, and the operation was at least 2 years in the making.
It was a dead homeless man that was dressed up as a dead RAF officer (presumably from a plane crash at sea) and floated off the coast of Spain with an attache case cuffed to his wirst with fake documents relating to the upcoming Allied invasion at Calais where Gen. Patton across the Channel in SE England had his massed armored division of fake rubber tanks and war materiel which German planes had spotted by aerial reconnaissance. It was one of the things that contributed to delaying Hitler in responding to D-Day, mistaking the Normandy invasion as a feint.
For accuracy, Ian Fleming wrote a memo in 1939 (although it went out under the name of his superior) suggesting many means of deception against the enemy, one of which involved the use of "downed" corpses to deliver false intelligence. However, he was not involved in Operation Mincemeat itself.
Spinward Flow
SOC-14 1K
Condottiere
SOC-14 5K
The World's Worst Computer Virus: The I Love You Virus (Demonstration)
This is a demonstration of the I Love You Virus (known mostly as "ILOVEYOU"), which was recognized by the Guiness Book of World Records as the worst computer virus of all time, causing more damage than anything like it before.
May 5, 2000 was just a very average day for the very average business supervisor. Though in just a couple of hours, it would quickly turn into a day of utter chaos and turmoil. Nearly every install of brand-new computer software damaged beyond repair, over 13,000 pieces of malware detected in just one office building, and soon, over $20 billion in damage seen all across the world. What happened?
These catastrophic events were the work of a new computer worm that was circulating the internet: “ILOVEYOU.”
Quite an ironic name, but it was derived from the fact that the worm would disguise itself as a love letter coming from a secret admirer. Lo and behold, the virus caused destroyed more computers than any of its predecessors. What exactly allowed it to cause this much damage, and how did it work?
The new computer worm was circulating the world wide web. Disguised as a love letter, the ILOVEYOU virus infected millions of computers around the world, causing collectively $20 billion in damage. ILOVEYOU has since been declared one of the most catastrophic computer viruses ever developed.
This is a demonstration of the I Love You Virus (known mostly as "ILOVEYOU"), which was recognized by the Guiness Book of World Records as the worst computer virus of all time, causing more damage than anything like it before.
May 5, 2000 was just a very average day for the very average business supervisor. Though in just a couple of hours, it would quickly turn into a day of utter chaos and turmoil. Nearly every install of brand-new computer software damaged beyond repair, over 13,000 pieces of malware detected in just one office building, and soon, over $20 billion in damage seen all across the world. What happened?
These catastrophic events were the work of a new computer worm that was circulating the internet: “ILOVEYOU.”
Quite an ironic name, but it was derived from the fact that the worm would disguise itself as a love letter coming from a secret admirer. Lo and behold, the virus caused destroyed more computers than any of its predecessors. What exactly allowed it to cause this much damage, and how did it work?
The new computer worm was circulating the world wide web. Disguised as a love letter, the ILOVEYOU virus infected millions of computers around the world, causing collectively $20 billion in damage. ILOVEYOU has since been declared one of the most catastrophic computer viruses ever developed.
I have a fun virus anecdote.
I was doing some C programming for a friend. The code was destined to be run on a Windows machine.
I didn't have a PC, but that was ok, it was mostly generic C, and I was going to go into his office at the end and stick it in a Windows wrapper using his machine.
I had another floppy from a friend I was using. I wrote the C code on my NeXT machine, which could read DOS floppies. I stuck the floppy in, and copied my files.
I also took along my Apple PowerBook, which could also read DOS floppies just fine. Did some last minute tweaks to it, before taking it into his office.
He sat me down at machine, I made some last minute checks on my PowerBook, wrote the files to the floppy, ejected it, and stuck it in the PC.
Turns out the entire time there was a boot sector virus on the floppy, which naturally didn't impact either my NeXT or my Mac. As soon as I stuck it in the PC it struck, but also set off the virus detector. I managed to infect another machine with that floppy as we went through the "WTH just happened" process.
I was doing some C programming for a friend. The code was destined to be run on a Windows machine.
I didn't have a PC, but that was ok, it was mostly generic C, and I was going to go into his office at the end and stick it in a Windows wrapper using his machine.
I had another floppy from a friend I was using. I wrote the C code on my NeXT machine, which could read DOS floppies. I stuck the floppy in, and copied my files.
I also took along my Apple PowerBook, which could also read DOS floppies just fine. Did some last minute tweaks to it, before taking it into his office.
He sat me down at machine, I made some last minute checks on my PowerBook, wrote the files to the floppy, ejected it, and stuck it in the PC.
Turns out the entire time there was a boot sector virus on the floppy, which naturally didn't impact either my NeXT or my Mac. As soon as I stuck it in the PC it struck, but also set off the virus detector. I managed to infect another machine with that floppy as we went through the "WTH just happened" process.
mike wightman
SOC-14 10K
And for additional additional accuracy the homeless guy was dressed up a Royal Marine officer, not an RAF officer.
It was the invasion of Sicily that was disguised, not the invasion of France.
Marcatlas
SOC-11
Apples and Road Apples. Stuxnet was cool though. But, there are almost no real computer viruses anymore. The skill to write them is rare in the computer programming field now. I started in the AV field in the 90's. Guys in the 29A group were good (29A being a hex value, 666 being the decimal value). Their mag was followed by the AV company AV coders. A wild quarter of a century run in that field.
Timerover51
SOC-14 5K
Actually, the action was carried out in the Mediterranean to get the Germans to think that the Allies were going to invade Sardinia or possibly Greece, instead of Sicily. The Germans took the bait hook, line, sinker, and the fishing boat. The German Navy War Diaries of the time frame make for interesting reading. They were completely fooled. The book is the Man Who Never Was.
Marcatlas
SOC-11
Yes, he washed up on the Spanish shore? The info went to Berlin via Germany's Embassy in Spain
Yes, correct.
Condottiere
SOC-14 5K
mike wightman
SOC-14 10K
So explain today's cyberwarfare?
Let's ... just for laughs ... say that skill is a 1 in a million gift. Then among the 1 billion Chinese, there are only 1000 "29A group" candidates. So let us further postulate that only 1 in 100 of those with the gift, actually develop it to fruition; then there are only 10 Chinese "29A group" coders active. With a planetary population of 7.7 billion, that equates to a mere 77 active members of the "29A group" given the very conservative values assumed "just for fun".
Extrapolating that to Traveller ... how many people are in the Imperium?
[Even 1% of 1% of 1% is a LOT of Imperial Sophonts!]
Marcatlas
SOC-11
But hardly ANY of those "candidates" will even go into the field and of those a smaller % will have any interest and of those even less will have the ethical proclivity. So, the numbers you present are not at all accurate.
Marcatlas
SOC-11
Not relevant. Cyberwarfare doesn't rely on viruses. It relies of other types of malware and computer attacks. Most of the successful attacks (~80%) rely on exploitable memory errors in code. Hence the push from the White House on down for memory safe coding languages to be used. I consulted a company last year helping launch their product that is used to recompile source code to make it memory safe when running. Without needing to find the memory flaws in the source code.
Last edited:
Respectfully, I posit a mere 1 per 100 million population. That would equate to only 3 or 4 POSSIBLE in the US based on our population. Less than that by a factor of ten makes the existence of such a group impossible at the population of the Earth. The fact that they DID EXIST means the numbers cannot be THAT far off.
There are almost 8 Billion people. Even if I am off by a factor of 10 (in which case such a group never existed and there was only a 30% of even 1 individual in the US - hardly a group) then there are still about 8 people in the world.
Similar threads
