- Linux Computers
- DVDs & Films
- Writings & Reports
- Arab Spring
- Libyan Revolution
- Libyans spilled blood for us!
- NATO killed 60 civilians in Libya
- ANSWER Libya Forum
- Battle to Liberate Tripoli
- Behind the Green Curtain
- NATO's Game Plan in Libya
- How They Won
- Abdul Fattah Younis
- Abdul Rahman
- Amy gets it wrong
- CCDS on Libya
- Chris Hedges on Libya
- Current Events in Libya
- Doha summit
- Racism in Libya
- On Libya & Glenn Greenwald
- NATO's intervention in Libya
- Gilbert Achcar on Libya
- Tripoli's Long Night
- Green Sq Reality Check
- Qaddafi's Million Man March
- Lockerbie Bomber Lie
- Kucinich & Qaddafi Regime
- NATO over Tripoli
- Libya & Syria: Dueling Rallies
- AI on Libya again
- Situation in Libya
- ANSWER answers me
- Libya in the news today
- Tripoli Burn Notice
- Libya on PressTV
- Throwing babies out
- Libyans killed by NATO
- Libyans, Palestinians & Israelis
- Africa Rising
- The Occupy Movement
- The Year in Review
- Occupy Oakland on Jan. 28
- How Occupy LA got itself evicted
- Why Villaraigosa kicked us out
- Demonization of Mario
- Was DHS behind the eviction
- OccupyLA Eviction
- Did 1st Amend protect OLA
- Bandits of America
- OccupyLA Day 48
- Hard Block Cafe
- 10K March with OccupyLA
- OccupyLA - Day 8
- OccupyLA - Day 7
- OccupyLA - Day 6
- OccupyLA - Day 5
- OccupyLA - Day 4
- OccupyLA – Day 3
- OccupyLA - Day 2
- OccupyLA - Day 1
- Occupy Los Angeles Starts
- Arab Spring Comes to LA
- OccupyLA on 10/1
- G20 Road Trip
- The Decisive Decade
- Anonymous & WikiLeaks
- US Wars
- Why the US didn't find WMD
- US troops pose with bodies
- Haditha & USMC
- Louis Proyect reviews VAH
- Announcing Premiere of VAH
- Vietnam War was holocaust
- What Is A Holocaust?
- Winter Soldier Southwest
- Ex-Marine Corps Serial Killer
- Another Day In Iraq
- The Liberation of Viet Nam
- Hearing Cpl. Ryan
- Ahmadinejad @ Columbia
- Executing Afghan Kids
- How War Started
- Agent Orange in Iraq
- US Killing in Yemen
- Happy New Years Iraq!
- US Politics
- Too Big To Fail?
- Liberty Bell Destroyed!
- Xmas Carol for Obama
- Obama on Vietnam
- Stop This Oil Leak
- Karl Marx on TV!
- BP Dome won't work
- Rick Santorum
- Bill Clinton Rips GOP
- Laid off Census Worker
- Severe Conservative?
- This Week: Sen. John McCain
- Newspaper Death Spiral
- Sarah Palin
- Sotomayor Experience
- "Everyone is Disapearing"
- Racism in the US
- Internet Freedom & Open Source
- My Best Tweets
- Android make Google Money?
- Country Codes for the Internet?
- End of the Internet
- Free Press would this Illegal!
- Free Press Agenda?
- Google Verizon Deal
- Keith Olbermann's Deception
- Obama versus Google
- What are these RMT Alerts?
- Verizon's Rebate Challenge
- Victory is Sweet
- Why I like Google
- Would Net Neutrality Stop WikiLeaks?
- e- G8 plans for Internet
- Al Franken on Network Neutrality
- Cyber War Report
- FCC Internet Rules
- Google Must Be Evil
- Google\Verizon Net Neutrality
- Internet Engineers
- Julian Assange on Threat
- Let a 100 Websites Blossom
- Mountain comes to Mohammad
- Net Neutrality's Trojan Horse
- Obama's Internet Coup d'état
- Victory on Internet Censorship
- Daily Kos Diaries
- Stubborn Things
- WL Central Writings
Who made Flame?
Flame, of course is the latest computer super bug discovered and publicized by Kaspersky Lab which also discovered the famous Stuxnet malware. Flame shares two features with the fabled Stuxnet virus, 1.) it appears to be targeted at certain middle east countries, most notably Iran, and 2.) it is of such sophistication and complexity as to imply that the source is a state actor. But unlike Stuxnet, which targeted a specific class of industrial computer, Flame is designed to spy on the target by capturing keystrokes, taking pictures and video with the target's camera, recording audio with the computer's built-in mike, and even using blutooth to collect info and sophisticated compression techniques to send the info back to its master at regular intervals.
I haven't visited Slashdot.org, where I go by the handle CatInTheHat, in a long while but in as much as I know it to be a good place to get the low down on subjects like this, I thought I have a look at the chatter over there. I found one analysis left by an Anonymous Coward so insightful that I thought it worth repeating here. He draws his conclusions based, in part, on the software licenses of the libraries used to build the rather bulky Flame malware. His comment is below the fold.
Earlier comments had already identified three commons sources of computer malware as hackivists, cybercriminals and intelligence agencies. Each of these groups has a need for different types of computer malware and creates it according to their purpose. Anonymous Coward on Monday May 28, @04:14PM (#40137021) added this:
Who made Flame?
Flame seems to use libraries with permissive licenses only. No hacktivists or cybercriminals would care about this issue, they would use whatever works best.
This leaves governments, they might. Why? Because if it ever becomes known who actually made it, that party would need to release all of the sources, had they used libraries under some copyleft license! Why? Well, whoever made Flame has already obviously distributed binaries, so suing for copyleft violation would happen in court, and it would be many people suing, especially the counterparty is the government. It would be a PR disaster, and to risk that on an election year? No way.
Also, Flame requires a considerable infrastructure to store and analyze the spied information. Which governments would be capable of pulling this off? All the big ones with a lot of money to spend: China, Russia, Great Britain, France, USA, Japan, ...
So, which government cares a lot about intellectual property? China? Nope. Russia? Nope. Great Britain - well, yeah. Personally, I don't think it was Great Britain. It would be enlightening to check the Flame Lua-parts (or other plaintext in the main Flame) for spelling of -ise vs. -ize. I bet there's -ize and not -ise.
It is said that Stuxnet and Flame share similar 0-day holes. The nation which developed Stuxnet is Israel and they have a strong history of military and intelligence collaboration with USA. Israel would not have had the capability or capacity to run two such parallel programs on its own.
So who HAS likely NOT made Flame? Drop the nations which are one way or another unlikely candidates, and only one name is really left.
So, who made Flame?
USA made Flame. This is what I think. What's your analysis?
Another commenter raised questions about Kaspersky Lab:
OK, the facts, as presented so far:
- Massive, extremely sophisticated spyware is detected on computers in a few Middle East countries; dubbed "Flame", it is suposed to be similar to the infamous (well, at least for some) Stuxnet malware.
- It is not stated that, the origin of the spyware is a North American government.
- The only company that makes a public announcement about this spyware is Kaspersky Lab, a Russian security company, although the spyware in question is supposed to have been "out there" since 2007.
- Kaspersky Lab (KL) made the public announcement, however they do not provide scanner/remover for Flame; in fact, a Flame search at the KL site returns no hits.
Are we to believe that other AV companies did not know about it? Why is it that no major AV software reports it? Why is it that no Flame remover is publicly available yet?
Someone else raised a scary question:
the important somewhat scary question: how does Kaspersky accumulate so much sensitive data?
Think about it. We're talking about personal computers in the middle east. We're talking about some kind of top-shelf spyware. So where does Kaspersky pull their data from?
While still another gave this link to a Flame removal tool.
If you don't know Slashdot.org, you should check it out.
Also checkout this other diary on the Flame malware published on the Daily Kos today.
Meet Stuxnet's Big Brother - It's called Flame
- Printer-friendly version
- Login or register to post comments
