updog's comments

Most egos in the valley are far too big to be starstruck by another geek ;)

You mean, can generate some plans for some first class software. ;)

Yeah, good point - I would lump that in as being the same thing. They usually get companies like General Dynamics to do this type of thing. Point is, it wasn't amateurs or "basement patriots," and it cost a lot.

I don't know how any reasonably intelligent person could continue to stubbornly insist that stuxnet was too lame to be done by a government agency. This isn't even a question, of course it was. It isn't even speculation anymore. The only question is which one(s).

Yep, you're right. I was accidentally talking out of my ass. Sorry :)

Obligatory: http://attrition.org/errata/charlatan/steve_gibson/

Actually, the mess on github is hex-rays.

This came from one of the better known commercial decompilers. Which ones do you consider 'advanced'?

Have you worked at any large companies and had success with that? I'm used to dealing with people who don't know who wrote the agreement, have given it to thousands of others "without a problem", and treat me like I am a bit odd for actually reading it, let alone trying to change something.

You should have told them not to be evil.

He that would make his own liberty secure, must guard even his enemy from opposition; for if he violates this duty he establishes a precedent that will reach himself. -Thomas Paine

Man, you are clearly speaking from a position of privilege on that one. How the hell do you hold back 6-12 months salary when you can barely afford the rent, utility bills and the costs of raising some kids to begin with?

Haha, just hold back 6 months salary! You make it sound so easy!

It's not that they didn't prepare, it's that many of them have no means to prepare, and barely have the means to continue as is.

Many also believe that it is worth risking living on the edge to support a better school for their kids (ideally breaking the cycle), than moving to project housing and dangerous gang-controlled areas in order to enjoy their "margin of safety". I can't fault them for that.

And, if you're in such a position, and aren't fortunate enough to have your area of expertise and interest involving computers, good luck getting a job without a degree. So what do they do to pay for the outrageous tuition costs these days? Take a giant loan from Sallie Mae.

Now you have two problems.

I was thinking this as well, but for a different reason. I, for one, would never enter the YC program. $15,000 (especially for that much equity) just doesn't work for most people. The only demographic that can really make that work are 20ish year olds coming right out of school. They haven't started real life yet, and have minimal obligations. Anyone else competent/qualified is probably quitting a job and has various bills and debts, and if they made the decision to do a startup, they already have some bootstrap money or a bit of revenue from a side gig, so that $15k isn't going to make or break them. For 150k however, this changes things entirely. YC can now attract a far more diverse pool of aspiring startups.

It's been called many things. Security people have self-esteem problems, so if they see something being praised, they start convulsing at the sight of this injustice and must immediately blog about it and argue on forums.

As someone who has actually read the code, my opinion is that yes it was special, but not because it was brilliant. It took a lot of resources, and although there was clearly a relatively high degree of skill involved for at least parts of it (finding 0days), there were not really any new techniques. So, I personally find it impressive because of the sheer amount of work that went into it.

I think it is more the principal of it that is noteworthy - if someone tried to make a movie plot about that a few years ago, we would have scoffed.

The reason that it was obviously a nation-state is because the number of people that worked on it, the amount of time they spent on it, and what the group would stand to gain (nothing), would not have been funded by any other entity. I won't go so far as to say it would be impossible to do by someone else, but that is improbable and really would not make much sense at all. Combine that with various external clues, and it is really obvious.

Easy, the one that dumped perl a decade ago. It is truly archaic and has no place in a production environment anymore. The only people still using it are resisting change to a more productive and useful language.

Yeah, sorry, I knew it was Bulgaria...just read an unrelated headline about the Belgian government and typed that instead.

I agree, it is worth looking into until there is real evidence either way. Hopefully he will come forward. Someone on twitter did say they heard from him on Dec 15th and he was fine.

My experience with these "independent security professionals" who are heavy on certification alphabet soup/government acronyms, and lacking in real credible work history, is that they are mostly playing "fake it until you make it". This especially applies to bloggers and those who heavily use terms like "cyber warfare" and "cyber terrorism". InfoSec is full of insecure charlatans who are broke or homeless and always making up outrageous nonsense.

Changing my vote. I think the guy is nuts and/or running away. Stuff doesn't add up.

-He claims a particular LEO is after him for pro-western views. This is the hardest hit to his credibility. If he said that botnet authors came after him for outing them, that might be plausible. The Belgian government does not hunt and 'disappear' pro-western people.

-There is no stego in this image like some have suggested. If it was in a letter, there is no data to be read. If it did not come from a latter, it was taken recently, according to the metadata. Also, if he is making direct accusations, he is not hiding information. Either the whole message would be cryptic, or none of it. If he isn't afraid to name the guy, he wouldn't be afraid to plainly state that he found a recording device or whatever else.

-He acts like the image has a smoking gun, and it does not.

-He has never had a real, credible job in the industry. See his LinkedIn: http://nl.linkedin.com/in/danchodanchev It's either blogging, or "secret companies". And astalavista, which was warez/script kid forums and stuff.

-His blog is completely full of "cyber jihad" research and discussion of "cyber terrorist" nonsense. http://ddanchev.blogspot.com/

Could it have been a formerly-proper light fixture installation that had a power wire borrowed to power a recording device?

If I was going to bug someone for a long time, I would not run new wires. I would piggyback off of some other low power device.

He could have gone searching after they removed everything, and looked for something that was spliced.

On the other hand, I would not bug a bathroom. That seems like the worst place to bug.

The ICC color profile in the PNG has a copyright string of Apple 2011. If he took them mid-last year, this doesn't make a ton of sense.

Perhaps someone at ZDNet re-saved them. If that is the case, they should release the originals.

No, the only thing that wasn't known was how he dumped metldr. This is a relatively insignificant part of the whole thing and wasn't what fail0verflow was focusing on in their research (as seen in the video).

The only reason that he was able to do anything with his dump was because of all of fail0verflow's work. See the twitter feed of marcan42 for clarification.

Actually, since the beginning, geohot's ps3 trick was just him copying what fail0verflow had done on the wii (glitching the address bus). He didn't give them credit for that either.