So, we're not going to change the end-game, we're just going to piss of Iran....and you think that's good?
All I want is for nobody to get nuked. I think it's more likely that nobody will get nuked if Iran doesn't have nukes. But you're right that Stuxnet is a dirty move that erodes trust, that's why I'm conflicted.
We have a terrible track record of getting large scale systems secured, even in areas where those systems are under continuous public attack. Industrial software is not one of those areas, so developers of such software are unlikely to take security very seriously.
Surely going from complete obliviousness to awareness is the biggest step the industry will ever take to being secure, even if subsequent progress is slow. But I think they will fare better than corporate or home users, because there are less of them and they are more technically inclined and disciplined.
I think it's more likely that nobody will get nuked if Iran doesn't have nukes.
But this doesn't stop Iran from getting nukes, it only delays them. And I don't see why Iran getting nukes increases the probability of anyone getting nuked. A nuclear Iran is an Iran that still responds to deterrence.
Surely going from complete obliviousness to awareness is the biggest step the industry will ever take to being secure
Discovering that you have untreatable cancer will not alter how long you live.
they are more technically inclined and disciplined.
Wrong. Do you know anyone who does instrumentation and control work for power plants? These are people who are very skilled...in their field. In my experience, they don't know a lot about security because they don't have to. They don't have millions of script kiddies and organized crime hammering their code looking for exploits so they can afford to be blissfully ignorant. And they're no more disciplined than any other developer.
>But this doesn't stop Iran from getting nukes, it only delays them.
Eating doesn't stop hunger, it only delays it.
"Stopping" something is inherently temporary. You can say the exact same thing about stopping anything.
Exercise doesn't stop obesity, it only delays it.
Delay is exactly the goal.
Eventually the Iranian public is going to overthrow their theocracy and create a democracy. Then they will probably stop striving so hard for nukes because the leaders will turn to creating prosperity rather than attempting to achieve a false security through apocalyptic weapons.
These are people who are very skilled...in their field
At the very least, they can follow process and act responsibly around breakable or dangerous things. That gives them huge advantage compared to offices and homes.
If you are citizen of any of the countries that have nuclear weapons, have you considered lobbying to eliminate those? If not, then you are not really for "nobody to get nuked".
But you're right that Stuxnet is a dirty move that erodes trust, that's why I'm conflicted.
"Big satan" and "little satan," the Iranians have entrusted us with that title, so we are also building trust here by reinforcing the image they have projected onto us.
They were right.
But I'm all for eroding trust: trust that should have never been there to begin with. Erode as much trust as possible.
All I want is for nobody to get nuked. I think it's more likely that nobody will get nuked if Iran doesn't have nukes. But you're right that Stuxnet is a dirty move that erodes trust, that's why I'm conflicted.
We have a terrible track record of getting large scale systems secured, even in areas where those systems are under continuous public attack. Industrial software is not one of those areas, so developers of such software are unlikely to take security very seriously.
Surely going from complete obliviousness to awareness is the biggest step the industry will ever take to being secure, even if subsequent progress is slow. But I think they will fare better than corporate or home users, because there are less of them and they are more technically inclined and disciplined.