New York Times on Stuxnet

Lee Brotherston lee at
Mon Jan 17 14:13:50 GMT 2011

On Mon, Jan 17, 2011 at 12:48:51PM +0000, Tony Naggs wrote:
> The NY Times article certainly sounds plausible.

It also throws up another question for me...

Previously, when the originator of Stuxnet was assumed by many to be
Israel.  The certificates stolen from Realtek and JMicron used to sign
rootkits have been linked together by the presence of both companies
at Hsinchu Science Park in Taiwan.  Presumably inferring that either
physical security head been breeched or that some sort of
bribery/infiltration had taken place in those buildings.  
However, if the US is indeed shown to be involved with or sponsoring
this, it would seem possible that they could have access to the
private keys at the certificate authority and that the Hsinchu
addresses are either coincidence or nice bit of counter-intelligence.  

Needless to say, that if any government authorities had access to the
keys held by a certificate authority, then that would have wide
ranging implications for us all.  



Lee Brotherston - <lee at>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3964 bytes
Desc: not available
URL: <>

More information about the ukcrypto mailing list