Re: Stuff & Nonsense
« Reply #2610 on: Jan 17th, 2011, 08:52am »
Twitter Goes Wild With Rumors Ricky Gervais Fired Midway During Globes 2:43 AM 1/17/2011 by Kimberly Nordyke, Philiana Ng, Tim Goodman
Piers Morgan was among those wondering where the host disappeared to for about an hour.
After Golden Globes host Ricky Gervais disappeared from the telecast for about an hour, many took to Twitter to wonder where in the world the comedian had gone.
"Gervais not seen for an hour now," new CNN host Piers Morgan tweeted.
Several other viewers joked at #whatthehellhappened that Scientologists were at the root of Gervais' disappearance after his provocative quip suggesting that several "famous Scientologists" are gay.
"#rickygervais learned an important Hwood lesson -- you can bash Palin -- but don't touch the Scientologists," one person wrote, while another tweeted: "WHAT DID THE SCIENTOLOGISTS DO TO RICKY GERVAIS"
Others quipped that Gervais had simply gotten drunk, but some Tweeters even went so far as to start an #RIPRickyGervais hashtag.
Noting those tweets, Hollywood publicist Lewis Kay wrote: "Others have joked but I think it is getting to the point where it may be true...did HFPA fire Gervais midway through the show??"
Several in the media also noted Gervais' disappearance on Twitter.
HitFix's Daniel Fienberg quipped: "Hosts always get trimmed in the second half of awards shows, y'all. Ricky Gervais hasn't been killed. Or has he?"
Eric Deggans of the St. Petersburg Times joked that Gervais was being replaced by Carson Daly for the show's second half.
Wesley Morris of the Boston Globe had this to say: " Where's Ricky Gervais? Has anyone seen him? Has he been sent home? Is he somewhere passed out on some suit's wife. What gives?"
Upon Gervais' return, Morgan weighed in again: "1st question when Gervais appears on @pierstonight on Thurs - what the hell did they do to you backstage for an hour? He looks haunted."
Like Morgan, others opined that Gervais seemed "very, very muted" and "sheepish" upon his return, suggesting that the host had been scolded for his jokes at the beginning of the telecast.
But over the weekend, Gervais himself had warned that he was going to come out with "guns blazing, like it's the end of the world."
"I want to do either such a bad job I’m not invited back, or such a good job that I don’t want to do it again," he told the Chicago Sun-Times.
Re: Stuff & Nonsense
« Reply #2611 on: Jan 17th, 2011, 08:57am »
Release Date: 7 October 2011 Genre: Action | Drama | Sci-Fi Cast: Hugh Jackman, Evangeline Lilly, Kevin Durand, Olga Fonda Director: Shawn Levy Writers: Leslie Bohem, John Gatins MPAA: N/A Studio: Walt Disney Studios
Plot: A boxing drama set in the near-future where 2,000-pound robots that look like humans do battle.
Faced with both a public health crisis and a public relations disaster, Portugal’s elected officials took a bold step. They decided to decriminalize the possession of all illicit drugs — from marijuana to heroin — but continue to impose criminal sanctions on distribution and trafficking....As the sweeping reforms went into effect nine years ago, some in Portugal prepared themselves for the worst. They worried that the country would become a junkie nirvana, that many neighborhoods would soon resemble Casal Ventoso, and that tourists would come to Portugal for one reason only: to get high. “We promise sun, beaches, and any drug you like,” complained one fearful politician at the time.
But nearly a decade later, there’s evidence that Portugal’s great drug experiment not only didn’t blow up in its face; it may have actually worked. More addicts are in treatment. Drug use among youths has declined in recent years. Life in Casal Ventoso, Lisbon’s troubled neighborhood, has improved. And new research, published in the British Journal of Criminology, documents just how much things have changed in Portugal. Coauthors Caitlin Elizabeth Hughes and Alex Stevens report a 63 percent increase in the number of Portuguese drug users in treatment and, shortly after the reforms took hold, a 499 percent increase in the amount of drugs seized — indications, the authors argue, that police officers, freed up from focusing on small-time possession, have been able to target big-time traffickers while drug addicts, no longer in danger of going to prison, have been able to get the help they need.
But there's also this:
The numbers aren’t all positive. According to the latest report by the European Monitoring Center for Drugs and Drug Addiction, the number of Portuguese aged 15 to 64 who have ever tried illegal drugs has climbed from 7.8 percent in 2001 to 12 percent in 2007....Heroin use jumped from 0.7 to 1.1 percent, and cocaine use nearly doubled — from 0.9 to 1.9 percent. In other words, said Keith Humphreys, a professor of psychiatry at Stanford University, the changes in Portugal have had a somewhat expected outcome: More people are trying drugs.
....Hughes  takes issue with Humphreys’s argument that drug use, in general, is increasing at a dramatic clip. What’s most relevant, she said, is not the percentage of people reporting using drugs at some point over some course of their lifetime, but the percentage of people reporting using drugs in the past year. “That’s going to be affecting the government and communities now,” she said. And here, the increase of Portuguese reporting illicit drug use is much smaller — up from 3.4 percent in 2001 to 3.7 in 2007.
Overall, then, this data suggests that decriminalization has produced more experimentation but not a lot more long-term drug use. If, say, an extra 0.7% of the population experiments with drugs because of the laxer laws, but nearly all of them give it up after a short time, that would produce over six years an extra 4.2% of the population that's "ever" tried illegal drugs. Thus a lifetime use rate that goes up from 7.8% to 12%. On the other hand, if most of them give it up after a brief fling, that doesn't mean that actual usage rates have increased much. (But on the third hand, a small increase in the entire population might represent a fairly substantial increase among 17-21 year-olds. We'd need to see the entire data set to know for sure.)
In any case, Portugal is a great test bed. One of the big questions in drug policy is just how elastic the demand for illegal drugs is. It makes sense that if you lower the price of marijuana or cocaine, use will go up, and that lowered price can be in the form of either actual dollars or reduced risk of being fined or arrested. But as always, the question is: how much? If decriminalization increases drug by a few percent, that's not bad — especially considering the massive downsides of the war on drugs. But if it doubles or triples drug use, the consequences are more severe. The more data we have on this, the better.
Re: Stuff & Nonsense
« Reply #2614 on: Jan 17th, 2011, 3:06pm »
New York Times
January 17, 2011, 12:23 pm Goldman Limits Facebook Investment to Foreign Clients By ANDREW ROSS SORKIN
1:43 p.m. | Updated
Just over a week after Goldman Sachs offered its most prized clients a chance to invest in Facebook, the firm rescinded the opportunity from clients in the United States because of worries that the deal would run afoul of securities regulators.
The withdrawal of the offer — which valued Facebook at $50 billion — is a major embarrassment for Goldman, which had marketed the investment to its wealthiest clients, including corporate magnates and directors of the nation’s largest companies.
The offering was supposed to have been a triumph for the firm, which is trying to move past its previous run-in with regulators, including its $550 million settlement with the Securities and Exchange Commission over a complex mortgage investment. But the Facebook proposal is now likely to raise new questions about whether the firm tried to push regulatory boundaries once again.
Goldman rescinded the offering to U.S. clients because of scrutiny from the S.E.C., which had opened an inquiry into the structure of the offering and whether it violated the law because the deal had been widely reported on in the media.
Federal and state regulations prohibit what is known as “general solicitation and advertising” in private offerings. Firms like Goldman seeking to raise money cannot take action that resembles public promoting of the offering, like buying advertisements or communicating with media outlets.
The firm said in a statement: “In light of this intense media coverage, Goldman Sachs has decided to proceed only with the offer to investors outside the U.S. Goldman Sachs concluded that the level of media attention might not be consistent with the proper completion of a U.S. private placement under U.S. law.”
It was an article by The New York Times’s DealBook published late on Jan. 2, reporting that Goldman had invested $450 million in Facebook and would create a special-purpose investment vehicle for clients, that appeared to trigger the regulator scrutiny, according to Goldman. “The transaction generated intense media attention following the publication of an article on the evening of January 2, 2011, shortly after the launch of the transaction,” the firm said.
Goldman had not been planning to commence the offering the night the article was published, but sped up the process after a New York Times reporter called the firm seeking comment, according to an executive who requested anonymity because he was not authorized to speak publicly.
A Goldman spokesman had declined to comment. Late that night, before DealBook published the article, executives in Goldman’s private wealth management unit e-mailed their clients about the offering, people who received the e-mail said.
Goldman added in its statement on Monday: “The decision not to proceed in the U.S. was based on the sole judgment of Goldman Sachs and was not required or requested by any other party.”
Foreign investors will still be able to participate in the Goldman offering because they are not subject to the S.E.C. rules on solicitation in private offerings. However, all partners of Goldman, whether based in the United States or abroad, will not be allowed to participate in the offering anymore, according to people with knowledge of the matter.
It is unclear how much money Goldman Sachs will ultimately raise for Facebook. In a private memorandum to clients when it pitched the offering, it said it planned to raise as much as $1.5 billion.
While the offering was oversubscribed — perhaps by as much as three times — with American clients now not eligible to participate, it is not clear whether Goldman or Facebook will lower the size of the offering. A majority of Goldman’s high-net-worth clients are based in the United States.
The struggles of the offering may also deal a blow to Goldman’s relationship to Facebook and the firm’s prospects of leading the social network’s long-awaited initial public offering, expected in 2012.
Goldman was brought in as a Facebook investor through its relationship with DST, a Russian investment firm that is a major Facebook shareholder and has invested in several other popular Internet companies, like the social buying site Groupon.
However, in the past two weeks, the relationship between Facebook and Goldman has grown increasingly tense, people involved in the offering said. Accusations about the news leak have flown back and forth, these people said.
The deal itself was considered controversial because the S.E.C. requires companies to publicly disclose their financial results if they have more than 499 investors. But Facebook’s plans, according to a Goldman offering memorandum, were to go public by April 2012 anyway.
The “special purpose vehicle” that Goldman had created for Facebook would have allowed it to remain under that threshold even though hundreds of Goldman’s clients would have been shareholders.
The full Goldman statement provided to DealBook is below:
Goldman Sachs originally intended to conduct a private placement in the U.S. and offshore to investors interested in Facebook. The transaction generated intense media attention following the publication of an article on the evening of January 2, 2011, shortly after the launch of the transaction. In light of this intense media coverage, Goldman Sachs has decided to proceed only with the offer to investors outside the U.S.
Goldman Sachs concluded that the level of media attention might not be consistent with the proper completion of a U.S. private placement under U.S. law. The decision not to proceed in the U.S. was based on the sole judgment of Goldman Sachs and was not required or requested by any other party. We regret the consequences of this decision, but Goldman Sachs believes this is the most prudent path to take.
Peter Lattman and Michael J. de la Merced contributed reporting to this article.
Re: Stuff & Nonsense
« Reply #2618 on: Jan 18th, 2011, 09:16am »
New York Times
January 17, 2011 Pakistan’s Failure to Hit Militant Sanctuary Has Positive Side for U.S. By ERIC SCHMITT
WASHINGTON — Pakistan’s refusal to attack militants in a notorious sanctuary on its northwest border may have created a magnet there for hundreds of Islamic fighters seeking a safe haven where they can train and organize attacks against NATO forces in Afghanistan. But theirs is a congregation in the cross hairs.
A growing number of senior United States intelligence and counterinsurgency officials say that by bunching up there, insurgents are ultimately making it easier for American drone strikes to hit them from afar.
American officials are loath to talk about this silver lining to the storm cloud that they have long described building up in the tribal area of North Waziristan, where the insurgents run a virtual mini-state the size of Rhode Island. This is because they do not want to undermine the Obama administration’s urgent public pleas for Pakistan to order troops into the area, or to give Pakistan an excuse for inaction.
“We cannot succeed in Afghanistan without shutting down those safe havens,” Adm. Mike Mullen, the chairman of the Joint Chiefs of Staff, said last week, underscoring a major conclusion of the White House’s strategic review of Afghanistan policy last month.
But as long as the safe havens exist, they provide a rich hunting ground, however inadvertent it may be.
Pakistani Army operations in the other six of seven tribal areas near the border with Afghanistan have helped drive fighters from Al Qaeda, the Pakistani Taliban, the Haqqani network and other militant groups into North Waziristan, the one tribal area that Pakistan has not yet assaulted.
With several hundred insurgents largely bottled up there, and with few worries about accidentally hitting Pakistani soldiers battling militants or civilians fleeing a combat zone, the Central Intelligence Agency’s drones have attacked targets in North Waziristan with increasing effectiveness and have degraded Al Qaeda’s ability to carry out a major attack against the United States, the senior officials said.
The number of strikes in North Waziristan grew to 104 in 2010 from 22 in 2009, according to the Long War Journal, a Web site that tracks the wars in Afghanistan and Pakistan. There have been five strikes in North Waziristan so far this year.
While the overall effectiveness of the strikes is impossible to ascertain, there are many accounts to confirm that insurgent fighters and leaders have indeed been killed.
To be sure, a wide array of administration officials have acknowledged the limitations of drone strikes and emphasized the need for Pakistan to use ground troops to clear out militants who have used the refuge in North Waziristan to rest and rearm, a point Vice President Joseph R. Biden Jr. made to Pakistani civilian leaders and ranking generals on a visit to Pakistan last week.
A senior counterterrorism official concurred, saying: “We’ve seen in the past what happens when terrorists are given a de facto safe haven. It tends to turn out ugly for both Pakistan and the United States. It’s absolutely critical that Pakistan stay focused on rooting out militants in North Waziristan.”
The C.I.A. director, Leon E. Panetta, discussed counterterrorism issues with the president of Pakistan, Asif Ali Zardari, and the head of Pakistan’s main spy agency, Lt. Gen. Ahmad Shuja Pasha, in a meeting in Washington on Friday, a C.I.A. spokesman said.
But half a dozen senior intelligence, counterterrorism and military officials interviewed in the past several days said a bright side had unexpectedly emerged from Pakistan’s delay. Pounding the militants consolidated in the North Waziristan enclave with airstrikes will leave the insurgents in a weakened state if the Pakistani offensive comes later this year, the officials said.
“In some ways, it’s to our benefit to keep them bottled up, mostly in North Waziristan,” said a senior intelligence official, who like others interviewed agreed to speak candidly about the Pakistan strategy if he was not identified. “This is not intentional. That wasn’t the design to bottle them up. That’s just where they are, and they’re there for a reason. They don’t have a lot of options.”
Another senior administration official added, “We’d still prefer the Pakistani Army to operate in North Waziristan, but consolidating the insurgents in one place is not such a bad thing.”
Senior Pakistani politicians and commanders, including Gen. Ashfaq Parvez Kayani, the army chief of staff, say their troops are already stretched thin and will carry out an offensive in North Waziristan on their timetable, not Washington’s. Lt. Gen. Asif Yasin Malik, the main Pakistan commander in the northwest, said in October that it would take at least six months to clear militants from two other restive tribal areas, called agencies, before considering an offensive in North Waziristan.
“It’s only a matter of how, when and in what manner do we conduct operations there,” Husain Haqqani, Pakistan’s ambassador to the United States, said in a statement. He said Pakistan had 38,000 military and paramilitary troops in North Waziristan.
Senior United States officials praise Pakistan for carrying out operations in the rugged tribal areas, but many of these officials say they are not convinced that the Pakistani Army is willing or able to clear North Waziristan.
Counterterrorism specialists say that attacking militants in North Waziristan would be a much more difficult campaign than previous operations in Swat, Bajaur and South Waziristan. The region has mountainous terrain as well as urban centers, like Miram Shah, that if attacked could result in many civilian casualties or produce hundreds of thousands of refugees fleeing the fighting, as happened in previous clearing operations.
Moreover, no effective civilian police force exists to take over security duties after military operations. The Pakistani Army still remains in Swat, Bajaur and South Waziristan, months after major campaigns.
And to be truly effective, American officials say, a North Waziristan offensive would have to single out not just Qaeda and Taliban fighters, but also militants in the Haqqani network. That group has long enjoyed support from Pakistan’s military and intelligence services because it represents a strategic hedge against what Pakistan views as encroachment by its archrival, India, in Afghanistan.
“There may be an offensive in North Waziristan, but I think it’ll be very carefully orchestrated to preserve Pakistan’s assets in the region,” said Bruce O. Riedel, a senior fellow at the Brookings Institution, who led President Obama’s first Afghanistan policy review.
American intelligence officials say that pressure from the airstrikes has forced small numbers of Haqqani fighters and other militants to slip into other tribal areas, including Kurram and South Waziristan. “The Haqqanis aren’t stupid,” one counterterrorism official said. “They’re feeling some serious pressure in North Waziristan, so it should come as no surprise that they’re looking for places they might think are safer.”
All the more reason proponents of Pakistani action say time is of the essence. “I’ve been very clear in my conversations with General Kayani over the last year or so that there needs to be a focus, from my perspective, on North Waziristan,” Admiral Mullen told reporters in Islamabad last month. “That’s where Al Qaeda leadership resides, that’s where the Haqqani network, in particular, is headquartered, and the Haqqanis are leading the way and coming across the border and killing American and allied forces. And that has got to cease.”
Ismail Khan contributed reporting from Peshawar, Pakistan.
Re: Stuff & Nonsense
« Reply #2619 on: Jan 18th, 2011, 09:18am »
New York Times
January 18, 2011 Suicide Blast in Iraq Kills Police Recruits By STEVEN LEE MYERS
BAGHDAD — A suicide bomber mingling in a crowd of prospective police recruits in Saddam Hussein’s hometown detonated a vest of explosives on Tuesday in what was the worst single attack in Iraq in nearly three months.
The bombing in Tikrit, north of Baghdad, killed at least 50 people, including police officers and men seeking jobs to join them on the region’s police force, according to officials in Baghdad and in Salahuddin Province, where Tikrit is. More than 150 others were wounded, according to officials who provided changing and conflicting counts, reflecting the chaotic aftermath of the bombing.
Violence in Iraq has reached a low since the American invasion in 2003, but the Islamic State of Iraq and other insurgent groups continue to strike with regularity, if less severity. They have attacked Iraq’s government and security services in particular, and the latest attack prompted criticism for an apparent lack of precautions against familiar insurgent tactics.
“I’m asking the security forces, isn’t it enough?” a member of Iraq’s new Parliament from Salahuddin, Mutashar al-Samaraie, said in televised remarks from the chamber. “Isn’t it time to take into account the previous events and attacks that have killed thousands of Iraqis?”
Several hundred jobseekers had assembled at a parade ground in Tikrit that had once been the site of political and military rallies during Mr. Hussein’s rule. Mr. Samaraie complained that the recruitment had taken place in an open area that was difficult to police, and he suggested that recruiters use the Internet to process applications.
Tikrit’s hospital was overflowing with dozens of wounded, forcing hospital officials to transfer some of them to other clinics.
“My brother was there between the recruiters,” a man who identified himself only as Abu Muhammad — meaning father of Muhammad — said outside the hospital, which was cordoned off by the police. His brother’s cellphone did not answer.
“I don’t know if he is still alive or dead,” he said.
There was no immediate claim of responsibility for the attack, but the tactic was similar to previous suicide bombings carried out by the Islamic State of Iraq, an umbrella organization affiliated with Al Qaeda in Mesopotamia.
The attack was the worst since a convulsion of violence that began Oct. 31 when insurgents from the Islamic State of Iraq, including several wearing explosive vests, seized a Christian church in Baghdad, starting an siege that lasted hours and ended with a deadly raid by Iraqi security officers.
That attack resulted in at least 58 killed and led to an exodus of Iraq’s Christians to the relative safety of northern Iraq or abroad. Days later, a series of bombs exploded across Baghdad, raising the death toll in the attacks to 122.
Yasir Ghazi in Baghdad and an employee of The New York Times in Tikrit contributed reporting.
Re: Stuff & Nonsense
« Reply #2620 on: Jan 18th, 2011, 09:20am »
Inflation jumps to 8-month high in December
The pace of price rises surged to a shock eight-month high last month, piling pressure on Bank of England policymakers to raise interest rates to stop inflation spiralling higher.
By Emma Rowley 2:59PM GMT 18 Jan 2011
The official measure of inflation showed that prices rose 3.7pc in the year to December, up from the previous month's 3.3pc figure as the soaring cost of oil drove the biggest monthly increase on record.
The figures from the Office for National Statistics mean that inflation, as tracked on the consumer price index (CPI), stayed at least one percentage point away from the Bank’s 2pc target for the whole of last year.
The end of year surge also signalled that inflation spiked above the peak forecast by Bank policymakers – whose central projections were for it to hit 3.6pc in the current quarter – before 2011 even began.
The pick-up in the pace of price rises, which economists thought would come in at 3.4pc, will intensify debate on the Bank’s Monetary Policy Committee over whether to raise rates from their record 0.5pc low to cool the economy.
“Inflation is now certain to move above 4pc in early 2011,” said Simon Ward, chief economist at Henderson Global Investors, while trades tied to the path of interest rates show markets are now pricing in the expectation of a rate hike by June.
The pound shot up more than half a cent against the dollar to an eight-week high over $1.60 as investors were lured in by the prospect of a rate hike offering higher returns.
Meanwhile demand for UK government bonds fell, pushing yields on 10-year gilts – the returns available – up 5 basis points to 3.66pc. Holding money in gilts looks less attractive if interest rates are rising.
UK inflation is being driven up by energy and food prices, as global oil prices near $100 a barrel and crop supply shortages around the world increase demand for food.
These problems remained behind the sudden surge last month, as air fares soared month-on-month and prices for fuels and lubricants jumped 2.8pc – the biggest November to December rise since 1996.
Prices were also pushed up by increasing gas bills as some of the major energy suppliers raised their tariffs.
The worry is that inflation will accelerate further as January’s rise in the VAT to 20pc takes affect and the rising cost of oil keeps feeding through into fuel prices and utility bills.
The Bank of England’s own projections are that a full pass through of the sales tax rise would add 1.4 percentage points to the inflation rate, or 0.7 percentage points even if only half of the effect feed through.
Minutes for the Bank’s Monetary Policy Committee (MPC) meeting last month showed that members noted that inflation could “well reach 4pc by the spring, somewhat higher than the November Inflation Report” in which they laid out their quarterly projections.
Paul Fisher, the Bank’s executive director for markets and a committee member, said in a new interview that the sticky inflation was "very uncomfortable", but that the Bank had to look through the short-term factors pushing up prices, however unpopular that may be.
The MPC policymakers will have had an early estimate of the latest inflation rate to hand when they last week left interest rates on hold for another month.
The Bank is worried about derailing the recovery by raising rates prematurely, but others question whether the higher commodity prices are indeed a short-term phenomenon.
Samuel Tombs, UK economist at Capital Economics, warned that higher energy prices threaten the economy as the feed-through into inflation bites on household spending as incomes do not stretch as far.
"The recent surge in the oil price to just shy of $100 per barrel will act as yet another brake on the UK’s economic recovery this year just as the fiscal tightening is reaching its most intense phase," he said.
Inflation as tracked by the retail price index (RPI), which includes more housing costs and is the benchmark for many wage deals, also picked up, from 4.7pc to 4.8pc - the highest figure since July.
George Osborne, the Chancellor, said on the BBC on Tuesday that rising price pressures were a concern for the government.
"We're very clear that the pressure on working families of rising prices is a huge concern for everyone and a concern for the government," he said.
"We also support what the BoE is doing on its fight against inflation, and we're paying off the nation's credit card, which is crucial to all of this," he added, referring to his deficit-cutting plan that starts in earnest this year.
Re: Stuff & Nonsense
« Reply #2622 on: Jan 18th, 2011, 09:35am »
Did a U.S. Government Lab Help Israel Develop Stuxnet? By Kim Zetter January 17, 2011 | 10:13 pm Categories: Hacks and Cracks, Stuxnet, Threats
Photo: A security man stands next to an anti-aircraft gun as he scans Iran’s nuclear enrichment facility in Natanz, 300 kilometers [186 miles] south of Tehran, Iran, in April 2007. Hasan Sarbakhshian/AP
Questions have been raised about the involvement of U.S. government researchers in the creation of a digital weapon that experts believe may have sabotaged centrifuges at a uranium-enrichment plant in Iran.
Researchers at the Idaho National Laboratory, which is overseen by the U.S. Department of Energy, may have passed critical information to Israel about vulnerabilities in a system that controls Iran’s enrichment plant at Natanz. That information was then used to create and test the so-called Stuxnet worm that was unleashed in a joint cyber attack on Natanz, according to the New York Times.
The report, based on anonymous sources, is sparse on detail but asserts that in 2008 INL worked with the German firm Siemens to uncover vulnerabilities in its industrial control system. Stuxnet was then created to exploit those vulnerabilities and was tested at a lab at Israel’s nuclear facility in Dimona. The Dimona facility, according to the Times, has been involved in a joint U.S.-Israel operation for the last two years to thwart Iran’s production of enriched uranium and forestall its development of a nuclear weapon.
Researchers at Dimona set up a test bed composed of the Siemens system and the same IR-1 nuclear centrifuges (also known as P-1 centrifuges) used at Natanz to gauge Stuxnet’s effect on them. The malware was discovered in the wild last June infecting systems in Iran and elsewhere, and last November, Iran acknowledged that malicious software had sabotaged centrifuges at Natanz.
Threat Level has already reported extensively on how Stuxnet worked and on clues that were previously uncovered that suggested Israel was behind the attack. Although it’s long been suspected that the U.S. played a key role, if not the lead role, in creating the malware, there’s been no definitive evidence.
The Times story falls short of delivering that evidence, but Threat Level has been tracking the same story for months, and it’s worth fleshing out their report with additional details.
To back claims that the Idaho National Laboratory likely played a role in Stuxnet, the Times reports that in early 2008 Siemens worked with INL to identify vulnerabilities in the specific control system that Stuxnet targeted – Siemens’ PCS 7, or Process Control System 7. The project was initiated by the Department of Homeland Security.
Siemens told the Times that the research was part of a routine program to identify vulnerabilities in various critical infrastructure systems and find ways to secure them. The INL also said the research was part of a larger project and would not comment on whether information it learned about the Siemens system during these tests was passed to intelligence services.
But let’s look at the timeframe and context of these tests.
The INL began setting up a test lab to research industrial control systems in 2002 after U.S. officials became concerned that al Qaeda might be investigating methods to conduct cyber attacks against critical infrastructure systems in the U.S.
In 2001, following the 9/11 terrorism attacks, a local police detective in California began investigating what appeared to be a series of cyber reconnaissance operations against utility companies and government offices in the San Francisco Bay Area. The surveillance appeared to come from computers in the Middle East and South Asia. The FBI and Lawrence Livermore National Laboratory got involved and discovered a nationwide pattern of digital surveillance being conducted at nuclear power plants, gas and electric facilities as well as water plants. The intruders were particularly focused on examining industrial control devices that allowed for remote access to systems operating critical infrastructures.
In January and March 2002, U.S. forces in Afghanistan and Pakistan conducting raids on al Quaeda offices and compounds seized computers that provided further evidence that al Quaeda was investigating means to conduct cyber attacks against dams and other critical infrastructures.
Three months later, INL contacted Joe Weiss, a control systems expert who worked at the time for KEMA, an energy consulting firm, to come to Idaho to discuss creating an industry test bed to uncover vulnerabilities in SCADA systems, also known as Supervisory Control and Data Acquisition systems. As a result of these discussions, Weiss began helping INL work with SCADA vendors to provide INL with equipment and knowledge for research and testing.
The research paid off. In 2004, INL presented the first demonstration of a remote SCADA hack at the KEMA Control Systems Cyber Security Conference in Idaho Falls. The purpose of the demonstration was to show that recently identified vulnerabilities in Apache software could be used to compromise a control system remotely. The attack was conducted from Sandia National Laboratory against a system at INL in Idaho Falls. The attack was designed to show how firewalls and other traditional security systems would fail to guard against a remote intrusion. But it also demonstrated a man-in-the-middle maneuver that would hide the attacker’s malicious activity from employees monitoring display screens at the targeted facility – something that Stuxnet later accomplished remarkably well.
A second remote SCADA hack was demonstrated at the KEMA Control System Cyber Security Conference in 2006 in Portland, Oregon. This one was conducted by a different DoE lab, the Pacific Northwest National Laboratory. The attack involved compromising a secure VPN to change voltages on a simulated Olympic Peninsula electric system while, again, altering operator displays to conceal the attack.
Then in February 2007 DHS got word of a potential vulnerability in industrial control systems. If the vulnerability – dubbed “Aurora” – were exploited, DHS learned, it could result in physical damage to equipment. It was something that Weiss and a handful of other security experts had long worried about, but no one had ever actually seen it done.
A month later, INL conducted a private test – dubbed the Aurora Generator Test – that successfully demonstrated the vulnerability. The test involved a remote attack via dial-up modem on an industrial control system generator, which left the generator a spinning mess of metal and smoke. The proof-of-concept demonstration showed that a remote digital attack could result in actual physical destruction of a system or components. The vulnerability, and measures to mitigate it, were discussed in closed sessions with the NERC Critical Infrastructure Protection Committee. Word about the test leaked out and in September that year, the Associated Press published a video of the demonstration showing a generator emitting smoke after being hacked.
All of these demonstrations served to establish that a remote stealth attack on an industrial control system was entirely feasible.
The timing is important, because by early 2008, Iran was busy installing centrifuge cascades in module A26 at the Natanz enrichment plant — the module that experts believe was later targeted by Stuxnet.
At the same time, in early 2008, President George Bush authorized a covert program that was reportedly designed to subtly sabotage Iran’s nuclear weapons program. Details of the program were never disclosed, but the Times later reported that it was, in part, aimed at undermining the electrical and computer systems at Natanz.
In March 2008, Siemens and INL researchers met to map out a vulnerability test plan for the Siemens PCS7 system, the system that was targeted by Stuxnet. INL had tested Siemens SCADA systems previously but, according to Weiss, this is believed to be the first time INL was examining the Siemens PLC.
In May, Siemens shipped a test system from Germany to the Idaho Falls lab.
That same month, the DHS became aware of a vulnerability in the firmware upgrade process used in industrial control systems. Firmware is the resident software, such as an operating system, that comes installed on a piece of hardware. In order to ease maintenance and troubleshooting of systems, vendors like to install patches or upgrades to software remotely, but this can expose the system to attack if the upgrade process has a vulnerability. A vulnerability was found, which DHS dubbed “Boreas.”
DHS issued a private alert – which was later inadvertently made public — saying that the vulnerability, if exploited, “could cause components within the control system to malfunction or shut down, potentially damaging the equipment and/or process.”
Stuxnet, it turns out, involved a type of remote firmware upgrade to the Siemens PLC, since it involved injecting malicious code into the ladder logic of a PLC. Boreas in retrospect, says Weiss, who is currently an independent consultant with Applied Control Systems and the author of Protecting Industrial Control Systems, showed that the concept of injecting code into the ladder logic was feasible.
“The Boreas alert never specifically discussed ladder logic or PLCs,” says Weiss. “But it showed that if you can remotely change firmware, you can cause real problems.”
Wealthy individuals who have avoided tax by storing their cash in offshore bank accounts are in the sights of WikiLeaks after the website's founder Julian Assange was given a disc reportedly containing confidential bank account details.
I'm really looking forward to the outcome of this!