Brought to you by the reinvented two thousand twelve Camray. It's ready. Are you get in touch with technology? With tech Stuff from how stuff works dot com. Hello everyone, and welcome to tech Stuff. My name is Chris Poulette, and I'm an editor at how stuff works dot com. Sitting across from me as usual as senior writer Jonathan Strickland.
Hey there, all right, then, so we're going to talk about the latest except it's not malware to make headlines all over the world and and and cause international incidents and all of that. As of the recording of this podcast. Anyway, by the time this podcast goes live, there may be
even worse news. It's it's funny because we were talking about what we wanted to call this and and uh we we thought of all of our flame metaphors and jokes and puns and puns um and I was going to make the joke about it being our old flame even like except it's new. Except it, as it turns out, it's not this. This malware has been making headlines over the past few weeks as of the date of recording on June one and two thousand twelve. But as it turns out um this brand new, latest um Um malware.
I was going to call it a virus, but let's just call it malware. UM isn't new at all, and that's one of the fascinating things about it. But there are many fascinating things. Yeah. The the component file name, the main part the foundation of this malware made date back as early as two thousand seven, possibly even earlier. And one of the reasons why this is a really fascinating uh, well, there's so many reasons why this is fascinating malware. One is that it was able to escape
attention for so long. Yes, because you're talking about a file that is capable of doing lots and lots of stuff depending upon what you add to it, which is brings us to fascinating thing number two. It's a modular kind of malware. Now, in general, when someone creates some malware, there is there tends to be a specific goal in
mind of the person who's designing it. Right, They're thinking, I want to design this malware because what it'll do is it allow me to get backdoor access to another person's computer, and I'll be able to get administrative control over that machine, and then I can create a button
net that that would be one example. Or I want to record key strokes so that I can get user names and passwords for people's accounts and maybe commit identity theft right, Or I want to create a piece of code that will propagate itself across a network, which you know, on its own is just one thing like so you might want to add more to it. And and historically
hackers and malware programmers have been doing that. They've been creating malware that either complements some other piece of code or it acts as the first step to another piece of code that can, in combination create whatever the effect is that the hacker wants. So there might be one part of the code that is designed to help get access to a network, or perhaps it's designed to UH
to copy itself once it gets on a network. It might even be to copy itself multiple times on the same machine in order to fill up that machine's memory and and hard drive space so that you brick the machine. It all depends on what the goal is for the hacker, UH, and then there might be some other component that does something else on top of it. Well. What makes flames so interesting is that it takes this concept to a
new level. It's a modular kind of malware, meaning that the basis of Flame is so that you can infect a machine and then you can send a modular tweak to that malware that's now living on the victims machine and give its specific abilities. So think of it in a way as kind of a very very much scaled down operating system. Kind of it's a platform. Yeah, So it's not not a full operating system in the traditional sense. It's not like it's uh, taking over your operating system
and and interacting with your computer's hardware. It's just sort of on a on a high level, the same basic concept. It's acting as a platform that other applications can operate on top of and affect how your computer behaves. And it all depends on which modules you send to the Flame foundation that will allow it to do whatever it
is he wanted to do. Right right. Um. When we talked about hackers before on the show, we've we've discussed people who are known as script kitties, and that that's what they sort of, uh that it's sort of a derogatory term for people who are very very basic, um hackers who you are intent on causing mischief and the reason they're called that is not UM. Well, the reason I want to talk about why they're called that is because in order to create malware, it doesn't take a
whole lot of code. To do this. UM you could basically say write a script that says, look, I want you to erase you know, I want you to copy all the the addresses in the address book, email a copy of this script to everybody in the address book, and then wipe the hard drive clean. Ha ha. It really doesn't have to be that complex. And and one of the things that uh uh is also interesting about flame is that, as Jonathan said, it's modular, but it takes up twenty megabytes of space now and and our
terms today, that's not a particularly large file. A lot of people have broadband, it's not an an issue to download a twenty megabyte file. But you really don't need that much code to have a basic virus or trojan. UM. This is extensively written code. It's very sophisticated code to allow additional modules to operate on the main system. And that's why organizations that have been affected by it believe
that it might be state sponsored. We we should point out to that this is not something that you're likely to get on your PC. This is aimed at very high level government run systems. Apparently, Yeah, if you're a high level government official, then maybe your PC would be at risk if you're and to be more specific, if you're a high level government official in a country in the Middle East, because that tends to be the possibly Hungary, because those that those tend to be the countries that
have been targeted. Specifically, Iran and Israel have had the largest number of infected computers, but there are other countries that also seem to have it, or at least those are the the countries that have computers running this software. I'm sorry, go ahead, go ahead, I was gonna say. Also the West Bank, Palestinian West Bank and uh Lebanon are are known to be places, and then oddly enough in Hungary, although I you know that's I was about
to go into a Renaissance festival speak. I've managed to avoid it this entire season, and I almost said, I know not why that is so? Austria, Russia, Hong Kong. Yeah, Now, some of these may be unintentional targets, right, they may not be the targeted computers because you would The conclusion we draw is whichever countries seem to have the highest rates of infection are more likely to be the targeted countries.
Of course, we can't know that for sure. It may be based upon just the behaviors of the people who work within that that that country, but it's a it's a fair indicator. Now, let's talk a little bit about what this malware can actually do and then why someone might use it to target those particular countries. Well, some people feel that it's a relative of stocks net or or Dooku, both of which have been known to circulate
in the same part of the world. Um stucks net was aimed apparently at power plants and other structure stuff. I think it's safe to say stocks net was specifically engineered to target Iranian nuclear power facilities. That that's the way. That's that's the way it's presented. Yet because I didn't
write it, so I don't know. One of the functions of stocks net was to change the the rate of revolutions per per minute for centrifuges, and the whole idea was that by changing that, that speed at which the centrifugure turns within a nuclear power facility you could cause a failure of that part of the facility, thus effectively shutting it down out um. Presumably if you could get it to spin uh erratically enough, you could cause more of a catastrophic failure than just you know, slowing down
the program. But that appears to be what stucks net was all about. Now now we still don't have official news of who was behind it, although of course there are a lot of um, there are a lot of likely candidates. But but along those lines, Flame is a little different. Stucks Now, of course, was was looking at, at least from what we understand, physically, sabotaging a power facility. Flame looks like it's more about spying upon various targets.
That's that's true. Um it is uh. It is also written, like those other two pieces of malware, using a h scripting language called Lua. I haven't ever heard that pronounced l u a, which is often used actually for in the gaming industry. Yeah, and Lua is an obscure enough language that it might actually be. One of the reasons why the hackers may have chosen Lua as one of the languages they worked in is because it was obscure
enough to not raise red flags immediately. It wouldn't look like other kinds of malware just at first glance, and so that might be a reason why the hackers chose it, or may just be that the hackers were really really familiar with that particular language and it could do what they needed it to do. But Uh, a lot of the analysis I've read suggests that perhaps the reason for picking it was because it was less recognizable. But it does.
Flame does record system information about the systems that it's on. Boy howdy does it. It's it's kind of an uh catch all when and again a lot of this depends on what modules are installed on top of Flame. You know, think about think about Flame in a way like uh, you would and operating system like iOS, and that you know, iOS can do lots of stuff, but it can do more stuff when you add apps to it. The apps give you very specific features. It's the basically the way
that computers work exactly. So so, uh, Chris and I both happen to have an Android phone, different Android phones, and that I would wager that many of the apps that Chris has I do not have, and vice versa, and there are a few that we might have in common. And that that's because Chris wants this phone to do a certain set of things, and I want my phone to do a certain set of things. Hackers are the
same way. They may want their their malware to do certain things in certain situations, and they don't necessarily need everything. It doesn't have to be a kitchen sink approach. So that's kind of the idea behind Flame. So some of the things that can do as far as cyber espionage go. Uh. It can do keyboard activities, So a key logger function, like Chris was talking about earlier, This is what tracks
what keys are being pressed. Usually you use this so that you can find out things like passwords and that sort of stuff. It can monitor network traffic, so we can actually see what computers the infect the computer is communicating with and possibly even sniff out those that data. It can take screenshots, so the person on the other end of this uh, this connection can get a look at what the user is is looking at whenever they're using the computer. Also very important if that particular computer
is used in a high security environment. It can even record audio. It can use a computer's microphone and record audio. So just imagine it's like bugging a a an office, except you don't have to put a bug in there, which is amazing how you think about it. There are you know, there are offices that are in such high security areas that there are frequent bug sweeps where the company or government agency will have someone come through and search for any electronic bugs that might have been planted
there in order to record conversations. Well, this gets around that it turns the person's own computer into that recording instrument. It can even do things like a record Skype conversations. And the one I saw that I thought was particularly clever was there's apparently a module that will allow if the computer has Bluetooth capability, it will become a beacon, a Bluetooth beacon, and we'll try to connect with Bluetooth
devices that are within range and download information from them. Interesting, So if you have a smartphone, you're a government official, and you've got a smartphone, you've got Bluetooth enabled so that you can use your cyborg earpiece that everyone tends to use, then that your computer might try to do a Bluetooth handshake with your device and pull information from your device into the computer so it can send it off to the hacker so it's all about gathering information.
There's also been some some uh suggestions that perhaps this is related as well to another kind of malware. In fact, that malware may just be a module on top of Flame called Wiper, which does exactly what you would think it does. It wipes data from a device. So it may also not just be about data collection, but also destroying data. And in fact, it does look like there's been some some data loss, uh, particularly in Iran that
may be due to this particular malware. UM. It is important to note too that this is not the only piece of modular mountainware out there. UM. It is just it is especially unusual in the size of this malware
sophification and sophistication. UM. But yeah, it uh this is sort of an indication that, uh, the game might be afoot if you will, basically exactly what what what what's going on is And I think this is part of the reason that people are so if you if you follow the tech press or the tech media, let's say, um, you've probably seen a lot about this in the past few weeks. And I think the reason for that is because it's captured our imagination and it's it's made us
all realize that, uh, electronic espionage is here. People are using it, and it's and it's not uh, it's not the exception anymore. I have the feeling that uh, and basically I am certainly not the only one from my my reading that uh, people seem to feel that this is state sponsored espionage and that this kind of thing is going to become more and more more common as the years go on, because this is the way the
world does business um, and I mean all kinds of business. Um. Personally, I think the reason that it's designed to capture webcam stuff is so that they can postum videos on YouTube of high level officials dancing to Lady Gaga, videos in their closed offices that they've had swept for bugs so that they won't get caught doing it. That's ridiculous. That's
Taylor Swift videos. But now the the the other thing about this is that I think it's interesting if you think that this this malware may have been around since two thousand seven, it shows that hackers were of the same mindset as Steve Jobs because they saw that apps
were the next big thing. No really, seriously, when you think about it, it it is kind of amazing because they were thinking, well, let's make this a very flexible, adaptable malware system so that we can use it in multiple uh use cases and we don't have to again, we don't have to send the whole thing to everyone. Um it did you know? Just like other malware, it attempts to cover its tracks as much as possible, so that way you know that it can stay on an infected
computer as long as possible. And it's very good at it if it's been around for years um and just now we're talking about it. Uh. And also it's it spreads kind of in a way similar to other types of malware. You might think, well, how does how do they get How is that initial entry into a system? How is that accomplished? Well, there are a couple of
different ways you could do it. Um. There's some suggestion that perhaps it was a spear fishing attempt, which is where you have a specific target in mind and you know, you know, you have enough information about that target to be able to create an email that could tempt that target into executing a file that they probably shouldn't have done. Right.
Phishing is uh with a pH is a social engineering tool to gather information you've probably just about everybody I'm sure who is listening to this has had a phishing email show up in their spam box where it says, hey, you've uh, your bank account has been compromised and we need you to send us your information. Um, and you go, you know, I haven't. I don't have an account at this bank and I've never had an account at this bank.
I always chuckle at those because I think, nice try, um, but that that but that isn't what what fishing is known for. If you if you were to click on that link and go further and um enter your private information in there, they would be able to use that in identity theft um operation. But spear fishing is specifically targeted um as Jonathan said to a certain person. So it is especially effective because it says, hey, Jonathan in Strickland, we know that you have an account here. Uh and uh,
this is a problem with your account. You need to enter your information stuff. There's been some unusual activity on your account. Which is even better because the unusual activity comes true. Yeah, because you go and you check your account and the next thing you know, you have actually given over the information to the people who will generate the unusual activity on your account. Don't ever follow those links. Yeah, no, no, it's better to it's better to go to those those
sites directly through your your browser. Uh, as long as you don't have um the DNS changer now where on your computer, which leads you to the wrong browser anyway around wrong site rather anyway. So anyway, getting back to this, spear fishing is a very very possible way that this initially got out into the wild. However, it can also be spread through USB thumbsticks, which means getting physical access
to someone's computer. Not always the easiest method, no, but that's that's exactly what they did with stucks Neat apparently, was they snuck it into nuclear power facilities on a USB flash drive, which you know it's not necessarily the easiest way, but it is. I mean, I guess it all depends on your target, because you could either do
it yourself where you are. You know, you pose as say a technician saying I have to install this new software onto your computer so that we can maintain security, perhaps your Klaus Hergersheimer checking radiation shields, or you could uh actually mail thumbstick to a person and say here is the file you wanted and have them install it themselves. Sometimes it's that easy. Yeah, sometimes it sometimes that that works. I mean, because you know, people don't necessarily think, oh,
there could be something bad on this thumb drive. By the way, there could be something bad on that thumb drive. Um, so you know that's another possibility. And also once it gets in the network, there were other ways of leveraging
the network to help infect other computers. One of which I saw was using a printer spooling UH protocol where certain printers, you know, you could send the malware through the printer queue, and other computers as they connect to the printer queue could be infected that way, which is kind of interesting. But that means that you already have to get into the network initially in order to take
advantage of something like that. So in other words, you can't just necessarily attack straight through the printer, although I suppose you could if it was a printer that had Internet connectivity and you had the password to get into that. But at any rate, it propagates through those ways, and apparently it will only do so under the direction of the hackers, So this is not the kind of malware that will just copy itself an infinite number of times and just send it to every single contact within a
computers database. Instead, it's a very controlled attack, which is again another another reason why UH the analysts think this could be state sponsored, because typically if you have someone who's just interested in either creating as much trouble as possible or just trying to make a profit off whatever that is they're doing, they're probably less likely to have this sort of controlled approach where they're targeting specific computers, because why do that when you could go with a
blanket bomb approach and just infect everyone you possibly can. UH. This appears to be much more of a precision attack, so that tends to suggest a state sponsored approach. Now by that we mean that some government has gone out and hired programmers to create this malware with the intent of using it on some other nations computers, possibly possibly
computers within the own their own nation. I mean, it all depends on what the government's UH motives are, and then they're going to gather information and analyze it and make their own plans based upon what they see. So typical spy stuff as opposed to say a group of of you know, just just a group of hackers that just want to get as much information as possible in order to make as much money or as much trouble
as they can. Yeah. The the country that has asserted the state sponsored claim more than any that I've seen is Iran, who blames Israel and the United States for the attack. And there was a statement from an Israeli government official that I think inadvertently kind of gave the the implication that Israel was directly involved. But I don't think that was the intention of the statement. Well, one
way or the other. I'm sure it wasn't right, but the but the government official essentially said, we would you know, this is this is sort of that I'm paraphrasing here, this is the world we're in, and if if we think these tactics are going to work, we're going to use them, which essentially sounded like an admission. But the Israeli government very quickly said, no, no, no, we deny that we have anything to do with this. However, we
could write a much more sophisticated program than that. Now I'm I'm kidding um, but yeah, I mean he they're saying that they they wouldn't uh, just because they did or did not launch this. This is the kind of thing that we're going to see more of, which is
which is what the analysts have been saying too. Um. It was very unusual too, because the the organization known as f Secure, which is a h an anti known anti virus organization in Europe, was contacted by the Iranian Computer Emergency Response Team UH for assistance with that, but
apparently it never never went through. But they did contact them, which is kind of unusual because usually they uh, Iran is kind of uh tight lipped about these kinds of things until you know, they can they can say something about it. But they were asking for help initially. Um. But yeah, as Jonathan was saying a minute ago, UM, that the attacks have been very targeted, and there we're not talking about hundreds of thousands or millions of computers
that are infected like other malware has. We're talking about a few thousand at most now. There may be fewer than a thousand in fact, across the entire world, with the greatest concentration, like we said, being in the Middle East. And uh yeah, so it's you know, it's very possible that um that this is uh, this is not necessarily one of those global things that everyone should freak out about.
What they should freak out about, rather than the nature of the threat that flame poses, is the nature of the threat that the type of malware flame is poses. So, in other words, in other words, it's not flame we need to worry about. It's the fact that now we know actually I guess it's better than we know. But right there's a proof of concept here. There's this malware that can exist, that can be incredibly effective at gathering information. And who's to say that the next version of this
isn't already out there. In fact, it very well maybe out there right now. I'd be amazed if it weren't out there right now, to tell you the truth. And it's possible that it could be spying on more than
just government or or infrastructure type of agencies. And also, even though this particular kind of malware it's all about gathering information that would be you know, espionage type stuff, there's nothing stopping any and else from taking that same model and applying it for things like stealing identities, stealing
bank account information. You know that you could you could easily take the same approach and apply it to the very uh stereotypical means of you know what malware tends to do, and it could wreak a lot of havoc.
And I think, I think when it comes to gathering information like all that information like listening into phone calls and stuff, I think that's probably not something that the average person needs to worry about, simply because if you're using a typical virus attack where you're trying to hit as wide a an audience as possible, it doesn't make a whole lot of sense to be filtering through that
much information. You would have so much information hitting you that it would be the signal to noise ratio would be out of control, right, So you don't have Well, I was really hoping to get something I could use as blackmail for this guy, but I have to first sit through this three hour conversation he had with his grandmother about the sweater she knitted for him, And uh, that really is not giving me the juicy details I need in order to put the screws to this guy.
So I mean, it's a it's a very real problem. Now. Granted, when you're talking about state sponsored you've got an entire departments again stuff through that, not to mention access to possible computers that can filter through data much more effectively than people can. But when you're talking about like hackers who are just trying to get data, you know, about
a person, it's a different story. Now what they could do is if they wanted to infect a lot of computers and just cause mischief, then you're talking about some pretty serious issues too, Like you could talk about, you know, having computers have failures, talking about botton nets, that kind of thing. Um, Now do we need to worry that our computers are all infected? Well, what you need to do is do the same thing that we recommend in every podcast we ever talk about when it comes to malware.
Back up your hard drive and use virus protection, virus protection software, use a firewall, anti virus protection, protect those viruses. Wait, no, that's not what I meant protect yourself from viruses. Yes, you want anti virus software, reliable antivirus software. You want to keep it up to date. You want to keep your operatings system up to date, because as you patch your operating system, it plugs up vulnerabilities that get discovered
over time. Because that's that's what they're doing, really, Um, a hacker is not necessarily somebody who's evil, but it's somebody who takes something apart two uh re engineer it, or or to find a different use for it, or to find something that's wrong with it. Um And in this case, what the computer hackers are doing is finding flaws in an operating system, and it can be any operating system in the case of Flame. And we should point out these are Windows based machines that are being
attacked by Flame. We didn't talk about that in your first of all the podcast A Windows based machines, but yes, there are Any upbring system has vulnerabilities because operating systems are built by humans, and humans don't always think of every contingency. It's just impossible to do. And while you are building an operating system, or building any system, you're looking at it from one perspective. You're thinking, how can I make this as secure as possible? The hackers looking
at thinking how can I get into that system? And they're going to start looking at ways that you could not have thought of, because they're going to see what you have thought of and go beyond that. It's it's just that's the way the game works. But then as vulnerabilities are are discovered, then you have the flip flop. You know, you've got the reaction to it where you
plug that vulnerability. Now that might create other vulnerabilities, or maybe that other vulnerabilities exist that you have not yet discovered. That's why it's important for you to make sure that you update your operating system as updates become available. Yes, I know it can be irritating, especially if you're on a slower connection, to have to update your operating system every week and you're shutting down your computer and it says installing update one of thirty three, I wanted to
go home. Um, But still it's better to do it and to maintain as high a level of security as you can. And ultimately, the most important thing I think, besides the antivirus software and plugging the operating system, is engage in good behavior in the sense of don't open strange links, don't execute files that are sent to you
from people you don't know. If it's sent to you by someone who does you do know, make sure that you contact that person first and say, hey, I got this email from you and had this file in it. Is this what I think it is? Is it cool? Because it may be that your friends computer has been infected and that you're getting a file that is automatically generated because it's gone through that friends contact list and
you have to be on it. You know, think of the think the way hackers think, and make sure you don't engage in those high risk behaviors that hackers target because they're they've proven to be effective tools. And if you managed to do that, if you avoid the high risk behaviors and you keep your antivirus software up to date, and you keep your oberating system out to date, you have done as much as you can to prevent this sort of stuff from infecting your computer. Doesn't mean that
it's full proof, but it it dramatically decreases those chances. Yes, as Jonathan was was saying, there there could be uh contingencies. Flame actually looks for anti virus software, especially the more common manufacturers software, and it looks for things that are going to report unusual activity online activity their applications for I think pretty much every operating system that will say, hey, uh, this program is sending message out? Is it supposed to
be sending a message out? UM? And I've seen malware for for multiple operating systems be able to detect that. So it's looking for anything that's going to report on its activity or or try to eliminate it UM. And of course, if it's something as sophisticated as Flame UM, the software can be updated by the hackers to get around virus detection software UM. So the vulnerabilities UM that that initially allowed Flame to operate apparently been patched and
more some time ago. Again, if if if the people who UM had been using those operating systems had patched their software would have made it a lot more difficult. Now, if if the hacker has a backdoor into that software, then he or she can say, okay, uh, this vulnerability has been patched, but this one is still open from now on, use this door out into the internet instead of the one that you were using before and stay.
And that allows them to stay one step ahead. But again, if you if you take those steps UH to keep your anti virus in your operating system patched as often as you can, as as it's done regularly, then you you stand a much better chance at at preventing something like this from happening. Yeah, again, not full proof, but at least it decreases that percentage. It's fascinating to to look at these modules because you it's it's such an
amazing architecture. UM. It's it's obvious that the people who wrote the software UH intended to set up shop and the operating systems of the people whose infect whose computers were infected by the software by this malware, and and UH they intended to stay there for as long as they could and record as much information as they could about the operating system, about anything that they can connect to. UM.
So they they were playing for real. Yeah. The only thing I think, the only indicator that shows that they were not completely fully baked when when it rolled out is that it does not let you play angry Birds. Otherwise I think it was a pretty strong modular system. But until the system has Angry Birds on it, I considered incomplete all right then all right, So that kind of that kind of sums up the the knowledge we
have as the recording of this podcast about Flame. Of course, by the time this publishes, we may have more information, such as a stronger indicator of who might be responsible. Although I don't know what's duck set. It's been out for so long and people still don't know. Although yeah, both with stucks neet and with flame. The the most of the fingers are pointing towards Israel. In the United States, again, no smoking gun, and there's lots of flame, but no
smoking gun. Well and uh, of course, as we know, um, internet hackers have been known to find ways to point the finger at someone else. Um. They're very good at hiding their tracks and making somebody Well. The names of these modules are all in uh, in English and somewhat slangy. Some of them are are slang terms, so uh, you know it kind of says, oh, well, somebody who's very
familiar with English probably wrote this software. Um. Yeah, so that's why I would want to I want to get like if I were to write some malware, I'd want to get slang and something like Romanian. Yeah. Well, the penguins in Australia who wrote this software very sophisticated and and and nobody's going to point a flipper at them. So now you're suggesting it's lenox. I see what you're saying. Yeah, Tucks and his buddies down there. So well, I think
that wraps up our discussion here now. Granted, what'll be interesting to see is if we see future outbreaks of malware that follow in flames smoking footsteps. Uh, because it is. It has proven to be a pretty effective tactic. And of course, you know, we would expect any future form of this sort of attack to take to be different enough so that it would not immediately trigger suspicion once someone downloaded it. Uh, tony megabyte file is like you said,
that's significant for malware. It's not still not significant compared to say a good music file, but uh, yeah, you never know. So guys, be careful out there again. Don't need to worry about flame unless you are a high ranking government official or you run some sort of important facility in the Middle East. And but you know, being careful is always good no matter no matter what area of life you might fall in. And let us know what you would like us to talk about in future episodes.
You can untacked us via email our addressed as tech stuff at Discovery dot com or less know on Facebook or Twitter are handled There is tech stuff hs W and Chris and I will talk to you again really soon. Hey. Uh, you know when we were recorded this podcast initially, yes, we talked about things like who was responsible for the flame virus, saying that it could literally be anyone. It could literally be anyone and one in the world. And it was very similar to stucks net. No no connection
to stucks net at all. Yeah, but it was awfully similar in boy, isn't that weird? Okay? Yeah. So, as it turns out, since we recorded that podcast, almost broke almost I'm sorry not to interrupt, almost literally right after we recorded this, it went like a day, Yeah, exactly
like it was. By the next week, the news had broken that that Flame, the code for Flame resembled to the point of identity part of the code or an early iteration of stucks net, which is an incredibly strong indicator that those responsible for the creation of Flame were also involved in creating stucks net. So that narrows down that field dramatically. And as Chris said, when we recorded
the podcast, that information had not become public. But now we know that stucks net and Flame share enough similar code to give us the confidence in saying the same parties were involved in the creation of both, So that also limits who could have been behind it in other ways. Right now, it the accusations have pretty much centered and they have since ducks net became public. They've centered on
the United States and Israel. Yes, and although neither country has officially confirmed anything, the evidence, I can't imagine that they would. No, I can't either, but uh, the evidence has has pointed even more strongly since then. So I mean, I would say it's safe that neither Jonathan nor I can confirm or deny any you know, any involvement by any government anywhere. I can. I can deny that I
had any involvement. Yes, that's about that. But as far as I can, the evidence is is stronger now to suggest that based on based on the information that we've received in the media. So, and there was also an interesting discussion that popped up, and I think it's one that we can have a kind of a quick version of it here on our show about stuckx net and Flame both existed on computers for years before anyone else
outside of the operations knew anything was going on. Yeah, and it's amazing because it seems very fresh to us, but it has been out there for quite some time. So right, it remained under tected for years. And in the case of Flame, you're talking about a significant file size. It's a small piece of code. Uh. The argument I've seen says that the era of anti virus software is over because if anti virus software can't protect you from these things that they can remain hidden for years, then
it is useless. Now yeah, I think I think that's I think that's extremist. Now, I do agree that if code goes undetected, anti virus software is of little help in that case for something of that variety. Now, uh, we're when we're talking about the victims of flame and stuck s net. These are not you know, people sitting at home, uh, you know, checking the web in their email. The targets, yes, these are These are are targeted organizations
and governments. Um. And it is more likely that you or I would be targeted by uh script kitties sending virus is by email or by phishing or even spear fishing for that matter. So yes, I think for everyday folks, protecting their computers is still a very very good idea backing them up and using virus protection software. Yes, yes, and please and remember I mean these these security firms, as soon as they identify malware, they are at work to try and incorporate that into the anti virus software
so that you can detect it. And prevent it from infecting your computer. Because just because something has become known doesn't mean it's no longer dangerous. It's still dangerous. Uh. If it's unknown, then it's extra dangerous because your software may not be able to protect you against it. But yeah, I agree, Chris. I don't think that anti virus software is useless. I think it's still has a place. I think you have to couple antivirus software with smart computing
practices and that will help protect you from malware. Yes, all right, Well that wraps up our PostScript, so uh, please don't write us telling us that we missed out on that fact. We did, but we we fixed it. For more on this and thousands of other topics. Is it how staff works dot com? Brought to you by the reinvented two thousand twelve camera. It's ready, are you