Feeds

back to article The TRUTH about mystery Trojan found in SPAAACE

The mystery malware inadvertently brought into space by scientists which then infected the International Space Station has been identified as a gaming Trojan. The historical infection actually happened five years ago in 2008 but was propelled back into the news again last week as the result of a recent speech by Eugene Kaspersky …

COMMENTS

This topic is closed for new posts.
Bronze badge

Vapourware !!!!

Look Look virus' everywhere, you need protection !!!!!

So Kaspersky is selling his wares on TWO virus stories that his company and software didn't at the time pickup or even detect.

3
7

Re: Vapourware !!!!

or just move to linux ?

4
1
Bronze badge

Re: Vapourware !!!!

Yes because Linux has no malware, great idea!

2
6
Bronze badge

Re: Vapourware !!!!

@knarf: well, it doesn't have an autostart system, or shortcuts that can execute DLL files just by looking at them

1
0
Silver badge
Facepalm

Oops - completely missed the point when I clicked on the article...

... and thought it was going to be about some piece of space junk in a stable orbit trailing the ISS.

6
0
Bronze badge

Re: Oops - completely missed the point when I clicked on the article...

No that's a Sandra Bullock movie.

5
2
Silver badge

Re: Oops - completely missed the point when I clicked on the article...

@knarf...

I salute you, Sir, on the excellence of your ripost!

1
1
Bronze badge

Re: Oops - completely missed the point when I clicked on the article...

"No that's a Sandra Bullock movie."

Actually, I considered that one incredibly cute.

Dumber than a bag of hammers on space and physics terms, but cute nonetheless.

See dumber than a bag of hammers and wonder why it didn't get preserved in my video collection.

0
0
Bronze badge

cause headaches in finding open-source builds of current Windows-based scientific applications

I didn't know Linux was incapable of running closed source applications.

7
4
Silver badge

Re: cause headaches in finding open-source builds of current Windows-based scientific applications

"I didn't know Linux was incapable of running closed source applications."

If you're not joking -it does and I spent a great deal of my last few years at work running EXTREMELY expensive molecular and protein modeling programs - all closed-source and all protected to the hilt.

2
1
Anonymous Coward

Re: cause headaches in finding open-source builds of current Windows-based scientific applications

A true Linux user will only use open-source programs since only open-source is the way to true security, happiness, and the Almighty. Everyone else is pretending and is a Windows / Mac user at heart.

3
7
Silver badge

Re: cause headaches in finding open-source builds of current Windows-based scientific applications

'"I didn't know Linux was incapable of running closed source applications."

If you're not joking -it does '

..I was detecting irony (or rather, sarcasm) in the OPs statement - of course that might have been wrong as well. The article was seeming to suggest that the switch from Windows to Linux would necessitate moving from closed source to (presumably different) open source applications - which is not true in the general case.

6
0
Silver badge

Re: cause headaches in finding open-source builds of current Windows-based scientific applications

Apology : I read it as 'capable'

2
0
Bronze badge
Windows

- all closed-source and all protected to the hilt.

One would assume this sort of work would be undertaken on Earth. I'm guessing that much of the ISS software is developed in-house, so a port to Linux is easier.

1
0
Silver badge

Re: - all closed-source and all protected to the hilt.

"so a port to Linux is easier." - I imagine so much of 'our' software was in-house and much scientific software is written for Unix and nowadays Linux

1
0
Silver badge

Trojans in space

I immediately thought of those asteroids that float around Lagrangian points.

0
0
Anonymous Coward

Re: Trojans in space

as Simon Harris said above?

0
0
Silver badge
Boffin

Malware checking USB sticks...?

It's not rocket science...

... erm...

5
0
Silver badge

Bah!

So NASA has no "scan media on Earth before it goes into orbit" policy, or are the astronauts just breaking the rules here? The answer would appear to be simple in either case: Instigate the policy tootsweet and make breaking it a Swift Kick in the Hurtybits offense.

1
0

Re: Bah!

I would have thought anyone clever enough to go to the ISS would voluntarily have all their data storage scanned. Knowing you've just borked the atmosphere scrubber whilst sorting your mp3s should focus the mind.

3
2
Gold badge
Coat

Re: Bah!

So which media scanner should they use? The one installed here and updated daily by those good people at McAfee certaiy doesn't detect everything that's out there in the wild from day 1.

0
0
Bronze badge

An unlikely solution...

Floppy disks!

Perhaps if we returned to using floppy disks instead of USB keys the malware would be too large to fit on the floppies?

Probably not, but floppy disks would be too small for most user content and cease to be used. Problem solved.... Sort of.... Well, it's a better solution than most of the AV products out there.

0
0

I'm really not understanding why anyone would even be allowed to take up a USB drive that hadn't been comprehensively checked both before and after any files or apps were dumped on it.

4
1

Autorun strikes again

Autorun is a stupid, stupid feature of Windows, that should never have made it into release. Whoever first thought of it must have been braindead.

2
1

Re: Autorun strikes again

Autorun can be disabled by default, and it should have been on ISS systems.

0
0
Bronze badge
Coffee/keyboard

Personal USB Drive

I suspect the USB Drives that were infected were personal ones owned by the Astronauts that contained all the Frankie Vaughan an Astronaut would need to entertain themselves while alone in space. They probably "forgot" to hand it over to be scanned prior to leaving...

0
0
Bronze badge

Query

",,, thought it might cause headaches in finding open-source builds of current Windows-based scientific applications, among other issues.

I may be wrong but using something like Crossover or Virtualbox or VMWare could help out, couldn't it?

1
0
Bronze badge

Re: Query

It could but some use a USB license dongle and they can be a nightmare in virtual land.

0
0
Silver badge

...its malware payload only came into play in screwing up the operation of industrial control systems from Siemens. Additionally, it only activated when the kit was being used to control high-speed equipment such as Iran's nuke purifying centrifuges. Nothing would happen to the same type of kit within a milk-bottling factory or an escalator control mechanism that became infected....

That's all right, then.

We'll forget about the fact that it only takes ONE malicious teenager inside the virus-writing fraternity who isn't thinking much about long-term consequences to put a jump around that.....

2
1

It really would take more than "one malicious teenager" to do this. The level of complexity in Stuxnet is truly awe inspiring.

0
0
Anonymous Coward

Actually what surprises me is the number of computers

140 laptops of which 80 are running at one time?!?

Now I know that power is a very important thing in space travel. I recall a number of stories in which additional solar panels were being deployed in order to meet future demand.

Now. I'm guessing that when an experiment is being designed it is self contained and comes with it's own laptop with software installed to run everything. That computer would come with whatever operating system needed to run the software.

I'm also guessing that many aren't actually connected to a network. This is simple safety design. A fault in an individual component won't bring down (heh) your entire space station.

Non-experiments are most likely designed in the same way. Black boxes as far as possible. They all have their own controlling computers so failures can't cascade.

Quite a lot of data transfer is via sneaker net and usb sticks. It's hard to run a network everywhere (like though an air lock into a different module..)

The thing that bothers me is that a laptop is massive overkill in terms of the CPU cycles needed for most of the hardware. Big laptops. Heavy batteries (good if a power problem though). Spinning rust. Internal cooling fans.

Something like a small Raspberry PI would most likely be better. You might not even need a screen/keyboard unless you are interacting with it, so you can carry around essentially a portable dumb terminal with you to do the interactive bits.

Also better in terms of weight.

It takes a lot of delta V to get every single pound out into orbit.

Leaving the hardware and software up to the project implementors likely creates agility in design; the project planners can use whatever skill sets and hardware they are already have up on hand and don't need to get up to speed on new ideas- though I wonder if pushing towards a reference hardware/software module as a base platform would allow skills and ideas to be pooled and shared such as you see with Open Source.

A Pi is a stunningly powerful machine, and are current general purpose operating systems are massively overbloated to get things done. We forget that we got to the moon with onboard computers which were less powerful than a four dollar pocket calculator. You are also not limited in terms of language/tools/operating systems you want to use on it.

It would allow you to also have spares lying around in case there was a hardware fault somewhere.

And the hardware design is fully documented. NASA could design a special variant which was hardened for space, though I don't think this is necessary inside the station itself seeing they are using commercial laptops.

But the idea of Windows being used as a critical component in any system design terrifies me, though the fine article didn't mention in what systems the malware was found. I'm guessing not the important bits.

But malware in nuclear plants? Over an air gapped bridge? Even in the administrative machines? (also not stated) Not good.

Why are Windows systems being used here?

...

Just for the record. OSX also has auto run. At least in the past whenever you mounted a disk image (.DMG) it would automatically run scripting code in that image if it was found, and Safari still has the default of opening a download when finished, that's why Apple added a warning to the OS that "This application was downloaded from the Internet- Run anyway?" type message.

2
0
Anonymous Coward

So playing Frogger on the ISS is bad?

I'm curious of the game the Trojan rode in on. If Space Invaders brought down the ISS, I'd be calling the MiB.

3
0
Bronze badge

Everybody: big meeting at the Yomama coffee shop room in Chong Ching at 1pm

"Ladies and gentlemen" said the head of Trojan-for-You to his motley crew. "I am proud to announce that we are the first malware house ever to get a virus into space. This is one small virus for space, one giant pain for ISS!"

Applause.

0
0
Silver badge
Linux

It's true I tell you.

Linux does protect you from viruses or viri or whatever. Everyone in the office where I work has come down a a horrible snotty flu thingy except me. They all use Windows machines while mine is debian Linux.

1
0
Bronze badge

Virus in space...

It might be interesting when something like "CryptoLocker" hits there. Goes wild and borks up machines on the network.

Quick, get me the unlock key.....

Now if they would find virus writers and lynch prosecute them...

1
0
Bronze badge

Re: Virus in space...

Now if they would find virus writers and lynch prosecute them...

I think the fitting justice would be to throw them out of the airlock without a space suit.

0
0
Bronze badge

Small hint, OS centric idiots.

You have an OS, it can be targeted. Period.

*BSD? Targeted.

OS X? Targeted.

WinBlows? Targeted.

If it's popular or important to someone with deep pockets, such as nation states or criminal organizations, it's targeted. I'll not even go into industrial espionage, as that's moved into the nation state game. Again.

If you run it, if you are interesting, you will be targeted in your OS.

Period.

That windows has a history of supremacy in suchage is beyond the point.

What my command wanted in my Linux and *BSD system wasn't reliability, it was audit-ability and support to ensure the audits were accurate.

The only reason I got *my* OS of choice through was because I was an auditor for that particular OS at the time.

And it wasn't Windows. Windows was job security.

My OS was job stability, as it hearted detection of malware and reported it and did assorted other useful things.

No, you can't know which it was.

Figure it out for yourself. You'll be wrong anyway.

Aka security by idiocy. Let the idiots troll about and hope for success. ;)

0
0
This topic is closed for new posts.