Talk:Stuxnet

Collateral damage downplayed
The excessively lengthy introduction seems to be downplaying the extent with which Stuxnet caused damaged well beyond its intended target. There is also little in the article itself. This needs to be correctedRoyalcourtier (talk) 07:07, 1 January 2016 (UTC)
 * There was little to no actual collateral damage actually done. Stuxnet infected a great many computers sure, but once on the machine it literally did nothing but propagate to other computers then it shut down and became inactive. The only incident where it actually had unintended consequences to my knowledge was when it was first discovered and this was caused by a wierd interaction between a small antivirus protection software and the virus causing the computers to reboot. The infection and subsequent shutdown of the program is hardly damage. Learncraft (talk) 07:21, 25 January 2016 (UTC)
 * One could make the argument that the time & cost of removal Stuxnet and protecting systems from future infection, changing procedures, closing security holes, updating virus definitions, could be considered "damage". Also whatever costs to Siemens' reputation. i.e. "intangible".  However, there's also an argument to be made that a company (Siemens) and a state (Iran) that are using the PLCs to manufacture enriched uranium, possibly for nuclear weapons (and the potential cost in human lives as a result of those efforts), should have, and possibly could have done a better job of protecting their hardware and software from attacks like this.  Obviously the creators of Stuxnet knew these vulnerabilities existed, and the manufacturers of possibly weapons-grade uranium either did not, or the did but failed to address them.  So one response to the allegation of "damage" might be to instead hold the entities affected responsible for whatever "damage" they incurred.  People involved at the extreme end of the "danger" scale need to be extreme on the "security" scale also.  It's an interesting assertion ("damage"), but very complex, and would need extensive discussion.Tym Whittier (talk) 18:29, 26 April 2019 (UTC)

The comment about Stuxnet doing little to no collateral damage is simply shilling for the people who wrote stuxnet and is likely motivated by ideological or patriotic support for the nation which created this virus. The article should be edited to say, right at the top, that this was a piece of malware which infected a high proportion of the worlds computers at a particular time. Anything less is sheer bias; plus it frankly hard to know for sure what stuxnet did beyond attacking centifuges and proliferating itself through a the computers of innocent people. Clearly one cannot reference harms which one does not know about but we SHOULD say stuxnet was a piece of malwre which infected a high proportion of the worlds computers and, ideally, put a number on that proportion, right at the top.

Legality
There should be a section on legality. At the minimum this was an illegal act of sabotage, but it was quote possibly an act of war. This should be addressed in the article.Royalcourtier (talk) 07:09, 1 January 2016 (UTC)
 * I agree with this. A simple statement might suffice however, vs. an entire section.Tym Whittier (talk) 18:17, 26 April 2019 (UTC)

Could "Both Conditions" Be Made More Clear?
First I'd like to say this Article is very-will written (one of the best I've read), and with the idea that "better is the enemy of good", I'd like to suggest great caution in changing it. Having said that, this is the relevant passage in the Lede:

"The worm then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the code and giving unexpected commands to the PLC while returning a loop of normal operations system values feedback to the users."

I understand one of the two conditions is the presence of "Siemens Step7 software", but I am uncertain as to what the other condition might be. I arrive at a theory that Stuxnet might scan for both the software and the presence of hardware (device driver, maybe), but this is not explicitly stated. The Article would be improved if "both conditions" were explicitly described in the Lede. Also the statement "in the absence of other criterion" make me wonder what that "other criterion" might be.Tym Whittier (talk) 18:15, 26 April 2019 (UTC)

Trim the lede
According to MOS:LEADLENGTH we should be enjoying a lede of about 4 paragraphs. The wording here appears to be much longer, and with some specific details that are perhaps unnecessary to readers trying to obtain an overview. Are there arguments against making the lede shorter? Chumpih. (talk) 00:02, 20 September 2021 (UTC)
 * Have moved some paragraphs from lede into History which appeared to be an appropriate place for the information. That said, the text moved could perhaps be given a more encyclopedic tone. Chumpih. (talk) 02:03, 5 November 2021 (UTC)