- StuxNet Deep Dive — extremely technical talk, but this page has a redux. The presenter’s thesis, well-argued, is that StuxNet was absolutely aimed specifically at the Natanz facility. (via Chris Douglas)
- Smithsonian Digitizing Items (CNet) — two-person project, only able to do a few items a year, but still an excellent advance. See also Bronwyn Holloway-Smith’s art project around artifact replicas.
- Collusion (Mozilla) — have your browser tell you the third parties tracking your web browsing. (via Hacker News)
- Survivor (Github) — HTML5 implementation of an Atari/C64 game. If you wanted to learn how to write HTML5 arcade games, you could do worse than study this project. (via Andy Baio)
Industrial malware has captured the imagination of the tech industry, but efforts by security researchers are promising.
I’ve spent the last two days at Digital Bond’s excellent S4 conference, listening to descriptions of dramatic industrial exploits and proposals for stopping them. A couple of years ago Stuxnet captured the imagination of people who foresee a world of interconnected infrastructure brought down by cybercriminals and hostile governments. S4 — which stands for SCADA Security Scientific Symposium — is where researchers convene to talk about exactly that sort of threat, in which malicious code makes its way into low-level industrial controls.
It is modern industry’s connectedness that presents the challenge: not only are industrial firms highly interconnected — allowing a worm to enter an engineer’s personal computer as an e-mail attachment and eventually find its way into a factory’s analytical layer, then into its industrial controls, bouncing around through print servers and USB drives — but they’re increasingly connected to the Internet as well.