Monday, August 14, 2006

Has Iran Started an Internet War?

Yesterday I wrote THIS post about the Iranian President starting his own blog. But according to THIS blogger it's all an attempt to infect Western computers - especially Israeli ones - with a virus. Click HERE and make up your own mind. I must admit it's all a bit beyond my technical know how.

20 comments:

Anonymous said...

Oh, great. I had a bagel last week. Please say I'm OK.

dizzy said...

looks like an over-zealous Norton app (what a surprise!) to me

Verity said...

Charles Johnson of Little Green Footballs says it's possible and refuses to put the link up on his site.

phone cam foolery said...

Some well informed websites are predicting an Iranian attack on Israel on the 22nd of Oct.
If so we can all kiss our a**** goodbye, being a canny sort I have a tenner with Ladbokes at 1000,000/1 that the world will end on 22/08/06.

ThunderDragon said...

He would have to be incredibly stupid to actually do that!

Buster George said...

Checked this out last night and have since scanned my PC, it is ok,
Just don't tell Dubya or he could iterpet this as a WMD.

Anonymous said...

It may be a total coincidence, but shortly after looking at the english-language version of the site, I suddenly started getting all these virus warnings, mainly about something called "bloodhound exploit 33" which sounds nasty enough without being a virus...

Steve G said...

I see from the comments in her blog that people accessing the site (or, more properly, accessing the suspect link on the site) haven't had any problems; the consensus seems to be that it's Norton AV playing silly buggers, which is nothing new.

I see the warning refers to 'an attempt to exploit a vulnerability in Internet Explorer […that] if combined with other vulnerabilities, […] could aid in execution of arbitrary code on the client computer'. A bit vague, that. You could say much the same about this site trying to run Javascript; that certainly could be an attempt to exploit various vulnerabilities in your browser, but it doesn't mean it is.

I tried clicking the link that caused the warning on her system -- www.khamenei.ir -- using Firefox and got a message that the page was down. Anyone else tried?

Verity said...

All I know is, the great Charles Johnson - all hail! - will not put a link on his site.

Steve G said...

And I'm sure it's a very wise precaution of Mr Johnson, not to mention that I'm sure he's prepared to believe just about anything of the Iranians. However, I've just looked up the full Symantec description of the 'attack', and it's clear that it's one of those things that's got a perfectly innocent use but could be used for malicious purposes, particularly if your Windows Security Patches are outdated.

A quick seach with Google reveals what I take to be perfectly innocent British academic site complaining that Norton's giving exactly the same warning about them!

(Almost) The Last Scots Tory In Scotland said...

Iain,

Why has your masthead turned red? It was blue on Sunday.

Benedict White said...

Well, I use Firefox, and frequently on Linux, so I laugh in the face of this danger!

On a slightly more serious note, the link is to another website, which may or may not have been hacked by either a cyber attack by anti Iranian elements, or criminals, it could also be an inept setup on the machine. the possibilities are endless.

PR wise, I doubt it is deliberate.

Anonymous said...

Unless Mr Khamenei should be considered a virus I am not affected/infected after trying.

Guess this is a bit of scaremongering.

Conspiracy addicts may be aware that visiting these sites may be logged by their ISPs. They are (soon?) legally obliged to keep these logs for several months.
Furthermore since the traffic has to be routed through the net it would be easy for well-connected individuals 'sniff' along with the routers and spoof an attack as if comming from .ir sites (or .il sites for that matter).

Anyway, interesting reading these translated speeches from the Iranian's spiritual leader Mr Khomenei.

Cheers

Anonymous said...

um, of course they haven't. The blog poster is clueless. These internet security programs are pretty much useless.

Suffice to say if there was a real virus there security analysts and little green fascists would be all over it like a rash. The Iranians could hack PCs in an anonymous way.

The blog poster is completely clueless

Anonymous said...

It's obviously the silly season.

Anonymous said...

Seriously, reporting BS like this makes the zionists look like fools. They get oh so very excited because somebody's extended the trail of smoke on a picture, even though the effect without the smoke extended is pretty much identical, claim that there's a massive global media conspiracy to stage pictures, with no real evidence, and are prepared to latch on to any old crap from somewhat not technically qualified to say whether a page has a virus or not.

raincoaster said...

It's boring. Not enough pictures. No YouTube. And no trivia quizzes!

What the hell kinda blogger does he think he is? There was a piece in Comment is Free about how he completely doesn't get blogging, to which I rightly replied that in that case it wouldn't be long before we saw him there.

Verity said...

anonymous 12:05 - You're not affected, eh? This virus or whatever it is specialises in slipping in the back door. Also, you think the Iranian government is not trawling for ISPs for some reason, later to be revealed?

Charles Johnson is a technological wizard and forensic expert and if he's not touching it, I'm not touching it.

ian said...

People who know more say this warning is a bag of shit.
http://www.theregister.co.uk/2006/08/15/iran_pres_weblog_alert_flap/

I look forward to the in depth exposé of the Olehgirl as being a pseudonym of Mark Regev.

Steve G said...

A commentator to Yael's blog, where this story started, reckons he's identified the cause of this message from Norton, and his explanation looks pretty convincing to me (essentially, it's a known and well-documented problem with Norton misinterpreting a bit of Internet Explorer-specific code -- which he's found in the page).

He concludes his post by saying

'So we can safely conclude that:

'1. this is not related to Israeli IP
'2. this message is reproducable with Norton Internet Security 2005 by anyone who has the software
'3. no further reports of malware have been reported so far with a different brand scanners

'I might add that this form of "amateur intelligence" does more bad to the world than good, with so many people willing to believe rumors like this. G'd knows there's already enough half-baked intelligence poisoning the media! Help the truth and spread my information around, perhaps creating a little more peace and less distrust?'