Stuxnet, Flame and Duqu used GPL code
Stuxnet, Flame and Duqu are the three most famous programs supposedly created by the special services as “cyber weapons” against other countries. The Stuxnet program successfully disabled 80% of Iran’s uranium enrichment centrifuges, and the Flame spyware program had been working secretly on Iranian computers for several years, setting up as a Windows update.
Last week, the assumptions about the American order were confirmed: it turned out that President Obama personally followed the introduction of the Stuxnet virus on Iranian computers. There is no direct evidence about Flame and Duqu yet. But there is hardly any doubt that these programs were also commissioned by the Americans.
The most interesting thing is that in all three programs the LZO library was used, which is distributed strictly under the GNU GPL license.
In the Flame program, besides LZO, other Open Source projects are used:
')
putty - MIT license
libbz2 - license type BSD
zlib - own license
SQLite - public domain
Lua - MIT license
As it is known, the GNU GPL requires distribution with binary files of the program source code or a written commitment to provide it. This is how the LZO library is distributed. The terms of the GPL also require that users of all derivative programs should receive the same rights. That is, all derivative programs that use the GPL code must be distributed with open source or with the obligation to provide them.
Obviously, Stuxnet, Flame and Duqu will violate the GPL license, unless the authors of these programs provide their source code.
The problem is now very relevant, because the best experts of several antivirus companies are actively working on the reverse-engineering Flame. Given the size of the program (20 megabytes, hundreds of thousands of lines of code), this is a very difficult task. What can I say, if the Duqu analysis has been going on for years, and is still far from complete: Kaspersky Lab specialists have recently been able to understand, with the help of the community , in what programming language the framework was written.
The Hungarian company CrySyS, which first discovered Flame, is also still working on Duqu analysis. She published an appeal to the authors of the Duqu program to send the source code to duqusubmit@crysys.hu. They are required to do so under the terms of the license, even if anonymously.
Of course, this is more of a joke. But who knows, maybe the Electronic Frontier Foundation or someone else who is involved in the legal defense of GPL projects will someday file a complaint against the US government for copyright infringement.
Last week, the assumptions about the American order were confirmed: it turned out that President Obama personally followed the introduction of the Stuxnet virus on Iranian computers. There is no direct evidence about Flame and Duqu yet. But there is hardly any doubt that these programs were also commissioned by the Americans.
The most interesting thing is that in all three programs the LZO library was used, which is distributed strictly under the GNU GPL license.
In the Flame program, besides LZO, other Open Source projects are used:
')
putty - MIT license
libbz2 - license type BSD
zlib - own license
SQLite - public domain
Lua - MIT license
As it is known, the GNU GPL requires distribution with binary files of the program source code or a written commitment to provide it. This is how the LZO library is distributed. The terms of the GPL also require that users of all derivative programs should receive the same rights. That is, all derivative programs that use the GPL code must be distributed with open source or with the obligation to provide them.
Obviously, Stuxnet, Flame and Duqu will violate the GPL license, unless the authors of these programs provide their source code.
The problem is now very relevant, because the best experts of several antivirus companies are actively working on the reverse-engineering Flame. Given the size of the program (20 megabytes, hundreds of thousands of lines of code), this is a very difficult task. What can I say, if the Duqu analysis has been going on for years, and is still far from complete: Kaspersky Lab specialists have recently been able to understand, with the help of the community , in what programming language the framework was written.
The Hungarian company CrySyS, which first discovered Flame, is also still working on Duqu analysis. She published an appeal to the authors of the Duqu program to send the source code to duqusubmit@crysys.hu. They are required to do so under the terms of the license, even if anonymously.
Of course, this is more of a joke. But who knows, maybe the Electronic Frontier Foundation or someone else who is involved in the legal defense of GPL projects will someday file a complaint against the US government for copyright infringement.
Source: https://habr.com/ru/post/145581/
All Articles