Headline: "How it works and who's behind it"<p>Article: "So it is unclear who is behind that, and we try not to speculate who could be behind such attacks."
Kaspersky again. I'll refer you to my recent comment <a href="http://news.ycombinator.com/item?id=4033892" rel="nofollow">http://news.ycombinator.com/item?id=4033892</a><p><i>It can steal information from the input boxes when they are hidden behind asterisks</i><p>OMG!!
"<i>It was actually after an inquiry from the International Telecommunications Union, which is a part of the United Nations, who actually asked us to start conducting research</i>" ...Wow, this sounds serious, indeed.
Flame is not remotely in the same category as stuxnet.<p>The news agencies are confusing capability with complexity. Stuxnet was very targeted with insider information on esoteric industrial systems. It was designed to fly under the radar, cause damage to physical systems in such a way that it would appear to be from "wear and tear."<p>As I recall, stuxnet used some compiler shenanigans to obfuscate stackframes and make it difficult to decompile (after having first decrypted the executable code).<p>Flame is written in Lua! A scripting language! So to say that somehow Flame is going to be hard to analyze is absurd.<p>It's a 20MB package of the Lua VM, the scripts, and modules like sqlite. It's about as vanilla of an application as you can get!<p>They claim this 20MB package size is going to make it super duper hard to analyze, and yet they have the source code to look at, and while it's a decent size at 3k lines, it's SOURCE CODE. Not obfuscated machine language.<p>The coverage on this is just stupid.<p>Some good information on Flame is at <a href="http://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers" rel="nofollow">http://www.securelist.com/en/blog/208193522/The_Flame_Questi...</a> . It still has the absurd commentary, but at least it gives details on what is actually there.