Bruce Schneier, a expert on security and cryptography, wrote this October 7th analysis of Stuxnet (also featured at Forbes.com), which summarizes what is known and unknown about the worm including possible clues from the code and alternative explanations to the Bushehr nuclear reactor sabotage hypothesis. Schneier's arguments on issues of technology and security tend to focus on putting threats and vulnerabilities into the most rational/least emotional light, and as such he has consistently downplayed the dangers of cyberwar. Whatever your stance on the threat, it is a measured analysis worth noting:

Computer security experts are often surprised at which stories get picked up by the mainstream media. Sometimes it makes no sense. Why this particular data breach, vulnerability, or worm and not others? Sometimes it's obvious. In the case of Stuxnet, there's a great story.

As the story goes, the Stuxnet worm was designed and released by a government--the U.S. and Israel are the most common suspects--specifically to attack the Bushehr nuclear power plant in Iran. How could anyone not report that? It combines computer attacks, nuclear power, spy agencies and a country that's a pariah to much of the world. The only problem with the story is that it's almost entirely speculation.

Here's what we do know...
More at Schneier on Security...

Best,

Erich Simmers