According to Ash Carter they are still working on the definition of "military sites". A crucial detail amongst several:

Defense secretary: Bunker-busting bomb against Iran 'ready to go' | TheHill

Although no deal is yet fully in place Russia is lifting it's ban on military exports to Iran already - s-3000s are to be delivered which apparently would pose no threat to Israel. Russia opens way to missile deliveries to Iran, starts oil-for-goods swap | Reuters

AFAIK, this isn't as tough to do as you might think. You just need to know what computer software they are running. The mechanism of action is speeding up and slowing down centerfuges, which eventually causes them to break.

Could be wrong, but you don't need to know the mechanics of the facility or have close monitoring of the facility. And Stuxnet only slowed down Iran for a few months. They've repaired the damage, patched the system, and moved on.

Stuxnet actually looked for the exact configuration of centrifuge banks at natanz. That's how it was able to specifically target that facility.

http://breakingdefense.com/2015/04/c...-a-first-step/

Politicking. Nobody knows what the terms are. They have a broad agreement, the hard business of hammering out details has just begun. This is no treaty.

So, it's looking like the deal is actually helping Iran develop nukes by agreeing to conceal Iranian centrifuge activity.

http://www.bigstory.ap.org/article/1...ke-constraints

Yes and No. To run a hardware, software is needed. Those are embedded software. Humans build software, which is prone to defects. No software is 100% foolproof or safe. It's just a matter of time before someone with the right or wrong intention finds out the vulnerability and exploits it. A cloud based system, say for example Facebook or Twitter is connected by internet. So, a guy sitting in Nigeria, proficient in his work as Grey/Black hat, would need just an internet connection to try and find out vulnerabilities. But how does someone exploit the centrifuges of an Iranian nuke plant which is not connected to the internet?

Most of the hacking that takes place, and that we hear about in news consists of a couple of exhaustive steps:
#1. Reconnaissance
#2. Scanning
#3. Gaining entry/access
#4. Maintain that entry/access
#5. Clean-up, i.e. covering tracks

Depending on the target and the attack mode, the list can add/drop/tailor a step(s).

Reconnaissance is the basic and the first step. Throughout. Spying/hacking. The guys who developed Stuxnet found out that the Iranians were using Siemens S7 PLCs. It's an embedded control systems software for running automated processes in chemical plants, refineries and nuke plants too. These PLCs are mostly controlled by computers, and Stuxnet was coded to look for a particular model of Siemens Simatic WinCC/S7 controller software (I don't remember the model name, as it was years ago). If it does not find a system running Step7, it does not do anything, it's then harmless. But, as soon as it finds one, it infects the PLCs and changes bits of data of the PLCs. Obviously Siemens did not know about this vulnerability and so the thought of patching it did not occur. To code Stuxnet, those guys would set-up a shell company and use untraceable money to buy the software and then go through months of reading the TAD, features and functions, source code and find a vulnerability.

Now that Stuxnet was developed, how to deploy it in the nuke plant, which is not connected to the internet. They used flash drives. Have you guys heard of the NSA bugging CISCO routers in between shipment from the production plant to their destination? It's something like that. Find out what flash drives people/scientists at the plant use. Which company? Distributor? Find out the last point in transit, and infect all of it. Rumor has it that India's INSAT-4B satellite failed due to a power glitch in the solar panels because of Stuxnet.

STUXNET was 40 megabytes.

Sir, the size is not 40MB, it's ~ 1MB. Flame was 20 times larger @ ~ 20MB. What is the context here?

That this could not be done without access to trusted domains to distribute the software.

It could, and it was successful. That was the whole point. Stuxnet was the John Travolta of worms. The Americans and the Israelis did not compromise the source code of S7, they merely infected it. Stuxnet's driver files used a valid signed certificate from RealTek Semiconductor and also JMicron Technology to fool the systems to believe the malware was a trusted program, both are hardware companies. But it was never revealed how it was done. Did they physically break into those companies and steal the certificates or remotely hacked them, no one knows. I personally think NSA maintains access to all fortune 500 companies and beyond that number, remotely.

Infected flash drives-->Computer with the control system in nuke facility--> Autorun and LNK--> passes on to other systems in the LAN.

its about context here as well. eg the majority of logic controllers that were targeted were data gate controllers, ie if recognised then continue with action. once you open some controllers the rest of the system is dumbed down to "if exist" actions

PLC's and the like were previously never regarded as threat vehicles because they were so innocuous. That's the primary beauty of transports like stux

and those PLC's are everywhere, they are not security devices in their own right, they are binary or staged gates where if information is packaged as expected, then they will pass them through to perform the task - there was no security testing at PLC because they were never seen as "proper systems"
those PLC's control everything from a security gate, to a timer, to a valve release, to fridges (where they've also been used to ruin whats been protected by the refrigeration system such as bacteria samples etc...). dams, power stations, sluice gates, cold storage, armouries, you name it, a PLC will be in there somewhere.
its the same analogy as watching your george foreman roaster cooking a chicken, the logic board accepts any actions as it assumes a safe environment as its regarded as a captive system. if you were able to hook up the roaster to an outside logic board, you could take control of the roaster and get it to turn on and off whenever you wanted, at whatever temps you knew that the thermistor worked on and all without triggering the user as the only visible element to the outside world is the timer. as far as you're concerned the roaster is doing its magic and you trust it to cook the chicken without shrinking it to the size of a quail and as black as satans heart.

its an oversimplification to explain the reason as to why stuxnet was so successful, but the principles are the same.

PLC's were never seen as a threat as they were benign gates. breach the forecourt and eventually you own the gate, when you own the gates you control what comes in or out and at a time and place of your choosing.

/\/\/\ Nice explanation. Also consider this, Siemens developed the first version of Simatic in 1958. And security testing was not taken into account by many corporate until late 90s, or more appropriately, seen as a necessary objective for industrial control systems. Threat perception was nil. Who would want to mess with the microwave I use to heat my food?

From yesterday's Wall Street Journal:

A United Nations report on the Iran nuclear deal hailed the country for keeping its nuclear commitments, while criticizing actions unrelated to its nuclear program that are seen as damaging to the momentum and spirit of the deal.

The 17-page report, timed around the first anniversary of the deal, was released Monday by U.N. Secretary-General Ban Ki-moon.

Mr. Ban pointed to Iran’s launches of long-range ballistic missiles and reports that it shipped weapons to Yemen and Iraq.

Read the rest at http://www.wsj.com/articles/u-n-iran...eal-1468933170