That kind of notation, called SCCS/RCS, is the equivalent of finding a rotary phone in a modern office. Nobody uses it in 2005 Windows kernel code unless their programming background goes back decades, to government and military computing environments
—
The astrophysics lab I worked at in 2006 was still using svn and had a bunch of Fortran with references to systems from the 70s and 80s. The code ran perfectly well thanks to modern optimizing compilers and having moved from Vax to Linux in the 90s, it was a surprisingly seamless transition.
It reminds me of a conference talk I’ve referenced before “do over or make due” basically implying rewriting large amounts of mostly functioning code was not worth the effort if it could be taped together with modern tools.
Yeah, I used to be skeptical of the government provenance of things like Stuxnet (I am not any more, I'm fully sold, like everyone else), and notes like this were why. People used RCS well into the 2000s! RCS as a tool had virtues over SVN and CVS.
I do wonder if these breadcrumbs were also left intentionally. “Oh look, we are using old stuff, don’t be afraid!” Or for some other reason. It is a little surprising to pull off such a sophisticated attack and miss details you could find running ‘strings’ unless I’m missing something and this part was encrypted.
I think that in the time period we're talking about, RCS wasn't really even all that old. Like, RCS is old, sure, but it was also in common use especially by Unix systems people; it's what you might have reached for by default to version your dotfiles, for instance.
Yes, but even back then I was aware of the sections in executables (wasn’t this where it was found?) and any neckbeard from the 70s and 80s might be even more so aware. That said, yeah, sure, it’s a very possible and understandable oversight, but I’m weary because of all the text in viruses and such as indicators. Seems like a pass over ‘strings’ would be obvious. Though. TIL, strings doesn’t necessarily scan the entire executable.
This is an amazing find. I'm very curious regarding the specific targets of these rules, and in the exact changes to the results. Wonder if they will only make a difference in simulated conditions super specific to nuclear reactors?
Thank you for sharing this. I was recently pushing the limits of precision computing and this illuminated a part of my research. It built on top of largely government funded research, where I found a surprising dearth of available precision frameworks with verification. Perhaps national security interests, as elucidated by the original poster, discourages transparency of methods for arbitrary precision calculations.
Haha it's a fun finding though; The source control comment feels a little off; I'm sure there were SCCS (hmm or did cvs use similar?) still around at that time.
I believe that comment was specific to it being unusual in Windows software, suggesting the developers were also working in UNIX stuff (where usage SCCS/RCS was common).
None of the science being sabotaged was being published in peer reviewed journals was it? (besides the Portuguese hydrodynamic modeling stuff, but it could have been accidental or had other uses)
And yes, to be clear, I don’t consider it contributing to “science” if it’s not published, reviewed, and reproducible.
I’d be surprised if it were a lot. At that time (open to corrections) not a lot of scientific research was done on consumer intel platforms.
Obviously it was found by a mathematician, but I still suspect it wasn’t obvious in published research or that it ended up not causing significant enough deviations to cause research to revisit the calculations.
My team ran into some interesting but very small deviations when we moved our iterative solar wind model from 32 bit to 64 bit, but the changes weren’t significant enough to revisit or re-do prior research wholesale.
Like my team in the 2000s I suspect anyone who had data crunched by this bug also revisited it and either concluded it wasn’t significant enough or redid the work and it didn’t change the conclusions.
I am curious now if this bug was cited in any papers at the time to give a rough idea how aware or affected academics were.
I was about to respond saying what a terrible article it was, as it reads as if the author has no idea what he was talking about. Attempting to paraphrase the original article would explain it.
That kind of notation, called SCCS/RCS, is the equivalent of finding a rotary phone in a modern office. Nobody uses it in 2005 Windows kernel code unless their programming background goes back decades, to government and military computing environments
—
The astrophysics lab I worked at in 2006 was still using svn and had a bunch of Fortran with references to systems from the 70s and 80s. The code ran perfectly well thanks to modern optimizing compilers and having moved from Vax to Linux in the 90s, it was a surprisingly seamless transition.
It reminds me of a conference talk I’ve referenced before “do over or make due” basically implying rewriting large amounts of mostly functioning code was not worth the effort if it could be taped together with modern tools.
Perhaps you meant cvs? Subversion was released in 2004 and git appeared in 2005.
[1] https://en.wikipedia.org/wiki/Assassinations_of_Iranian_nucl...
And yes, to be clear, I don’t consider it contributing to “science” if it’s not published, reviewed, and reproducible.
Obviously it was found by a mathematician, but I still suspect it wasn’t obvious in published research or that it ended up not causing significant enough deviations to cause research to revisit the calculations.
My team ran into some interesting but very small deviations when we moved our iterative solar wind model from 32 bit to 64 bit, but the changes weren’t significant enough to revisit or re-do prior research wholesale.
Like my team in the 2000s I suspect anyone who had data crunched by this bug also revisited it and either concluded it wasn’t significant enough or redid the work and it didn’t change the conclusions.
I am curious now if this bug was cited in any papers at the time to give a rough idea how aware or affected academics were.
This comment is very exaggerated, I can think of a few more "morally corrupt" things to do.
But indeed many more details in the link you shared. Thanks for posting this!
This LLM style of writing has had it's day.
(@dang - consider re-pointing to this?)
The current article is hard to read
This one has some additional details, based on a talk given by one of the authors.
I was about to respond saying what a terrible article it was, as it reads as if the author has no idea what he was talking about. Attempting to paraphrase the original article would explain it.
Edit: Old link for those wondering, since it got changed: https://hackingpassion.com/fast16-pre-stuxnet-cyber-sabotage...
https://www.theregister.com/2026/04/24/fast16_sabotage_malwa...