it was it was certainly a combination and i would be the first to say that it's work in progress. because it's not, it's not perfect, and there are things we continue to be unhappy about. some of them have been engineered, and we will have to all work some more. but we were lucky in several ways, unlike many of the countries in that part of the world. we did have a genuine and indigenous tradition of a democratic government before the second world war and the government that madeleine's father had come and so we have something to follow up on.

we just didn't start from scratch. we had the model of politicians a similar type of politician to havel, and intellectual writer, and morally as havel was. we had by communist standards a relatively healthy economy in 1989 and found it somewhat easier than the others to make progress. so altogether we did quite well but then there were times during which we did not do so well and that the countries in the region it as well or better. if you look at poland over the

last five or six years, that is a success story at the moment. if you look at slovakia, from the czech republic at the end of 1992 and many people saw that it would find it very difficult to make a go of it. it sometimes did better or as well as we did. i'm always careful about the first in the class thing because it's only if only last for so long. >> so let me, i think what is wonderful in michael's book are all the personal relationships and the stories, and i think it is kind of fun to recollect some of the personal stories that diplomat feels and president. you're talking of the 1990 trip. so i have come early with the general, and president clinton was going to come over.

and what happened was president havel had planned to give a saxophone to president clinton, but president clinton's mother had just died and so the question was, they're going to go to a jazz club and the question of whether that was appropriate or not. so we had dinner you and i am president havel actually a we debated about what we should do. so the plan was i was going back to brussels to get president clinton, and is going to ask him when we are coming in on air force one what he wanted to do and if, in fact, he wanted to go forward when president havel greeted me at the bottom of the stairs and they gave him a hug. i was supposed to give him a yes or no. solander point i did ask president clinton and he said no, that he would be very happy to do that, that it would be great. and then one of the really nice parts i have to say on that

trip warren christopher was coming in also and he said madeleine, he goes this is you were born i think it makes sense for you to go down the stairs with president clinton. in protocol he was outranked me. so we did come down the stairs and i gave a hug to president havel. i said yes. [laughter] it was great. so then we had all the meetings and everything and so then we did go to a jazz club that night and we walked across charles bridge and we went to the jazz club and president clinton was given a saxophone, and as usual he played my funny valentine. and then there was a great saxophonist that played with them. that's what havel got up and also this is limited he had no rhythm, because he had barack is

that he couldn't shake in any kind of shape or form. [laughter] anyway, he sat down to president clinton said you have no idea how hard it is to put a brand-new saxophone, it was one of those great evenings. and then when we had an official meeting, we went up to the castle. i've said this to a couple of times during this week, but it's a good way to include this is as we were standing there they played the star-spangled banner at the czech national anthem. which always brings me to tears because as we all know the star-spangled banner says land of the free and the home of the brave, and the title of the czech national anthem is where is my home? and when they played those two together and havel's influence always makes to put those two together. thank you all very very much for being here this evening. >> thank you. [applause]

>> booktv is on twitter. follow was to get publishing news, scheduled updates, author information and to talk directly with authors during our live programs. twitter.com/booktv. >> kim zetter reports on the stuxnet computer virus which was used to sabotage iran's nuclear operations. it's about half an hour. >> the book is called "countdown to zero day: stuxnet and the launch of the world's first digital weapon." the author, "wired" magazine reporter kim zetter. ms. zetter, what is or what was stuxnet? >> guest: stuxnet was a virus/worm that was used to attack iran's nuclear plant, and uranium enrichment plant. so the worm was designed to

manipulate the computers that control the centrifuges and speed them up and slowed them down in order to degrade the level of uranium enrichment and also to be somewhere enter on the centrifuges and destroy them. >> host: what was unique about the stuxnet? >> guest: the stuxnet was sophisticated. first of all i guess most unique thing is that this was a virus that was designed to physically destroy something. so in the past we would see malware that would steal passwords and credit card numbers but we've never seemed something designed to physically destroy a century leap out of the digital world into the physical realm and have kinetic activity. that was the first thing that made stuxnet unique. other than that it was sophisticated. it was designed to increase and slow the speed of the centrifuges. while it was doing that it also did this remarkable trick which was to make the operators of the

plant think that the operations were perfectly normal for so what it did was it recorded normal activity on the computers first and then a playback that normal activity to the monitoring machines when stuxnet was actually going to sabotage. that was something remarkable about it. one more thing was that stuxnet used what are called zero days, five and zero days to spread. is a vulnerability that is unknown to the software vendor so, therefore, no path exists. zero days didn't be fairly rare and they are also time-consuming and expensive to find for the vulnerabilities and also develop exploits for them. generally we see maybe one see what they used attack and this one used five. >> host: where and how was stuxnet develop and by whom? >> guest: well we believe it was developed by the u.s. and israel, and it was tested both

here in the u.s. and in israel. where and how, this was a process that took a number of years to develop. there were multiple teams working on a. we had to have separate teams working on the actual centrifuges to determine the effect stuxnet would have on them. so in that regard that requires materials scientists to examine the centrifuges, house beating them up would affect them how slowing them down would affect them. then you have a team that is looking at the controllers, the computers controlling the centrifuges and you need to find vulnerabilities in that and find ways of getting your worm onto the system and in the way that will hide it so no one can discover. than a third theme that was developing the spreading mechanisms, zero days and things like that. there were multiple teams a minimum of six months probably longer. the centrifuge research itself probably took a couple of years. and then it all came together around 2007-2008.

>> host: when you say the u.s., do you mean the defense department? >> guest: there are multiple agencies that worked on it. this would've been it's a covert operation, so getting the worm onto a system requires an agency that has covert authority. in that case we are talking the cia. developing a code like this of course requires really elite programmers. and so we are looking at the elite teams with the nsa the edward snowden document to point to a lot of activity of the elite teams that are designed to be deep espionage c&a computer network attacks. sort of an umbrella nsa and the military's. >> host: where did the name come from? >> guest: stuxnet was it was

dubbed by microsoft was looking at the zero days and finding patches for the vulnerabilities. they combined essentially two names of two separate files in stuxnet into one word. >> host: so private corporations were also participating in this, correct? >> guest: how so? and you use of microsoft was looking for the zero days. >> guest: in terms of examination and research for a post-attack. microsoft was working to help -- wasn't working to help design the tech but when the worm was discovered in 2010, multiple antivirus firms and security research labs were taking it apart. microsoft was focusing on zero days because zero days were in the microsoft operating systems and microsoft have examined them, figure out what the goal of those were and released patches for them. >> host: what was the effect of the stuxnet attack? >> guest: it had two different

what we call payloads. aside weapon from a digital open of two parts. it has a missile which is the kerry that gets it to the target and then you had the payload which is where the explosive end. stuxnet had to payloads and one payload was designed to close files on the centrifuges in order to trap the uranium gas inside the centrifuges. when that occurred the gas would condense and become more of a mess solidify. it would focus it features off balance, possibly making them crash but it would also deteriorate the rotors inside the centrifuges to the result of that would be destroyed centrifuges but also you would get wasted gas. iran didn't have a lot of uranium gas to work with so the more gas you can destroy or waste, the less materials that they have.

the second weapon was designed as i mentioned to speed up the centrifuges, and this would've been a more direct attack because the gas and the pressure that builds up over time, the second payload was speeding up centrifuges, reducing the speed. and again you get deteriorated during the the iranians would've expected a certain grade of enrichment at the end of the process, and they would have had a much longer grade of enrichment house of representatives so this was in 2010. has iran recovered at their nuclear process recovered? >> guest: remarkably it did. in fact, so a lot of the centrifuges appeared to have been destroyed around the end of 2009 early 2010. within six months iran had pretty much recovered from the.

they also started to increase the number of centrifuges in a cascade. praises the only a 164 cascade to a cascade is a configuration of multiple centrifuges. i increased the number of those. they increased the number of gas and ultimately they didn't come out too far behind where they would have been heading anywhere -- anyway had they been on track. iran program was set back by multiple factors not just stuxnet. over the years iran started enriching uranium at the plant in early 2006 or 2007. and it took from 2007-2010 for them to get up to speed. that was because there were other sabotage going on. they were also sanctions diplomatic efforts to halt the program. so there was a multipronged approach is to try to slow down the program. >> host: what was it like to try to research this? >> guest: it was a pretty

complicated book to write. i was trying to do multiple tracks. all of the politics around their nuclear history. i do look at the technical details around the worm itself what it is designed to do, what was significant about it. there were a lot of clues in the virus and worm i had sort of followed as trails. telling the story about the researchers. as much as want to tell the story of stuxnet i wanted to tell the story of the security community and the intricate and complex labor that goes in responding to attacks like this taking them apart and what they do. >> host: was stuxnet consider successful? >> guest: it was considered successful by many because there were estimates that iran would've had enough enriched uranium to build a bomb. if they choose to build upon.

there's still evidence that was the course iran was going in. they would've had enough uranium enriched by 2010. that was the estimate. and afterwards they were estimates that they have been pushed back about three years. those with the estimates of the u.s. state department and some others. again, it really depends. i think the western intelligence agencies have not had a firm grasp on the nuclear program in iran. like i said there's still no hard evidence that iran was headed in the direction of building about. there's a lot of conflicting information about that. in terms of no help for a long iranian interested program was there's also some guessing. >> host: were you able to discover or figure out the cost of developing stuxnet? >> guest: this would've been several million dollars at the least. we are talking about the testing.

you have to build a plant for the testing. a lot of testing on the worm itself to make sure that when he gets on a system it doesn't conflict with anything on the system and expose itself. they had to make sure also that stuxnet was going to damage any of the systems they count on. stuxnet had a very narrow configuration so that although it would spread to any windows computer, it would only unleash its payload on a system that met our that matched a very specific configuration. to do that you've got to do a lot of testing to make sure that the worm isn't going to cause problems on the of the system that it is spreading to. the way stuxnet was discovered is it was crashing some machines had been. regardless of all the testing that they did, there was something that they missed and caused it to get expose. >> host: kim zetter, four years is a long time in the tech world. has there been a stuxnet 2.0 version developed yet

transferred we assume there is. just in a way that stuxnet remained still for about three years we assume there are other things that the we don't know about. you can sort to get ahead with the edward stout documents the level of activity that is occurring in these both espionage programs and cyber offense programs, the ones they're doing attacks. there's a lot of activity and a 40 of activity. what stuxnet show does however was the rules of engagement for this were not completely formula it would stuxnet was released. we are playing catchup nikon forget what are the rules of engagement for how and when literally something like this. i think i slow down the use of at least attack weapons. there've been people who've told stuxnet was the first that was unleashed precise because of the legal issues around it and also the concerns of collateral damage. and it was kind of the proof of

concept to show something like this is possible but i don't know that for sure. i'm assuming there are other weapons that have either been unleashed or have been developed. >> host: would you consider this a stuxnet attack a form of cyberwar for? >> guest: this is the first assembly of up cyberwar for. i know people use the term a law. the user for the ddos the tax in georgia against estonia. and those don't really reach the level of august and cyber warfare to be. or war for in general. -- warfare in general. stuxnet would often as the first digital weapon and an excel of cyber warfare attack. >> host: we often hear from generals at the pentagon that cyber warfare is the new frontier. how threatened are we here in the united states by this? >> guest: well how vulnerable we are very vulnerable to any country that is very connected

in a way that the u.s. is on computer systems for critical infrastructure, all of our critical infrastructure is running on computers. what stuxnet showed, this was an attack that happened on computers that were not connected to the internet to they had to devise a method for spreading on the usb flash drive. that shows even if you have critical infrastructure system from internet, attackers will still find a way to get onto your system and can still destroy it. it's unclear to the extent, there are a lot of estimates of sort of a cyber pearl harbor that what happened in the u.s. but i will do anyone really knows at full capacity of what could happen because we don't know how things are connected. that's the danger of cyberwar for is when you unleash a weapon like this it's not the damage isn't geographically finite in the with the most weapons are. because everything is connected

and civilian systems are connected to military systems, it's hard to determine in advance the route that your weapon will take and the extent of the effect or influence that might have on other systems that you don't expect. >> host: did you book have to be vetted country know, it was not. >> host: to give sources inside cyber warfare within the government? >> guest: i won't talk about my sources but there's a lot of people i spoke with who have past experience in developing the program for central operations passionate essential operation and use. that program began probably in the mid 1990s 1996 1997. so it didn't initially start out with a tactic a start out in the defenseman. the defense department realized hope global u.s. systems were and they started to divide a

method for defending systems and they realized of course if our systems are vulnerable to attack and also our enemies systems are vulnerable to attack if it opened up this whole realm of new possibilities. >> host: are there other cyber warfare offensive attacks that the u.s. has committed that perhaps are not as publicized as stuxnet was? >> guest: well, you know, if we are determining cyberwar for, i don't think that we can categorize anything else as cyber warfare. there has been cyber offensive operations. those operations can be sort of taking out a monitoring system. so, for example, when israel went into syria to bomb a suspected nuclear plant there, there are reports that the radar systems were taken out. you can do that this sort of electromagnetic electronic

means that are not necessarily digital means. but in this case there are reports that in addition to that, those kinds of needs, the were some computer attacks that were done from airplanes. it would've been air to ground attacks digitally. >> host: kim zetter, what was israel's role in developing stuxnet? >> guest: it simpler specifically which groups did what. there some suggestions that israel was obviously helpful and gathering intelligence for the development of this. also that they might have had more of a role in the spreading of stuxnet perhaps zero days came from israel. this is sort of a bone of contention because the zero days or in part of got it caught because of spread widely. like i said stuxnet would spread to any windows computer but the

payloads to specific configuration. stuxnet spread to more than 100,000 commuters around the world and it did so because of the zero days that were added to the zero days were not in the first version but they were added to later versions. they're so bones of contention about who's really responsible for that. >> host: what about other countries, are they conducting this type of cyber offensive? >> guest: yes. so that when many countries, more than half a dozen, but have developed cyber warfare programs and capabilities. russia china the uk. there are a lot of countries that have announced plans to develop the iran has announced plans to develop its own. obviously, israel. so there are a lot of countries playing catchup at this point. stuxnet showed the viability of using a digital attack as an alternative to either diplomacy or kinetic warfare. so it opens a lot of possibility

and it levels the playing ground because actors who ordinarily don't have the resources or the skills or the equipment to launch a physical attack against an enemy can do can do it for much cheaper, a digital attack. >> host: do you know have a flash drive got to the iranian computers? >> guest: there are a couple of possibilities. one is that it was there are contractors that work there and the belief is that the contractors were infected and that they became unwitting accomplices in sort of carrying the worm into the protected facility. there are other suggestions that there might've been some insiders who helped and assisted in planting it your there are two versions of stuxnet. the first version like i said doesn't have zero days so it seems to indicate that there was some