User reviews

Zero Days is an important documentary devoted much needed attention to the issue of cyberwarfare, focusing on a case study of the Stuxnet attack. It provides a behind the scenes take on the discovery and the development of the virus, as well as the political developments that caused it to spiral out of control.

Alex Gibney does a good job of explaining the technical aspects of the computer virus, as well as the political context that spurred the United States and Israel to develop the computer virus. He assembles a good cast of interviewees from various perspectives on the issue. Although Gibney has a definite viewpoint, he gives both sides of the question a hearing.

Although I had previously watched news coverage dealing with Stuxnet, this documentary goes far more in depth, making good use of inside sources within the NSA. In particular, Gibney examines the split that emerged between the United States and Israel over the use of the virus, ultimately culminating in a near disaster. The film provides a disturbing warning of how the American and Israeli governments have potentially opened a Pandora's box.

This film is important viewing that should be seen by everyone interested in current events or concerned over the implications of American foreign policy.

This documentary about the Stuxnet worm that attacked Iran's uranium centrifuges tries to get at the truth about who was behind the attack. The movie shows interviews with a lot of high-ranking people who either won't talk or who will only comment about very public information. The facts are that Stuxnet was a large and very sophisticated computer virus, ultimately capable of infecting any Windows PC but it only activated inside of very specialized equipment: one brand of programmable logic controllers attached to a very specific configuration of machines. The target pattern matched Iran's uranium enrichment facility.

The movie's point is that, like the Trinity atomic test in New Mexico in 1945, Stuxnet has let another genie out of the weapons bottle. This genie is cyber weapons that can strike anywhere on the planet essentially in an instant.

If that makes you nervous, then the movie has met the filmmaker's objective.

"Zero Days" conveys two messages. The broader one, though hardly new, bears repeating and applies as much to advances in medical science as to war. In a hypercompetitive world, it asks, when do we decide not to pursue innovation and hold back for the greater good? Has technology outrun our capacity to control it?

The new weapons of warfare (specifically computer viruses) and the climate of secrecy and legality, in which such weapons are used are excellently portrayed in this documentary. Experts of high standing from both the intelligence and cyber security communities have been interviewed and their insights and opinions wonderfully woven together to tell the story of the most complex stealth- like computer virus to have targeted very specific critical infrastructure to date, aka 'The Stuxnet' virus This documentary covers new ground in documentary film making and uses the Stuxnet virus as a platform to explain many of the complexities, secrecy and politics involved with international cyber warfare and the dangers and to some extent morality of it. Essential informative viewing without doubt!

Great documentary. Very informative and enlightening (not for the Pixar crowd). Very honest and surprisingly propaganda-free. The film maker went to great lengths to find credible, knowledgeable and highly qualified people to interview for this topic. Kudos.

"To make a documentary on such a complicated, far-reaching subject and maintain a common-sense perspective requires formidable organizational skills and a steady narrative hand to keep the movie from straying into any number of theoretical byways. It takes the imagination of a science- fiction writer to make it coherent and entertaining enough to hold your attention. Mr. Gibney has demonstrated all of these qualities..." Stephen Holden, The New York Times.

Saw this at the Berlinale 2016, where it was programmed as part of the official Competition section. I have to start with a full disclaimer, by confessing that information security has been my full time occupation for at least 25 years. As such it was not my intention to learn something new when viewing this documentary about the infamous Stuxnet worm, jointly developed by Israel and US, targeting Iranian reactors and obstructing the production of nuclear material. Yet I'm very interested in each and every vehicle (movie, book, newspaper article, whatever) to make non-IT people aware of the issues at hand, if only to provide material for an open debate about the pros and cons of "cyber warfare" with much wider implications than the average layman realizes.

As observed with previous movies about IT-related issues (WikiLeaks, Snowden, Steve Jobs etcetera) it is very difficult to sit it through while being (like myself) someone who worked in IT all his life. We saw numerous fragments of Assembler, flashing lights from network equipment, heavily populated cable bundles, and many screens showing various sorts of abracadabra, all supposedly intending to look technical for an average layman. Another problem is that several talking heads ducked when asked specific questions about Stuxnet, the latter being the main topic of this movie. Most of them had the usual excuse *Even when I knew about it, I cannot elaborate". Luckily, we heard not once the excuse "I can tell you about it but after that I have to shoot you", usually intended as a humorous escape from hot questions without appearing offensive or overly defiant. Several high ranking officials only wanted to speak out in general terms, thereby avoiding Stuxnet and other concrete projects, by explaining what they found wrong, especially about the secrecy that most found exaggerated and unnecessary. As such, their contributions were still useful, albeit not exactly touching the subject at hand.

Nevertheless, I heard a few new things I had not thought about yet. Firstly, Stuxnet was not designed to become so visible as it did. People at the NSA were furious when seeing that Israel extended v1.1 of the software to be more aggressive, making it spread and allowing it to surface, while that never had been the intention. The net result is that other countries may find justification to counter with similar software, now the US has provided for a precedent. Secondly, many people in CIA and NSA express their concerns about over-classification, preventing an open debate on future policies and rules of engagement in cyber space, like similar rules developed in the past for army, navy and air force. Cyber weapons are the fourth category, and it may take 20 to 30 years to create clear rules and policies for it. Lastly, the net effect that Stuxnet had on Iranian nuclear program, has proved to be negligible in the long run. There was a noticeable dip in the production statistics, but it triggered Iran to invest extra in centrifuges. An extra side effect was that Iran invested in cyber powers of their own, by attracting talented people on this field of expertise. As of now, it looks like they succeeded in overpowering the western world in this so-called cyber war. In other words, due to Stuxnet we lost our head start, and it is doubtful we will ever regain that.

There was one talking head with distorted voice and face, who appeared many times throughout the story. In hindsight, she was reading collected texts from several people working in NSA, CIA etcetera, all of them having useful insights on the matter but unable to come forward. Being reasonably versed in these issues, I am of the opinion that these texts sound genuine and seem to really come from people with intimate knowledge, which would otherwise be kept from the public. One example is that they internally made fun about "air gapped", the common defense against infections from the outside. They knew several ways to get over this obstacle, e.g. by infecting vendors responsible for installing and updating software in the plant, more or less working like so-called watering hole attacks. Reading these texts as done here, was an artificial but necessary addition to the documentary. In a final scene the one reading the texts revealed herself as an actress who had no personal involvement in the issues, but was effectively used as a vehicle to get this information across. During the press conference organized by the Berlinale it was explained that this was the only way to obtain and release this information, if only to protect the sources since harsh policies have been issued to deal with information leakage.

All in all, I'm not sure the message will land where it should land, namely with non-IT people who should know about the implications of "cyber warfare", having an impact on our future that cannot be underestimated. I don't think that a documentary that takes nearly 2 hours, will achieve said goal. Nevertheless, I applaud every honest attempt. The documentary is well made and tries to present a balanced view on the matter. Well made, but probably shooting over everyone's head and defeating its well-intended purposes.

This was one of the most enlightening documentaries I've seen in recent years; it was also one of the most disturbing films I've seen in a long time. I had no idea how far into the age of cyberwarfare we already are, and how serious the consequences of this kind of conflict already can be. If you're a conspiracy theorist or otherwise prone to paranoia, don't watch this - but if you want to learn some of the darker secrets most government agencies try to shield our fragile little minds from, and if you want to know some hard truths about what's possible and what's already happening in terms of cyberattacks, I highly recommend this excellent documentary. 9 stars out of 10.

Favorite films: IMDb.com/list/mkjOKvqlSBs/

Favorite TV-Shows reviewed: imdb.com/list/ls075552387/

Lesser-Known Masterpieces: imdb.com/list/ls070242495/

Favorite Low-Budget and B-Movies: imdb.com/list/ls054808375/

This two-hour documentary released Friday, July 8, and playing in selected theaters and streaming online, traces the history and consequences of Stuxnet, a sophisticated piece of malware unleashed on the world in 2010. Before you yawn and click away, there's an important feature of the Stuxnet worm and others like it that makes this story of vital interest to you. Stuxnet was not designed to invade your home or office computer, but to attack the industrial control systems that manage critical infrastructure. These systems make sure trains and airplanes don't crash, control car and truck traffic, maintain oil and gas production, manage industrial automation, ensure you have water to brush your teeth with and electricity to run the coffee maker, keep life-saving medical technology operating, and, of course, give you access to the internet. Cyber-attacks on these systems cause real-world, physical destruction, even widespread death. Behind the Computer Screen The Stuxnet story—still highly classified, but revealed over time—began with an effort by the United States and Israel to thwart Iran's ability to produce nuclear weapons by destroying centrifuges at the country's Natanz uranium enrichment facility. The software was diabolically clever, virtually undetectable, and essentially untraceable. In theory. The fact that it was a Zero Day exploit--that is, that the attack would begin before the software problem was discovered and attempts made to fix it or shut it down--and that the Stuxnet code contained not one, but four zero day features, was remarkable. Once it was inside, it worked autonomously; even the attacker could not call it back. The Israelis, apparently, were impatient. They assassinated Iranian nuclear scientists, and they changed the Stuxnet code, and it spread. It ended up infecting computers worldwide, at which point it was no longer secret, people were looking for it, and the Russians and others found it. "Israel blew the (malware's) cover and it could have led to war," the film says. Another consequence is that the day when something similar can be unleashed on us grows ever closer. It will come from one of three sources: • Cybercriminals, in it for the money • Activists, intent on making a political point or • Nation-states seeking intelligence or opportunities for sabotage. U.S. security agencies are not complacent. While they talk publicly about our cyber-defenses, in fact, there is a large (unexamined) effort to develop offensive cyber-weapons. There are reports of an even more draconian cyber-weapon embedded throughout Iranian institutions. Warding off its activation is believed a primary reason the Iranians finally struck a nuclear agreement. Certainly it prompted the rapid development surge in Iran's cyberarmy. In putting this story together, writer and director Alex Gibney interviewed former high-ranking U.S. and Israeli security officials, analysts from Symantec who teased the code apart, personnel from Russia's Kaspersky Lab, and many others, including CIA/NSA/DoD officials unable to speak on camera. "Fear Does Not Protect Us" The documentary makes a persuasive case for who holds the smoking Stuxnet gun, but it also suggests that finding fault is not the primary issue. The climate of international secrecy around Stuxnet—and the inevitable clones that will follow—makes an open discussion about them impossible. Nor does it allow development of rational strategies for managing the risks, regardless of how urgently needed those strategies are. Cyber-risk management will never be easy, but as one of the film's experts points out, "it will never happen unless you start." The subject is "hideously overclassified," says Michael Hayden, former director of both the NSA and CIA. (The climate of secrecy is so extreme that even the U.S. Department of Homeland Security cyber team was unaware that Stuxnet originated across town and spent countless resources trying to track it down.) We, of all nations, need this debate, because there is no more vulnerable country in the world, when it comes to systems' connectedness. "Evil and good live side by side," says an anonymous agent of the Israeli intelligence agency, Mossad. Keeping secrets is a good way to prevent being able to tell one from the other.

I watched the BBC Storyville version of this film, which appears to run about 20 minutes or so shorter than the feature currently in cinemas; not sure what was lost in that, but I mention it for context. At the start of the film we have several talking heads who refuse to even respond to a question regarding the computer virus/worm which attacked Iran's nuclear centrifuges; this opening sets the stage for a documentary where a lot has to be pieced together, or cannot officially be known, but yet manages to do it in a way that gives the viewer a broad view, with enough detail to aid understanding, but nothing likely to lose you (I say this as someone who can setup his wifi but not much more).

The film starts after the fact and works backwards. In doing this it allows to do enter the subject via the security companies who found this virus and started trying to figure out what it does. This is done in a way that is engaging and accessible, even though you are talking about guys reading screen after screen of code. From here the film starts to draw in the politics, to explain Iran, and as it does this, the pieces fall into place – just as they did for the security guys. This framing helps make the film clear to follow, but also builds the tension in the film as we go from the unknown, to the understanding, and then are left with what it means for the road ahead.

The film's ending doesn't really do a good job of leaving us with that chill (I think the drawing in of the Iran deal didn't really work), but mostly it still does leave the viewer thinking about how much could go wrong if key infrastructure elements were switched off or controlled to do harm. Watching it a few days after the inauguration of Trump only makes it more chilling, since the only time I have heard him speak about this he said "So we have to get very, very tough on cyber and cyber warfare. It is — it is a huge problem. I have a son. He's 10 years old. He has computers. He is so good with these computers, it's unbelievable. The security aspect of cyber is very, very tough. And maybe it's hardly doable". Hardly oil on troubled waters.

Once you go beyond the automatic dislike of computer screen hexadecimals turning into beautiful 3D animations, which is the norm in all popularizing documentaries, you can see not only how interesting the story is and how well the film is done, but how much effort came into the gathering of the information in it.

This two hour film describes how Stuxnet changed the world, first from the eyes of malware researchers and how they discovered the worm and how they started to analyze it and realize how advanced it is and what it does, then goes into the political realm, describing how the US and Israel did this to Iran, then narrows down, showing not only how this was something the US did to prevent the Israelis to do even worse things, but how Stuxnet came back to bite its creators in the ass. In the end we are shown the true reality of a world in which anyone can do horrible damage with no attribution while the security institutions keep everything secret and out of public discussion and decision.

A very informative movie, filled with useful tidbits, showing the story of Stuxnet from start to end and to later consequences, interesting to both technical people and laymen alike. Well done!

If you think this will enlighten you about the technical details of the so called stuxnet attack. Think again. This movie is more like an attack on America and Israel. Iranian professional lobbyist and a critical American so called NSA spokeswoman (with a stupid digital appearance) all have a field day in this film. The NSA woman is almost silly in the obvious script she follows in her "interview". The movie just drags on an on and on. It repeats itselt and stumbles on political standpoints and Political correctness so much as it forgets to really tell the story about the ICT and software side that was so important about the so called stuxnet. If you really are interestet in the stuxnet please see the seminar for Google people by Carey Nachenberg instead. That gives you the real story without any politics.

This is an amazing documentary, specially when you understand that no one really wants to admit any involvement, and no one really has the full knowledge of understanding how it can be used, without the boomerang effect.

Ultimately, you may come to the conclusion to better shut down all nuclear weapon sites, because they may well go off in our own hands, when they would try to launch them.

Ultimately, I come to the conclusion that cyberwar possibilities might finally lead us to a peacefull planet, because every big country has the ability to destroy the entire economy of any big country, within seconds, with an usb stick.

And it's the first time the USA are afraid, really afraid of Russia, China, Iran, India, Pakistan.

I would like to say, so it answers a few of you that posted here, I am NOT an IT person nor do I know much about pcs other than the average stuff.

I was captivated throughout this movie, loved the little surprise at the end with the NSA "agent". I didn't know about this attack, if i did hear about it back then, it went right over my head so I am happy to have seen this movie and will get to bed a little less naive tonight. Totally enjoyed that it tried to include many facets of this story, from politicians to actual cia/nsa and other agencies, in 3 countries. Opens a debate about future policies, shows how relatively easy it is to tear down a country(not fiction anymore like too many still think) and more. Someone suggested that the politics don't have room in this story LOL, how stupid a comment, this story is all about the politics behind it.

I liked it also 'cause it shows how the US Gov, interferes with other nations and then complains when it bites them in the ass down the line. a story within a much bigger story, hence why I think this movie or story would not be of much interest if we didn't see the politics that created it. The tech stuff is easy to understand even for someone like me that is no more than an avg joe, last time I understood computer language was on my commodore-64 back in the early 80's(basic).

I think this movie will please many people for diff reasons. I wish all the Obama/Hillary lovers I read on FB posts would watch this movie and be better informed with their comments :o) Reasons why I really liked this movie: I love real life stories almost every time. I like conspiracy theory stories, I like when the US gov is shown for what it truly is(not often enough), Not sure what is the x-factor but there was one for me watching this movie, I was captivated from beginning to end, Kudos to all involved in the making of this film/documentary. Was made in a way I had not seen before, can't quite put my finger on it though.

An excellent documentary that dives into the murky and complicated subject of the stuxnet computer virus that attacked iran's nuclear program. As rich a subject as that is, director Gibney does not confine things to just that, and shows us how, like the malware itself, the subject stretches out and touches on a lot of major issues. There are fascinating interviews with a lot of major players, and it provides an excellent - and troubling - look at the hidden world of nation-states attacking each other's computer systems. The use of the "composite character" is no doubt controversial, but I think it is used here in a legitimate way.

Chilling insight to the vulnerabilities of the cybercentric society in which we live today, government included.

Screenplay...................................... 7 / 10 Interviews........................................ 7 Visuals................................................ 6 Sound................................................... 5 Editing................................................ 5 Music....................................................... 5 Timeless Utility................................. 6 Total.................................................... 41 / 70 ~= 5.9 (rounded to 6) Verdict................................................. Informative / enjoyable.

14min - Mr Robot but real. Can't get enough of it already lol

18min - Mr Robot was definitely

1h 12min - makes you think... I watch this in 2023 and you can only imagine how it all had to advance... Not to even

mention A. I. damn...

1h 51min - a must watch for every single person on Earth/

An invisible war. Hopefully it is an invisible peace/

Well I still need 238 characters because of the stupid requirement but hey... hopefully you are healthy and happy enough to enjoy simple things in life. All good to you and your family. Still need 50 characters so all the best in new year whatever it may be/

Alex Gibney wrote and directed this most disturbing documentary examining claims of American/Israeli jointly developed malware Stuxnet being deployed not only to destroy Iranian enrichment centrifuges, but also threaten attacks against Iranian civilian infrastructure, while drawing our attention to the obvious potential blowback of this possibly being deployed against the US by Iran in retaliation.

The 'cast' is a collection of the most famous leaders throughout the world, along with those in high positions in security,as well as reporters. The clips of moments from televised meetings and speeches underline the validity of the concept, but the single most impressive 'character' is a voice-disguised, face disguised-woman who speaks in a raw contemporary manner, underlining the important points the documentary is making. Her 'identity' is revealed at the end of the film.

Cybersecurity - a term that is becoming more frequently used in today's world - is something that now indicates the possibility of malware war (cyberwarfare): destroying countries with a virus that can wipe out power, communication, finances - lives! This is the takeaway from this documentary: the facts about the American/Israeli creation and use of the virus Stuxnet have been before the public for several years now. But It is the possibility of the use of created malware as a war tactic that makes us gasp.

If you are doing a doco for general viewing, you have to assume people do not knowvthe background, this one starts on the assumption you know all about Stuxnet and what happened. It then goes into full conspiracy mode with dark lighting and wierd voices etc etc.

The story was interesting enough without all this nonsense just tell it, but no we to wonder what point is there as most people would have been totally confused by 15 or 20 minutes in.

Go watch some UK BBC docos and learn how to do it properly. Sigh.........

I appreciate all the reviews, but "Sponsored by Iran?" went deeper, with a more evaluative/critical eye. It seems a huge problem today is not Getting information, but discerning the information and it sources. So, Thank You for spotting the assumptions made by the film makers and the potential bias. AND for suggesting another source to go to, so we can easily compare for ourselves. So important to do!