arstechnica is taking the NY Times article and extrapolating too much. Confirmed? No it's not. It was suspected before, and it still is.
And lost control would imply they could not control what it did to the target, which is incorrect. It did escape to the wild, but that's not really loosing control when it was designed to do nothing harmful on non target machines.
Unless David E. Sanger is a new Jayson Blair, I'd say the connection is confirmed, not just suspected. There are no weasel words in the article, meaning both the journalist, his editor, and NYT are putting their reputation at stake. This is as strong as a newspaper story gets.
Is it really true that "someone published in a newspaper said so, therefore we can rely on its being true"? I don't think so.
Hard data, credible sources are what make a strong newspaper story - not a convenient message from someone who would be embarrassed if the story were untrue (something which is at least as hard to disprove in this case as it is to actually prove)
Depends on who "someone" is, what the "newspaper" is, and what was said with "said so".
In this case "someone" is a double Pulitzer Prize winner, and what was said was something of a nature that means the editor in any reputable newspaper will demand hard evidence, i.e. he will have the names of all the sources, and confirmed with at least some of them. If the story is a fraud (possible, look up Jayson Blair), the editor would have to be in on it, and it would be a larger scandal than the story itself, which really just confirms what everybody already suspected.
The story is as good as investigative journalism gets.
And yes, reputation matters a lot in journalism. Jayson Blair is a life coach today.
Reporter's sources need a right to remain anonymous if journalism is to unveil important crimes. While it is not hard evidence, an article by a respected reporter on a respected publication is, normally, to be trusted. He probably has sources, but he can't reveal the in order to protect them. He trusts them enough to bet his reputation on what they say.
It's a sketchy system, but it's the best we can get if we want journalism to remain investigative (though we may already be losing that battle).
So... someone involved is going on the record? Someone who can do interviews on, you know, Fresh Air and say "I was involved in this project"? The fact that the NYT thinks it's true doesn't mean much, particularly since they've been punked so many times.
Reporters make up unnamed government officials all the time. While I agree the scenario they're painting isn't difficult to believe, calling it "confirmed" is going too far.
And you don't understand the different meanings of control. Controlling as in "issuing commands" is different from controlling an event. As far as I know there were no actual commands being given to Stuxnet. It was made for private networks how could there be?
And lost control would imply they could not control what it did to the target, which is incorrect. It did escape to the wild, but that's not really loosing control when it was designed to do nothing harmful on non target machines.
Better to read the original, and the discussion on it: http://news.ycombinator.com/item?id=4052330