Talk-Polywell.org

What idiot connects crucial facilities like these to the internet?

Skipjack wrote:What idiot connects crucial facilities like these to the internet?

You'd be surprised.

I teach network systems security and computer forensics, and quite often wonder how public and private sector alike, can be so reckless with their systems.

Looks like too few are able to learn without getting beaten a few times first.

and when you build the network to restrict access, users will blindly bring in wireless routers to get around security, because they just can't get through the workday without websurfing. Even when they've signed off on not doing so. The worst offenders will often be in management.

Then get them a fracking netbook that is not connected to the secure network to do their surfing!
Idiots, gooosh

You're talking way too much common sense now. Most users see network security as an encumbrance to be circumvented. Even when provided with access to a separate unsecured network they'll still want the convenience of not switching over.

You're talking way too much common sense now. Most users see network security as an encumbrance to be circumvented. Even when provided with access to a separate unsecured network they'll still want the convenience of not switching over

Well, it is also a matter of not just making this a rule, but also enforcing it.

Skipjack wrote:What idiot connects crucial facilities like these to the internet?

Barack Obama is from Chicago isn't he? Must be something up there that makes people stupid.

Skipjack wrote:What idiot connects crucial facilities like these to the internet?

Actually, to give you a fair answer, much of the modern day *SCADA system equipment is hooked to the internet for the purpose of allowing an off site expert to fix and resolve problems with it, or to implement other changes to the software. Not too many people on many sites know how to do the programing. They just operate the equipment.



*Supervisory Control and Data Acquisition.

Diogenes wrote:

But you support their right to protest correct?

Actually, to give you a fair answer, much of the modern day *SCADA system equipment is hooked to the internet for the purpose of allowing an off site expert to fix and resolve problems with it, or to implement other changes to the software. Not too many people on many sites know how to do the programing. They just operate the equipment.

The do savety by obscurity. Only connect to the internet in the case that it is neede and be offline most of the time. Unless you have hackers wait for months for that short opportunity window to get in there, they wont get in.

Skipjack wrote:

Actually, to give you a fair answer, much of the modern day *SCADA system equipment is hooked to the internet for the purpose of allowing an off site expert to fix and resolve problems with it, or to implement other changes to the software. Not too many people on many sites know how to do the programing. They just operate the equipment.

The do savety by obscurity. Only connect to the internet in the case that it is neede and be offline most of the time. Unless you have hackers wait for months for that short opportunity window to get in there, they wont get in.

You mean obscurity by security? It's common practice, but really to prevent unauthorized devices on one's network why not implement 802.1x with radius server. This significantly reduces the risk of exploitation.

Skipjack wrote:What idiot connects crucial facilities like these to the internet?

There appears to be quite a few idiots who think that is a good idea.

http://www.ecnmag.com/Blogs/2011/11/Sma ... Security-/

ScottL wrote:

Diogenes wrote:

But you support their right to protest correct?

Yes, if that is what they are doing, about which I have some doubts.