Comment This is news? (Score 1) 104
16 years ago I worked on/developed industrial control systems and the fact this industry hasn't moved anywhere on the security front is not surprising. At the time development was still 1970s-80s style, save the punch cards. Most of the software developers had never learned structured programming and would still argue against it a solid decade after their mainstream ilk gave up the fight. Their code style was pure 70s at best and pure chaos at worst when written by the EEs. The newest code was all written in a language that I thought was already in the dustbin of history 5 years before I got there. Network security was completely foreign to everyone there.
The equipment was extraordinarily-buggy on top of our highly-questionable software. I remember numerous long nights isolating and writing workarounds for bugs or code that defended them from the user. These black boxes were all selected by either EEs for electrical characteristics, MEs for physical mounting/environmental characteristics, or some combination of the two. Their prices were high and therefore they gained a strange aura among non-programmers for being infallable objects with exceptional engineering.
The funny thing is the last time I heard from a contact there my software was still in use cooking up parts and the company was still selling injectors using the same crappy DOS-based interfaces we had back then. Mind-boggling. Today I can hardly fathom software that remains unchanged for even a couple years due to the pace of change on the internet.