Forgot your password?
typodupeerror

Comment: Re:Never heard of a firewall? (Score 1) 284

by StickyWidget (#43944127) Attached to: Ask Slashdot: How Best To Disconnect Remote Network Access?

In IT, it's a very easy concept. Process control and industrial control systems is another matter entirely. They don't have a firewall team, or an IT staff, or a network admin, or a Windows Domain Architect, or any of that stuff. They don't have 4 days to wait for a change control board to approve access, because they usually need the vendor to fix crap immediately, or lose a few hundred thousand dollars in lost product.

They have Steve, who has been at the plant since God stopped by for tacos. Steve knows some stuff about computers, like how to google common problems, or he asks his 12 year old kid how to fix it.

Culture is entirely different, the level of experience required with IT equipment is minimal in the operation. Most of the equipment comes preconfigured, doesn't change for 5 years, and if it breaks they get a replacement in the mail. And, they are usually required to NOT change network configs, mainly because they can royally screw something up (and generally do).

I'm not making excuses here, I think good change management would be important. But, these guys operate at the same basic IT level as a McDonalds. I wish I could communicate the exact depth and width of the gap between IT and IndustrialControl, but nobody in IT ever believes me.

~Sticky

Comment: Re:you're overthinking it. (Score 1) 284

by StickyWidget (#43944101) Attached to: Ask Slashdot: How Best To Disconnect Remote Network Access?

Airgaps aren't a panacea. USB keys, CDs, even floppy disks (yes, these places still have those) can all bridge an airgap in a non-detectable manner.

Most of these systems have no actual monitoring to ensure that the integrity of the network stays constant. And, if it makes a process control professional's life easier, they WILL connect it to the internet for 'a little while', go home, forget, and completely deny they did it if the fit hits the shan.

The people need change too.

~Sticky

Comment: Re:Relays & ATtiny (Score 1) 284

by StickyWidget (#43944075) Attached to: Ask Slashdot: How Best To Disconnect Remote Network Access?

No. What happens to equipment or people if lightning strikes nearby, or if a major pump shorts out? Will it transmit the current into the process switches, causing a larger issue? Will it electrocute someone nearby? Questions like these need to be answered before tossing equipment into an industrial environment.

Neat idea, needs more than just an ATtiny. It was good though that you picked a relay that requires power from the ATtiny to turn on, I've seen other guys accidentally set stuff to fail open when they lose power.. Nasty business.

~Sticky

Comment: Re:Never heard of a firewall? (Score 2) 284

by StickyWidget (#43944053) Attached to: Ask Slashdot: How Best To Disconnect Remote Network Access?
Some vendors require this kind of remote access during warranty period of their equipment. Basically, the equipment doesn't belong to the client fully until it has met all requirements in the contract. Typically, this is 3 months to a year of service under operating conditions specified. So, what do you do when your contract requires you to keep a door open for the vendor, or otherwise absorb the risk of a ~1-5 million dollar job not being supported by them? Additionally, the guys allowing the vendors are normally not the guys you want screwing around in the firewall config on a regular basis. The physical switch makes some sense for people who are used to pressing buttons, turning levers, etc to make things happen/stop happening. ~Sticky

Comment: Re:Interesting... (Score 1) 159

by StickyWidget (#37390392) Attached to: Purported FBI Report Calls Anonymous a National Security Threat
Remember kids, if your group declares that it has no real leadership, and is a decentralized collective of individuals that spontaneously gather together, than the FBI has a real tough case to justify to their superiors. But, if they start compiling evidence that there ARE leaders, and those leaders can be held responsible for the crimes of the followers, then they can pursue a case. That's RICO. [http://en.wikipedia.org/wiki/Racketeer_Influenced_and_Corrupt_Organizations_Act], and it's a big freakin deal.

Everyone calls Anonymous a bunch of childish pranksters, but creating an organization that requires the FBI to jump through hoops just to open a priority investigation hints at deeper intelligence.

~Sticky

Comment: There's Another Reason it's a Nat'l Sec Threat.. (Score 1) 159

by StickyWidget (#37390096) Attached to: Purported FBI Report Calls Anonymous a National Security Threat
It opens up all kinds of legal methods to track, surveil, and identify potential Anonymous members that wouldn't be possible for a 'nuisance' group, and remove most of the privacy obstacles around getting information.

The FBI is building up evidence against Anonymous and Lulzsec to get a National Security Letter. After that letter comes in, the FBI has all kinds of new powers to work with under the Patriot Act. They won't need a court order to subpoena ISP, internet, and bank records, and wiretaps can be done with fewer obstacles.

~Sticky
/Yadda Yadda.

Comment: Re:Spoken like a true spokesperson... (Score 1) 138

by StickyWidget (#36277130) Attached to: Duplicate RSA Keys Enable Lockheed Martin Network Intrusion
Multiple keys wouldn't have helped, since it appears the attackers identified all the seeds that were ordered by Lockheed from RSA. Whatever process they used to assign these seeds to unique individuals would have been robust enough to notice that the individual was using two.

It was endgame. Everyone should have trashed all their tokens weeks ago.

~Sticky

In any formula, constants (especially those obtained from handbooks) are to be treated as variables.

Working...