How can the man that created maps, to which all of the above applies, say these things with a straight face?.
"According to Siemens, in none of the cases did the infection cause an adverse impact to the automation system"
I'm pretty sure the technicians tasked with cleaning up the mess while trying to keep the production line running don't agree with this statement.
In the Siemens case the physical switch is only present on the S7-400 series, the S7-300 series don't have it, and I can tell you that the difference between them isn't $4, you'll have to add 2 to 3 zeros depending on the model.
However, even with the key in the "run" position (where you supposedly cannot alter the software) not everything is locked: you cannot change the program (and I'm not even 100% sure about that since the "password protection" can override the switch) but you can change the data and disrupt the process.
Do you know that when you set a password on a siemens plc, it isn't enforced by the plc itself but by the step 7 programming software?
Use something else (e.g., libnodave) and access is wide open.
What are you all on about? He said he disabled administrative access from outside.
He disabled the user visible administrative interface.
Google for tr69 and you'll be enlightened.
In my router it's impossible to disable, however in some normally hidden menu I could modify the "call home" url, rendering it ineffective.
process control is still handled by the PLCs (unaffected by any sort of malware... that I know of) and if something was looking like it was about to go wrong, then the PLC should be set up to deal with it...
The PLCs I'm forced to work with (that happens to be from the same manufacturer that produces the POS that's WinCC[*]) can be networked and, as soon as you connect them to a network, you can control them (as in, modify the program, start them, stop them, the whole lot) remotely.
The communication is not encrypted and it's not password protected[**], so anybody that can obtain access to the network (and that's not very difficult in many factories, especially the very big ones) can control them at will.
[*] and other manufacturers aren't better
[**] there's a password protection, but it's enforced by the programming software, not by the PLC itself. You just have to use your own program, using the reverse engineered communication protocol and you're set.
That motherboard seems pretty good, but it's VGA only, so it's quite useless as a FullHD HTPC.
In the specifications they say that h264 is fully hardware accelerated, but I don't think it's possible with an intel GMA500 (at least under linux), is it?
Ok, I know I shouldn't be feeding the troll, but read the article: the kernel source itself is perfectly fine, is the compiler that optimizes the check away.
The BBC article is from 2008.
But it only works with premium (i.e. paid) accounts.
Maybe it is if you live in the US, UK or Germany.
For God's sake, stop researching for a while and begin to think!