Townsville has a cyclone affect the city every 5 to 10 years. That's not even going over, just within 100km. Most of the houses are built to cyclone standards and have been for 30+ years. Damage is minimal, a handful of older houses and a bit of localized inundation - the river catchment is too small for flooding.
Brisbane, the state capital city, on the other hand has major flood and hail every 2 to 3 years.
Guess where the "uninsurable" areas are? Certainly not where all the head offices and political and business leaders are located.

There's a writeup of the apparent exploit that was used, which stated with "dl.asp" and then used several others to infect the server.

https://www.scmagazine.com/kas...

I just did a google search for "dl.asp" and the first hit is from Kaseya's community forum site in 2010, discussing the fact that it has no security restrictions. I can't see the original page, as the server's not responding, but google is offering a cached copy of the page, as does the wayback machine.

Here's the links:

http://community.kaseya.com/xs...

http://webcache.googleusercont...

https://web.archive.org/web/20...

No mod points, so I'll post a reply.

I agree completely on all points. The ACCC has given Australia one of the best consumer protection frameworks in the world, despite the repeated efforts of the current government and corporations to make it otherwise.

1/3 opened the email? That means that 2/3 don't read their email.

You can't tell if it's a phish just by the subject line and the displayed sender name, you have to at least check the sender email address, path headers and link html to make an informed decision.

...and of course I typo'ed the 30Mbbl as 36Mbbl.

Check TFA, the article switched units while distracting us with big numbers. In fact, they switched two sets of units just to *ahem* muddy the waters.

The 36 million *barrels* of oil *per year* is processed from a supply that creates 34 billion *gallons* *per day*.

365.25 days per year, 42 US gallons per barrel, mumble...mutter...kcalc

OK, you'll get 36Mbbl oil from 295Gbbl sewage, 0.00012 oil/sewage, or 8208 sewage/oil.

At US$45/bbl, you have to process 7660 gallons of sewage per dollar to break even.

"Do not," called out Slartibartfast floating past again, and fiddling furiously with the thing that he had stuck into the wall of the Room of Informational Illusions and which was in fact still stuck there, "agree to buy anything at this point."

The new name for "legal tender".

That would be "ten hundred" as it is written in the xkcd banner graphic.

All my HP FC SAN arrays have DMR support for the warranty period and again when under maintenance. On a 25 drive chassis, with 900Gb 2.5" SAS drives, it's about 5% of the total cost. All have dual controllers and power supplies, of course.

The disks are arranged as 4x 6-disk RAID6 sets, then presented to VMWare as 4x 3.6Tb VMFS disks.

The 25th disk? It goes on the shelf and is the cold spare for that array. When a disk fails, it goes in straight away and a phone call to HP sees a new disk is sent out overnight.

DMR: Damaged Media Retention. We send a load of old server and dektop media, plus USBs, etc, to a rated destruction facility once or twice a year. Yes, it will shred.

Boiling water is great for killing weeds/grass around bricks and pavers. Those steam wand thingies work well, too.

It's not a pubic holiday like ANZAC Day, but it's customary to observe a minute's silence wherever you may be at the time.

"Why is he pointing his pistol at that missile? Is he arresting it? Does he have to read it's ri... Oh, he's pulling on his second glove. Never mind."

Just because a material has a everyday name, it doesn't mean that the original specification didn't have a chemical/mechanical/biological/radiological/whatever reason for specifying it.

If all the material property requirements were met with a commonly available product that didn't require an expensive supply chain, then that's great.

HOWEVER...

I suspect that originally somewhere in the nuclear disposal system, a group identified the need, a solution was found and a materiel was specified. Along the line or through the years, the REASON for that specification was lost to the end of the purchasing chain and the poor sod who orders the stuff was given a directive to "buy sustainably" and substituted the new material without being aware of the original intent.

That person probably wasn't even been aware of the use of the material - they may have though it was used in the kennels for the guard dogs. It's a nuclear material disposal site. Need to know is important. (1) The suppler wouldn't have known, either.

There's lots of complaints of expensive procedures and materials(2), but this is a perfect example of the need for a formal supply chain system with provable provenance. You may BUY a commonly available kitty litter to fulfill the order, but what arrives in the sacks will have to match the specification sheet.

1. Yes, this is irony. The accident may have been prevented if the purchasing officer knew what it was for. Then again, maybe not.

2. Ferrous hammers are a bad idea around strong magnetic fields. If you're in a lab with a MRI or similar and lots of delicate equipment, a hammer to undo the dog on a vacuum chamber had better be a very special hammer. The kind that you can buy today for less than a hundred bucks, but in the 60's had to be engineered from scratch. Thank someone else's R&D for the fact you can buy a (nearly) chemically inert, non-ferrous, non-sparking hammer for a pittance.

> So you've added two or three more people to be bribed to ignore a faulty tracking device - 1 or 2 in maintenance, and someone in the control tower?

They'd be the first people to be arrested when the syslog was backtracked on the first day of the search. I'll admit that some people are not the brightest, but looking at a red flag on a computer screen and granting take-off permission anyway is a little beyond belief.

You'd need a sysadmin or ATC site admin to inject fake data, but that wouldn't survive the satellite data analysis.

I don't know if it would be possible, but you might be able to have a ghost transponder in another aircraft or on the ground which pretends to be the target. You'd have to be careful to transmit at the correct time and with the correct signal drop-off if you wanted to hide the fakery from the investigation.

It the investigators managed to get satellite triangulation data, even that wouldn't work.