Announcement

Collapse
No announcement yet.

While you are complaining about PM ads.......

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • While you are complaining about PM ads.......

    you can read this...........

    http://www.nationaljournal.com/njmag...80531_6948.php
    1601

    Keep eye on ball.
    Hashim Khan

  • #2
    The US needs to respond in kind with a good spanking.
    I just need one more tool,just one!

    Comment


    • #3
      I can see it now - the Griswald defense: Good talk, Rusty.

      Comment


      • #4
        If that's true then it makes me wonder what all our technology is doing to us.
        It's pretty bloody scarey to think another country can control you from a computer.
        It's bad enough that todays kids live in front of the computer.
        Now our ice cream can melt because a Chinaman decided he wanted it to???
        Imagine what sort of "real" problems that could cause....
        Russ
        I have tools I don't even know I own...

        Comment


        • #5
          It's hard to believe that they don't have dedicated private lines to
          interconnect the sort of controls that could do things like that. At
          least it's STUPID. Same thing with the millitary and their comm.
          :-(
          ...lew...

          Comment


          • #6
            Just gotta know!!

            All sides are at it - as they have always been and will be.

            It's an extension of a "Cold War" and I'd guess has been under way for as long as for-ever.

            "Electronic Warfare" is not news to most armed service personnel - and has been since radio was invented.

            Its not just international either - it is between businesses and between governments and the people they "represent".

            Toss in censorship and propoganda ("spin" very much included) and you have a real witches brew!!!

            Comment


            • #7
              Utility Reliability

              Originally posted by Lew Hartswick
              It's hard to believe that they don't have dedicated private lines to interconnect the sort of controls that could do things like that.
              I've worked on utility infrastructure monitoring and control for the last 10 or so years, and I've owned my company producing utility infrastructure monitoring equipment for the last 5. Every utility, perhaps excepting East Podunk Light, has dedicated comm systems for control. (I don't get into the billing side so I don't know about those.)
              To get one of my products that uses "public wireless", ie, cellular, approved for use I had to go through all sorts of tests and such. Let's say that the data from my product is protected *FAR* better than such mundane data as online banking, health records, and the IRS databases.
              I suspect that the utility execs are passing the buck because they don't want to be blamed for what in my experience actually causes these sort of outages, which is non-existant or slipshod preventative maintenance.
              The current thinking is that the system has operated reliably for N years with the former level of preventative maintenance, so if we ignore preventative maint for 5 years it will only decrease reliability by a fraction of a percent. Then, we'll just have to take care of very occasional catastrophic events.
              Unfortunately the drop off in reliability is very steep. The hardware installed is by and large reaching the end of its planned service life - or has exceeded it. Large transformers are designed for 25 to 40 years of service, and many are pushing 50. These work fine until you start overloading them or pulling short circuit currents. New transformers can handle 100% overload for several hundred hours; older ones tend to fail under these conditions. Thus the cascading failures as each unit gets loaded higher and higher, as happened in Queens.
              Other new technologies, such as dynamic rating of the power systems, allow the utilities to operate the hardware closer to the point of failure in order to move more Watts to the customers. Customer load continues to increase and the utility infrastructure does not, so something has to give, which is reliability.
              The ageing workforce of linemen (and women, now; I know 2 female "linemen") works against reliability too. The old hands know exactly how the system is supposed to operate, how to fix it if it breaks, and where it can be jury rigged if needed. The newer generation has not had the OJT to learn all this, and though they are eager to learn, they may not ever have the benefit of enough OJT as they rush from problem to problem.

              Comment


              • #8
                According to electrical industry mags (like TED and so forth), the change toward internet enabled controls is now fairly rapid...... Stuff that is NOT as "hardened" as the old stuff. The old stuff is too expensive to replace with new of the same quality.

                The trade-off that was actually mentioned in the article is that the newer equipment MUST have an internet connection or equivalent to function correctly. Of course the older could be manually operated.
                1601

                Keep eye on ball.
                Hashim Khan

                Comment


                • #9
                  That story is total bunk. Somebody is trying to shift the blame so that they don't get hung. Who better than the Chinese to blame. There isn't a chance of being able to confirm or dispute the story, you will just have to take their word for it. Bull ship.

                  The utility companies are the most paranoid companies in business. They don't like to depend on any outside mission critical suppliers, period. They have their own comm systems, backup systems and backups for the backups.

                  According to electrical industry mags (like TED and so forth), the change toward internet enabled controls is now fairly rapid...... Stuff that is NOT as "hardened" as the old stuff. The old stuff is too expensive to replace with new of the same quality.
                  Strong encryption costs nothing and is unbreakable, even by the NSA. I do not believe that anybody that did decide to use the internet to control mission critical systems would do so using unencrypted methods. That would be so unbelievably stupid that it beggars the imagination. If they did then they owe the (almost certainly non-existent) hackers a big THANK YOU for the wake up call.
                  Free software for calculating bolt circles and similar: Click Here

                  Comment


                  • #10
                    GW

                    Didn't George Washington become a hacker when he cut down that cherry tree? Even if he did 'fess up?

                    And let's not even mention golfers!!!

                    http://www.tfd.com/hacker

                    Comment


                    • #11
                      Originally posted by Evan
                      That story is total bunk.
                      Evan, you are WAY off-base. Talk about things you know.

                      I can, of my own knowledge (but I can NOT discuss it), attest that there IS a chinese (and an everyone else's) attempt to get data on and be in a position to take down, the economic and technical basis of an enemy through the connectedness of things.

                      In case you are unaware (but I KNOW you know better) it is totally un-necessary to have ANY information relative to the actual control system..... You just have to prevent the controls from being used, and that is trivially easy these days, it is called a denial of service attack.

                      And, in case you missed it, the article was not limited to the power grid. The incident of the negotiations STARTING at the terms which were intended to be the END POINT shows that there was indeed spying, regardless of whether the nincompoops who were spied on were at all aware of prevention methods.

                      YOU may say that if I leave the door unlocked, I deserve to be robbed. But, it is true that it takes BOTH the robber AND the opportunity. So blaming the victim, however stupid they are, is only part of the story.

                      I'll leave you with a nice little gift as an example

                      Originally posted by Evan
                      The world is flat, and anyone who says it's round is an idiot
                      A very minor sort of internet attack...... good job you are not a politician, or that would be around the world in a New York minute..... no matter that you never said it. But of course, now, you are "on record" in caches all over the world as being a confirmed flat earth believer..... (not)
                      1601

                      Keep eye on ball.
                      Hashim Khan

                      Comment


                      • #12
                        Don from PM is a punk.

                        If his old lady saw us compare penis size she would throw rocks at him and beg me for some hot loving..

                        Comment


                        • #13
                          One of my servers came under a distributed denial of service attack recently because it hosts a domain, the owner of which, offended the wrong group of people in Europe. It was days before I could control it again. It's hardened against all of the typical things you expect, but nothing can stand up to 10,000 requests from as many sources for a tcp/ip socket per minute. No doubt all Windows drones sitting in the corner of somebody's home and completely unknown to the owner what their computer was busy doing.

                          It was useless to anyone for close to a week, and there's nothing that can be done to stop the problem.

                          Years ago I worked for a large aircraft company and managed a web server that brought in about a $mil per day in sales. It quit making money one day because a single system in a very remote part of the world was opening but not using sessions - several per second. It quickly caused the server to deplete all memory as it was not, on it's own, shutting down services not being used. Much tuning took place after that to ensure it would not happen again.

                          While systems are much better hardened than the old days it is still possible to DDOS a system or site. The cost of doing so today is nill thanks to Microsoft. There is a huge pool of willing systems at the beck and call of black hats.

                          Comment


                          • #14
                            Evan, you are WAY off-base. Talk about things you know.
                            Ok. BC Hydro, the power company in British columbia, has it's own communications network and has had since many years ago. They have both microwave and fiber links between their various facilities around the province. Those links are standalone and are not connected to the regular phone system let alone the internet. I have seen the systems as I used to service equipment for them.

                            Terasen Gas, which used to be West Coast Transmission is the Natural gas provider in this province. They have a compressor station a half hour drive up the road from here. At that station the generate their own electricity with a one megawatt natural gas powered system. It is backed up by a diesel one mw generator. They have two water wells, one pumped by electricity and another with a diesel pump. They have 30 homes inside the compound where the employees lived although that has been discontinued. The homes are still maintained if they decide they need them again. They operate entirely independently of other utilities and have their own comm systems too.

                            Any utility company that depended on the internet for vital and critical control functions of it's systems would be out of business in hours. Even the phone companies don't use the internet to control their systems. They have back channel communications via satellites and unused fiber that they use. A good friend of mine was an engineer for the phone company and, as usual, I used to service thier equipment and have seen their systems. My wife worked there too.

                            As for the Chinese, sure, they spy on everyone as do we. Snooping around the net for unsecured servers is standard practice for all governments. However, it's all too easy to try and shift the blame to parties unknown with a story that cannot be verified, questioned or corroborated. To believe it without a shred of evidence just because THEY say so is pure gullibility.

                            [quote]
                            Computer hackers in China, including those working on behalf of the Chinese government and military,

                            And just exactly how did they determine that?


                            have penetrated deeply into the information systems of U.S. companies and government agencies,

                            Sure. I have been running servers online for years and although parties unknown have tried to gain access many times no one has succeeded. They aren't talking about a DDOS attack here. If somebody has been able to gain access to government systems they are either wide open or the hackers are very good, in which case they will not be tracked or identified.



                            stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.


                            Possibly? Did they or didn't they?


                            One prominent expert told National Journal he believes that China’s People’s Liberation Army played a role in the power outages. Tim Bennett, the former president of the Cyber Security Industry Alliance, a leading trade group, said that U.S. intelligence officials have told him that the PLA in 2003 gained access to a network that controlled electric power systems serving the northeastern United States. The intelligence officials said that forensic analysis had confirmed the source, Bennett said.

                            That's rich. Forensic analysis my ass. I can chain together a string of open proxies and reach out and touch someone and there isn't the slightest chance that it can be traced back to me. If I had a government helping me I could make it look like I was operating from the White House. In fact, I could anyway.

                            Incidentally, I did a little experiment with my IP address today by visiting various web sites that claim to be able to locate me via IP. Apparently I am in Bethlehem Pennsylvania, somewhere in Virginia, New Brunswick, Toronto and Vancouver, all at the same time.







                            “They said that, with confidence, it had been traced back to the PLA.”

                            Bull. See above.



                            These officials believe that the intrusion may have precipitated the largest blackout in North American history, which occurred in August of that year. A 9,300-square-mile area, touching Michigan, Ohio, New York, and parts of Canada, lost power; an estimated 50 million people were affected.



                            More waffle words. "MAY have precipitated..."


                            If you believe this you have been watching far too much TV.
                            Free software for calculating bolt circles and similar: Click Here

                            Comment


                            • #15
                              You have focused on ONE TINY PORTION of the article, and are condemning the whole thing based on your *disagreement* (which may be rational and reasonable, or not) with that tiny portion.

                              In any case, there is already ample evidence of bad behavior available elsewhere, even including embedded and unremovable malware in products (such as the electronic "photo frames" which came with "extras" ), which is of course easily blamed on rogue programmers.

                              Let's put it this way. If I were running the show over there, I would most certainly be doing what is alleged.

                              That being the case, it is unreasonable and non-rational to assume that it isn't happening.

                              With over-the-internet data collection, and increasingly, control, of course the vulnerability is increased..... I know absolutely surely of at least one power provider who is rolling out over-the-internet control and monitoring of remote generation systems.

                              On another note related in that it shows the interconnectedness of systems, and the resulting vulnerabilities, thnk of consumer equipment of all sorts.

                              Stoves, for instance. It is almost impossible to obtain a GAS stove now that is not totally dependent on electricity to light it. In many cases you CANNOT get the gas to flow unless there is electricity available, so there is no chance to use a match.

                              And telephones.... if you have an integrated cable phone/cable TV/internet, in case of a power failure, YOUR PHONE WILL NOT WORK. Even if you have local power, it STILL may not work due to an intermediate stage being out of power. Want to call the power company and report no power? Sorry........ no can do.

                              If you have a cell phone, in many cases, without grid power, the cell phones are down..... I was very surprised that a car hitting a utility pole took out cell phones over a large area of an adjoining county.

                              There are growing vulnerabilities all over, and anyone with half a brain could plan a simple way for a fairly small group to shut most of the economic activity in the country down.
                              Last edited by J Tiers; 06-07-2008, 10:16 AM.
                              1601

                              Keep eye on ball.
                              Hashim Khan

                              Comment

                              Working...
                              X