[R-390] off topic interesting read
Jerry Boman
mdg11fbf at gmail.com
Wed Apr 8 22:12:57 EDT 2009
I read the grid leak article from another source earlier today and wasn't
very surprized. I know I was shocked several years back when NASA announced
shortly after the in flight shuttle explosion that they were upgrading the
computer control systems for the shutlle for various reasons and they
explained their control system at the time was I think an 8086 processor
based system...you know the ones used before pentium and pentium 1 desktops
of ancientville. Take care all, Jerry
On Wed, Apr 8, 2009 at 3:27 PM, <r-390-request at mailman.qth.net> wrote:
> Send R-390 mailing list submissions to
> r-390 at mailman.qth.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mailman.qth.net/mailman/listinfo/r-390
> or, via email, send a message with subject or body 'help' to
> r-390-request at mailman.qth.net
>
> You can reach the person managing the list at
> r-390-owner at mailman.qth.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of R-390 digest..."
>
>
> Today's Topics:
>
> 1. off topic interesting read (odyslim at comcast.net)
> 2. Re: off topic interesting read (Richard Loken)
> 3. Re: off topic interesting read (2002tii)
> 4. Re: off topic interesting read (Patrick)
> 5. (no subject) (mikea)
> 6. Re: off topic interesting read (William J. Neill)
> 7. Re: off topic interesting read (mikea)
> 8. Re: off topic interesting read (Cecil Acuff)
> 9. Re: off topic interesting read (Robert Nickels)
> 10. Re: off topic interesting read (Dana Cobb)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 8 Apr 2009 16:47:10 +0000 (UTC)
> From: odyslim at comcast.net
> Subject: [R-390] off topic interesting read
> To: milcom <milcom at mailman.qth.net>, r390 list <r-390 at mailman.qth.net>
> Message-ID:
> <
> 248672294.1614321239209230232.JavaMail.root at sz0106a.westchester.pa.mail.comcast.net
> >
>
> Content-Type: text/plain; charset=utf-8
>
>
> I know this is off topic but worth reading. Individuals have been caught
> trying to map out our power grids.
>
>
> http://www.comcast.net/articles/news-general/20090408/NEWS-US-CYBERATTACK-USA/
>
> Regards, Scott
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 8 Apr 2009 12:59:06 -0600 (MDT)
> From: Richard Loken <richardlo at admin.athabascau.ca>
> Subject: Re: [R-390] off topic interesting read
> To: odyslim at comcast.net
> Cc: r390 list <r-390 at mailman.qth.net>, milcom <milcom at mailman.qth.net>
> Message-ID: <20090408125538.N26043 at discord.bogons>
> Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
>
> On Wed, 8 Apr 2009, odyslim at comcast.net wrote:
>
> > I know this is off topic but worth reading. Individuals have been caught
> > trying to map out our power grids.
>
> Using Windows to manage the power grid are we? Does Microsoft still have
> that warranty clause on Windows that tells you not to use Windows for
> anything that risks life, limb, money, or truth, justice, and the American
> way?
>
> People continue to astonish me!
>
> --
> Richard Loken VE6BSV, Unix System Administrator : "Anybody can be a
> father
> Athabasca University : but you have to earn
> Athabasca, Alberta Canada : the title of 'daddy'"
> ** richardlo at admin.athabascau.ca ** : - Lynn Johnston
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 08 Apr 2009 15:09:21 -0400
> From: 2002tii <bmw2002tii at nerdshack.com>
> Subject: Re: [R-390] off topic interesting read
> To: R-390 at mailman.qth.net
> Message-ID: <20090408190922.B350511B876 at karen.lavabit.com>
> Content-Type: text/plain; charset="us-ascii"; format=flowed
>
> Scott wrote:
>
> >I know this is off topic but worth reading. Individuals have been
> >caught trying to map out our power grids.
>
> Just one more security problem we invite by jumping whole-hog on the
> Internet bandwagon.
>
> Time was when commands to remote equipment of all kinds was carried
> by dedicated circuits, so an intruder first had to physically locate
> and tap into the circuit, then begin to figure out how the commands
> worked. Now, lazy designers blithely use the ubiquitous Internet for
> the comm link, and the first part of the security equation is very
> seriously weakened.
>
> I bet (rather, let's say I hope) that communications with our nuclear
> missile arsenal (and everyone else's) are still handled with secure
> dedicated lines.
>
> Best regards,
>
> Don
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ------------------------------
>
> Message: 4
> Date: Wed, 8 Apr 2009 15:18:19 -0400
> From: "Patrick" <brookbank at triad.rr.com>
> Subject: Re: [R-390] off topic interesting read
> To: <R-390 at mailman.qth.net>, "2002tii" <bmw2002tii at nerdshack.com>
> Message-ID: <EF56D8374A094366B874E43B0CF7E14E at PATCOMPUTER>
> Content-Type: text/plain; format="flowed"; charset="iso-8859-1";
> reply-type="original"
>
> Anyone here remembers de AUTODIN??? Pat retired IBM'er
> ----- Original Message -----
> From: "2002tii" <bmw2002tii at nerdshack.com>
> To: <R-390 at mailman.qth.net>
> Sent: Wednesday, April 08, 2009 3:09 PM
> Subject: Re: [R-390] off topic interesting read
>
>
> > Scott wrote:
> >
> >>I know this is off topic but worth reading. Individuals have been
> >>caught trying to map out our power grids.
> >
> > Just one more security problem we invite by jumping whole-hog on the
> > Internet bandwagon.
> >
> > Time was when commands to remote equipment of all kinds was carried
> > by dedicated circuits, so an intruder first had to physically locate
> > and tap into the circuit, then begin to figure out how the commands
> > worked. Now, lazy designers blithely use the ubiquitous Internet for
> > the comm link, and the first part of the security equation is very
> > seriously weakened.
> >
> > I bet (rather, let's say I hope) that communications with our nuclear
> > missile arsenal (and everyone else's) are still handled with secure
> > dedicated lines.
> >
> > Best regards,
> >
> > Don
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > ______________________________________________________________
> > R-390 mailing list
> > Home: http://mailman.qth.net/mailman/listinfo/r-390
> > Help: http://mailman.qth.net/mmfaq.htm
> > Post: mailto:R-390 at mailman.qth.net
> >
> > This list hosted by: http://www.qsl.net
> > Please help support this email list: http://www.qsl.net/donate.html
>
> --
> I am using the free version of SPAMfighter.
> We are a community of 6 million users fighting spam.
> SPAMfighter has removed 2287 of my spam emails to date.
> Get the free SPAMfighter here: http://www.spamfighter.com/len
>
> The Professional version does not have this message
>
>
>
>
> ------------------------------
>
> Message: 5
> Date: Wed, 8 Apr 2009 14:22:36 -0500
> From: mikea <mikea at mikea.ath.cx>
> Subject: [R-390] (no subject)
> To: r390 list <r-390 at mailman.qth.net>
> Message-ID: <20090408192236.GA6633 at mikea.ath.cx>
> Content-Type: text/plain; charset=us-ascii
>
> Bcc:
> Subject: Re: [R-390] off topic interesting read
> Reply-To:
> In-Reply-To: <20090408125538.N26043 at discord.bogons>
>
> On Wed, Apr 08, 2009 at 12:59:06PM -0600, Richard Loken wrote:
> > On Wed, 8 Apr 2009, odyslim at comcast.net wrote:
> >
> > > I know this is off topic but worth reading. Individuals have been
> caught
> > > trying to map out our power grids.
> >
> > Using Windows to manage the power grid are we? Does Microsoft still have
> > that warranty clause on Windows that tells you not to use Windows for
> > anything that risks life, limb, money, or truth, justice, and the
> American
> > way?
> >
> > People continue to astonish me!
>
> AIUI, it's an interesting mix of FreeBSD, OpenBSD, NetBSD, various
> flavors of Solaris, some Silicon Graphics stuff, AIX, and you-name-it,
> which, like Topsy, "just growed". And, of course, there's Gatesware in
> it. Most SCADA stuff used not to be connected to the public Internet,
> and I'm mystified that anyone would ever connect one to the other. The
> downside is just too bad to justify the gamble.
>
> Topicality: without the grid, I have to fire up the generator to run
> my R-390 and two R-390A, but the RF noise from the neighborhood goes
> *WAAAAAAAAY* down. I learned that from the last few big ice storms.
> If I just get out the batteries and run my sand-state rigs off them,
> without genny, then it's hear-much-better time. 182 Ampere-hours will
> run the rig a long time, too.
>
> --
> Mike Andrews, W5EGO
> mikea at mikea.ath.cx
> Tired old sysadmin
>
>
> ------------------------------
>
> Message: 6
> Date: Wed, 8 Apr 2009 14:36:23 -0500
> From: "William J. Neill" <wjneill at consolidated.net>
> Subject: Re: [R-390] off topic interesting read
> To: odyslim at comcast.net
> Cc: r390 list <r-390 at mailman.qth.net>, milcom <milcom at mailman.qth.net>
> Message-ID: <3E554BC0-1FE4-437F-8530-5055B1E49B37 at consolidated.net>
> Content-Type: text/plain; charset=WINDOWS-1252; delsp=yes;
> format=flowed
>
> The subject has attracted attn from DoD and DHS and herewith are a
> sampling of comments from this morning's postings on a DoD INTEL
> netserver:
>
> We have known about China and Russia?s exploits on the NIPR front.
> This article is interesting
> in the fact that critical infrastructure systems were penetrated and
> malware was left behind.
>
> Does anyone have an UNCLASS damage assessment?
>
> http://online.wsj.com/article/SB123914805204099085.html
>
>
>
> On Apr 8, 2009, at 9:54 AM, Villano, Paul Mr CIV USA TRADOC wrote:
> I found the CBS version of the story http://www.cbsnews.com/stories/
> 2009/04/08/national/main4928223.shtml
> interesting because a former HLS employee mentions there were "a lot"
> of intrusions last year. I wonder what the reason for his "former"
> status is.
>
>
>
> On Apr 8, 2009, at 8:51 AM, Raines, James B Jr WO1 RES USAR USARC wrote:
>
> > We have known about China and Russia?s exploits on the NIPR front.
> > This article is interesting
> > in the fact that critical infrastructure systems were penetrated
> > and malware was left behind.
> >
> > Does anyone have an UNCLAS damage assessment?
>
> You may be interested in the Task Force on Electric Grid
> Vulnerability (EGV), which maintains a host of unclassified and FOUO
> materials on Intelink-U:
>
> http://www.intelink.gov/wiki/Electric_Grid_Vulnerability
>
> Membership and POCs available here:
>
> http://www.intelink.gov/wiki/Electric_Grid_Vulnerability/Membership
>
> You may wish to contact the Task Force for additional information on
> the recent media coverage.
>
> One important consideration is that the presence of malware on such
> systems does not always imply intentional penetration; often, the
> presence of malware on secure systems is the result of improper use,
> poor user education, or other deficient local security practices. Web
> and email vectors are common.
>
> That said, the presence of this type of malware, much of which is
> designed to communicate with an external control server for
> instructions, is undesirable even if not the result of a concerted or
> targeted effort. Once in place, networks of individuals interested in
> more malicious activities than sending spam or bringing down a web
> site would have a considerable base of systems from which to pick, in
> all manner of sensitive areas.
>
> - Dave
>
>
>
> Bill Neill
> Conroe, Texas
>
>
> On Apr 8, 2009, at 11:47 AM, odyslim at comcast.net wrote:
>
> I know this is off topic but worth reading. Individuals have been caught
> trying to map out our power grids.
>
> http://www.comcast.net/articles/news-general/20090408/NEWS-US-
> CYBERATTACK-USA/
>
> Regards, Scott
>
> ------------------------------
>
> Message: 7
> Date: Wed, 8 Apr 2009 14:38:39 -0500
> From: mikea <mikea at mikea.ath.cx>
> Subject: Re: [R-390] off topic interesting read
> To: R-390 at mailman.qth.net
> Message-ID: <20090408193839.GB6633 at mikea.ath.cx>
> Content-Type: text/plain; charset=us-ascii
>
> On Wed, Apr 08, 2009 at 03:18:19PM -0400, Patrick wrote:
> > Anyone here remembers de AUTODIN??? Pat retired IBM'er
>
> OhYeah, big-time. I worked at the Camp Drake switch (NW corner of Tokyo)
> for two years. I particularly remember, despite earnest attempts to
> recycle those neurons, the IBM 1976: a special-purpose beast that read
> and punched cards on one end, while the other hung off a 1200 (or 2400,
> 4800, or 9600) Baud modem[1], with a comm line that went through Tech
> Control to the microwave and then to whatever transmitters were at the
> transmitter site. Stone-age, but not quite as stone-age as the Plan-55
> stuff.
>
> Topicality: the receiver site actually used R-390 to pull the data off
> HF, and microwave from there to a tower at Drake. They changed to
> R-390A about the time I was reassigned, and I have no idea what they
> used after that. The AUTODIN switch there replaced a Plan-55 torn-tape
> TTY commcenter, which was loads of not-fun, and which also used R-390
> and R-390A. All gone now. Google Maps shows bare concrete and weeds
> where the commcenter and the switch were.
>
> [1] We originally had modems with real mechanical resonators. When the
> resonator stopped, we'd get a call, and apply a brogan to the front
> of the box to start it ringing again. Really. "Kick HERE"-type
> maintenance. I remember when we got solid-state Rixon modems to
> replace those things: they were so _tiny_, and they Just Worked.
>
> --
> Mike Andrews, W5EGO
> mikea at mikea.ath.cx
> Tired old sysadmin
>
>
> ------------------------------
>
> Message: 8
> Date: Wed, 8 Apr 2009 14:40:27 -0500
> From: "Cecil Acuff" <chacuff at cableone.net>
> Subject: Re: [R-390] off topic interesting read
> To: "Richard Loken" <richardlo at admin.athabascau.ca>,
> <odyslim at comcast.net>
> Cc: r390 list <r-390 at mailman.qth.net>
> Message-ID: <85E574D55D854CC7B7D6BD677719C0FF at acuffmain>
> Content-Type: text/plain; format=flowed; charset="iso-8859-1";
> reply-type=original
>
> I didn't read anything in the article that indicated it to be as simple as
> Windows Richard. I work for one of the largest electric utillities in the
> US in IT and I can assure you we don't use windows machines to control
> substations and generating plant controls. It is propriatary protocols on
> a
> closed network that does not use the internet for backhaul. Mostly company
> owned fiber network across the entire southeast US. But some of the last
> mile paths are leased and RF....but carrying a complex protocol. Not
> bulletproof but not as easily hacked as a Windows machine sitting on a DSL
> connection 24/7.
>
> Cecil...
> ----- Original Message -----
> From: "Richard Loken" <richardlo at admin.athabascau.ca>
> To: <odyslim at comcast.net>
> Cc: "r390 list" <r-390 at mailman.qth.net>; "milcom" <milcom at mailman.qth.net>
> Sent: Wednesday, April 08, 2009 1:59 PM
> Subject: Re: [R-390] off topic interesting read
>
>
> > On Wed, 8 Apr 2009, odyslim at comcast.net wrote:
> >
> >> I know this is off topic but worth reading. Individuals have been caught
> >> trying to map out our power grids.
> >
> > Using Windows to manage the power grid are we? Does Microsoft still have
> > that warranty clause on Windows that tells you not to use Windows for
> > anything that risks life, limb, money, or truth, justice, and the
> American
> > way?
> >
> > People continue to astonish me!
> >
> > --
> > Richard Loken VE6BSV, Unix System Administrator : "Anybody can be a
> > father
> > Athabasca University : but you have to
> earn
> > Athabasca, Alberta Canada : the title of
> > 'daddy'"
> > ** richardlo at admin.athabascau.ca ** : - Lynn Johnston
> > ______________________________________________________________
> > R-390 mailing list
> > Home: http://mailman.qth.net/mailman/listinfo/r-390
> > Help: http://mailman.qth.net/mmfaq.htm
> > Post: mailto:R-390 at mailman.qth.net
> >
> > This list hosted by: http://www.qsl.net
> > Please help support this email list: http://www.qsl.net/donate.html
> >
>
>
>
>
> ------------------------------
>
> Message: 9
> Date: Wed, 08 Apr 2009 15:10:18 -0500
> From: Robert Nickels <ranickel at comcast.net>
> Subject: Re: [R-390] off topic interesting read
> To: 2002tii <bmw2002tii at nerdshack.com>
> Cc: R-390 at mailman.qth.net
> Message-ID: <49DD04AA.20900 at comcast.net>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> 2002tii wrote:
> > Time was when commands to remote equipment of all kinds was carried
> > by dedicated circuits, so an intruder first had to physically locate
> > and tap into the circuit, then begin to figure out how the commands
> > worked. Now, lazy designers blithely use the ubiquitous Internet for
> > the comm link, and the first part of the security equation is very
> > seriously weakened.
> >
> >
> Having had some involvement in the process control industry,
> cybersecurity is a Really Big Deal. The ISA SP-99 standard are focused
> on this, you can Google up more than you'll want to read about it.
>
> The old axiom was that a security system is no stronger than the
> barriers to physical access. Wires can be tapped - but add the growing
> trend toward wireless (what you and I would call by the old fashioned
> term "radio") for industrial communications and the plot really
> thickens. ISA SP-100 is an evolving standard for industrial wireless -
> but it's based on a taxonomy of applications, and even the strongest
> advocates don't talk about using it for safety critical purposes. It's
> great for non-critical monitoring, but there is interest in doing real
> time control via wireless, and the discussions tend to focus on
> encryption algorithms, key distribution, ways to guard against
> unauthorized intrusion, interception, message replay, and so forth.
>
> But most of these folks don't understand how "radio" really works. I
> caused a few frowny faces at one committee meeting where I pointed out
> that a strong enough transmitter could put enough ERP on the receiver
> inputs of their 802.15.4 silicon radios that nothing would get through.
> (To get decent battery life, most of these spread spectrum radios
> transmit with 1 to 10 mw of power - that's not much ERP at a few hundred
> feet).
>
> Some finally realized that even the most sophisticated algorithm wasn't
> much help during an RF-based denial-of-service attack, and that
> controlling output devices like pumps, valves, and motors with wireless
> could have some unintended consequences.
>
> I think the companies and people involved in these industries are very
> conscientious - but they've got to be right all the time - the bad guys
> only have to be right once.
>
> 73, Bob W9RAN.
>
>
> ------------------------------
>
> Message: 10
> Date: Wed, 8 Apr 2009 16:27:08 -0400
> From: "Dana Cobb" <objoyful at tampabay.rr.com>
> Subject: Re: [R-390] off topic interesting read
> To: <R-390 at mailman.qth.net>
> Message-ID: <3F8335798EF7412299B76CF854121662 at DANACOBB>
> Content-Type: text/plain; format=flowed; charset="iso-8859-1";
> reply-type=original
>
> Scott wrote:
>
> >I know this is off topic but worth reading. Individuals have been
> >caught trying to map out our power grids.
>
> Just one more security problem we invite by jumping whole-hog on the
> Internet bandwagon.
>
> Time was when commands to remote equipment of all kinds was carried
> by dedicated circuits, so an intruder first had to physically locate
> and tap into the circuit, then begin to figure out how the commands
> worked. Now, lazy designers blithely use the ubiquitous Internet for
> the comm link, and the first part of the security equation is very
> seriously weakened.
>
> I bet (rather, let's say I hope) that communications with our nuclear
> missile arsenal (and everyone else's) are still handled with secure
> dedicated lines.
>
> Best regards,
>
> Don
>
> Don is 110% correct ! The infrastructure AT&T and local Telephone companies
> provided to the military/government would probably stagger the average
> citizens mind!! Most of the infrastructure is obsolete now in the era of
> the
> internet, glasnost and perestroika.. Dana K1RQ AT&T Retired
>
>
>
> ------------------------------
>
> _______________________________________________
> R-390 mailing list
> R-390 at mailman.qth.net
> http://mailman.qth.net/mailman/listinfo/r-390
>
>
> End of R-390 Digest, Vol 60, Issue 8
> ************************************
>
--
"FREEDOM"=The result of intention and action against tyranny. "Live Free -
Be Free"
More information about the R-390
mailing list