Slashdot Mirror
Power Grid Insecurities Examined
Joe Barr writes "Chris Gulker has taken a long and careful look at the infrastructure of our power grids and has come to some rather unsettling conclusions." A good read that outlines where the current power grid is at, and suggests some paths for the future that may help avoid future blackouts.
The insecurities in our power grid are quite shocking.
Wonderful -- as I read the article, plastered in the center of the page is the ad:
... it frankly scares the hell out of me.
:)
"Microsoft - Big business ambition. Small business resources. Get your FREE 6-month trial now. Windows Small Business Server 2003".
The very fact that the power grid, atm's, so on and so forth -- hell, I worked on the power supply to a embedded PC today for a newspaper printing press that had NT on it
There I'll be sitting there in front of my OS X or Linux box. Can't be too smug I suppose with no power. No telephone. No gas. No cash to buy bread. Hell, the auto-checkout lanes (which I refuse to use on principle) at Jewel are Mickey-MouseSoft based. Certainly no Internet.
For my business' I absolutely refused to allow a Windows server of any type in the datacenter. I still say, "are you nuts?". Yet people still did it. Once again, Bill Gates will get a chance to screw us I guess.
So, when is the next worm due to hit? At least my TiVo will still work...
In most states, if you generate your own power (ie solar), you can feed it back to the grid, and the electric companies are required to credit you! Any excess power you have can make you money. Sure, it's an investment up front to move to solar, but it is doable, and some states even offer tax credits.
i thought this was all canada's fault.
Says Skroch: "If you have too much security [i.e., no network connections], then the power plant probably won't work."
power plants worked long before the internet was created. no important computer controlling very important things should ever be put on the internet.
Was it just me, or did the link to that story contain an ad for Microsoft Server 2003? For all of you that didnt RTFA, this would be a good time to do so...its good for a laugh, in whats going to be a serious problem for all the crack(power) addicted unwashed.
We must reflect on our transient nature that is so dependent on fossil fuel-based power generation. We must encourage the development of high-end fusion generating stations that will allow us to wrest away from the strangle-hold that the oil-producing nations have upon us.
It is only then that we reach our full potential in our academic and athletic pursuits which substantiate our integrity in the grand scheme of things.
Why must we fall in the trap of consumerism? Cannot we withstand the constant bombardment of commecial messages by the illicit corporations who have their own agendas?
Yes, we can and we shall. It is what makes us the leading society in the western hemisphere and as history as proved, it is our greatest asset.
Wearing pants should always be optional.
A fundemental weakness of the grid is its over-centralisation. Another argument for environmentally friendly local power generation schemes. Cover your house with "solar" roof tiles that generate power that is fed back to the local grid, etc..
"You lied to me! There is a Swansea!"
Where's "+1 Prophetic" when you need it?
"1984" was ment to be a warning, not a guidebook. You hear that Kim Jong-il!? BushCo?!
lol
USA uses power from Canada. It's not the other way.
Canada can black out the entire USA just by pulling a button.
You are doomed. I for one welcome our new canadian overlord.
Get it? Shocking! That's the most electrifying joke I've heard all day.
The article does bring up a valid point. Many times, when large systems attempt are forced into security by fear, they overdo it, and the system becomes nearly unusable to the users, who have to run around in circles with security measures.
The lesson? Security is nice, but lets not go biometrics and 30 different passwords just to check the email.
You will be baked, and there will be cake.
Small business resources.
"The situation is so bad, experts say, that bored script kiddies could soon be knocking out power stations as easily as they concoct viruses from toolkits available on the Web."
:)
Is it any easier now then it has ever been? It always seemed pretty simple to me. Go down to your local, unmanned, power station and blow it up. Get your buddies and some trucks and knock down some high tension wires. wheeeeee.
Why do people get excited by this? It might be my misanthropic nihilism talking, but shit happens. Every day. Deal with it.
You might lose power, you might lose running water, you might get hit by a bus.
Even if you hole up in a shack to protect yourself from the script kiddies, psychopaths, terrorists and/or government... you're still gonna die!
Have fun!
--- Do you believe in the day?
The power industry needs to be reinvesting profits in infrastructure (powerlines), not stock dividends. The same companies should have been upgrading their command and control systems to prevent chain reaction blackouts. Am I expected to believe the computer systems that manage the cooling rods in the nearest nuke plant are secure?
Seriously consider the economic impact of the grid failure compared to the recent worm problems. Then think about a nasty combination of the two.
Karma: Censored (mostly affected by decency laws)
However, reading the text, the problem seemed more that the plant operators had indiscriminately attached critical systems to the Internet without proper firewall security in place, which seems to me to be a human, not a computer or OS, flaw.
Well of course Power Grid is feeling particularly insecure right now. I mean it's old and weak and obsolete and just got caught with it's pants down a few weeks ago. That kind of spectacular failure is bound to make anything or anyone feel pretty insecure. I doubt the last thing Power Grid wants is to have its insecurities examined publically! C'mon, people, let's not kick it while it's down!
watch this
Legacy systems, for example, may have been designed to run on private, 10-megabit networks, and as such, lack even basic security features such as firewalls.
Come - on! I grew up in Alfalfa County in Oklahoma. Serviced by the Alfalfa County Rural Eelectric Cooperative, fed by the GRDA (Grand River Dam Authority), OG&E and others. If those some of daughters have any net connectivity at all, it's likely to be based on dial-up modem tech, not even basic TCP/IP. After dialup, satellite connections were probably next and may still be the main choice for connectivity in all but the populus urbs and suburbs. Most of USA's power is source through rural areas anyway. I have extreme doubts that the majority of the carrier lines have direct net connections.
But, I guess this plays into the problem. You get some government regulated utility and interface it (in a few, key places) to the net at large and, coupled with the years of assumtion (in software) of a private connection and yes, the script kiddies could easily run amok.
I wouldn't have said nor believed the shite I'm spouting now, had it had been for the recent northeast blackout. Now I don't trust the national grid very much at all.
Well then it's a good thing that they only need to turn a _dial_, because I think almost any of us would get stuck trying to push one.
Did anyone bother to think critically about this? Did anyone voice a concern about the potential dangers? Did they really believe Microsoft's marketing? Lets consider the following facts. Telecomms use strictly Unix and not windows for a good reason. 1. windows isn't reliable enough, 2. windows can't perform under the immense load, 3. windows isn't secure, 4. any script kiddie can own you, even if you apply every freakin patch, 5. it will cost you your job when it fails.
CIO's should know well enough that there are hundreds of brilliant young hackers who can hack into just about any system they want. I know this from first hand, since I knew quite a few hardcore hackers who were 12 and already knew 5 programming languages. In fact all of them could write some hardcore particle animation in pure assembly and could read machine code. Most of them quit hacking when they turn 17-18. I would say these kids are typically in the top 5% of all programmers young and old. A couple of them were caught by the FBI for cracking software and selling it to bulletin boards, but most of them were never caught. The whole idea that hackers some how wouldn't find it interesting is totally denial. These kids love to hack for the challenge and getting in and out of a system undetected is a huge thrill.
... for Verano.
And if you connect ANY critical operating system to the Internet, frankly, you're insane. There's no sensible reason to do so. Monitoring your systems is fine, that's what a management network is for... but the actual core of the critical system should be as close to that powered-down concrete encased computer as possible.
Subscribe for free to my show!
Did anyone actually read this garbage before they posted it. This is absolute nonsense. The blackout had _nothing_ to do with computers, much less internet security. The blackout happened because a half-rate utility (First Energy) tried to squeak through an emergency without buying expensive power or shedding load. Period. They operated lines until the sagged into brush. Some small subtransmission and distribution lines had twice rated load. Do the math. That's four times the temperature or over 400C. That had zippo to do with M$ or any bleepin' computer.
It used to be that the utilities were highly regulated entities that had their profit margins basically regulated by the states they were in. They had to provide a given amount of reliability, and rate increases (and occasionally refunds!) were carefully scrutinized as to where the money went. You couldn't raise rates without showing some meaningful improvement that resulted from it.
Then along came degregulation, where the power seller and the power generator became two different things (which makes even less sense than the deregulated-but-shared local phone loop). Utility companies wanted out of the power generation arena -- too expensive, too many regulations, it was better to be in the new "commodity" end of the business, arbitraging power. So they split themselves into trading companies and generation companies, taking all the cash into the trading companies, who were deregulated and could spend it freely.
And then 10 years later, Enron and the whole deregulated power "market" has collapsed, and we wonder why we're 15-20 years behind the curve on power grid and other key infrastructure elements. All the money got spent on speculating in the newly deregulated power markets, and its all gone.
Nobody really pays any less for electricity, I don't have a bunch of people knocking on my door offering me their window electricity or biodiesel electricity or their pig shit methane electricity for that matter.
I only have the sheepish looking local utility trying to explain to me how they're trying to fix the power infrastructure built in the 1970s with the cash made in the 1980s which was spent in the 1990s on the promise of getting rich in the new millenium. When in fact, they actually need me to pay the prices of the next millenium for the service delivered in the 1990s, and, oh, would I please only use as much power as I did in the 1970s?
The valve at a dam probably doesn't need to be turned very often, so it's economically tempting to save the cost of 24/7 onsite coverage and have one central operations center.
Remote monitoring is all but imperative. The plants are already in a cooperative network sharing their power. Everyone on the grid needs at least basic information about what's going on.
None of which is ANY excuse for a direct or indirect connection to the public Internet. This is a job for a private network, and I don't mean a VPN that can be DOS'ed when a worm spreads through the public network.
We must encourage the development of high-end fusion generating stations
First, you have to make fusion work. Just once.
+1 Interesting? Who's smoking the crack out there?
Legacy systems will provide more resistance to viruses than any MS based system mainly due to the lack of coders with the knowhow to write viruses for such systems. Though when paried next to and on networks containing Microsoft based systems a MSVirus could cause havoc just by crippling the network that those systems rely on.
In any case a system using NFS/NIS would be especially vulnerable to traffic floods by MSVirii due to the lockups that can happen when high traffic causes such file/security systems to fail.
I've seen flapping interfaces on certain cisco equipment that have made messes of NFS and NIS based systems requireing a total reboot of the entire network from the top down. And the flapping can be caused by recent MSBlaster virii that has recently seen action.
As a safety precaution the legacy networks should be extremely firewalled, and not allowed to work on any shared media that also caters to any Microsoft systems. Such seperation of the network would prevent either from spamming the other to death. Also in many critical areas private networks with private loops vs being carried over the internet should be considered with backups such a MicroWave or Sattelite communications to critical centers in case of any large infrastructure outages in your carriers network.
I'm sure the government will step in and ensure changes are made before we have a massive blackout.
The global economy is a great thing until you feel it locally.
I have taken myself off the grid years ago,using Solar,Wind,Hydro power(tapped into the abandoned Hardburly Deep mine and using the water to generate power) and have a 20kw diesel generator for backup.
Most of the power grid problem stems from the fact that very little maintainence is being done.The Power lines out here have been here since the late 1950s or early 1960. Every time it rains,you can watch an electricial light show less than 50 ft from my home.(Phone calls to the power co.does no good,so I informed the Public Service Comission about it,sending a video tape of the light show.AEP now has 10 days to change the lines out or get fined to the tune of $50k/day!)
Greedy utilities have brought this on themselves.Cutting jobs for the maintainence personell,doing nothing about aging lines, and then asking "WHY is this happening?
"We call ourselves Homo Sapiens Spaiens.Our true name should be Home Stupidus"
Geek Hillbilly
Evidently you're forgetting the 1996 blackout that Canada had nothing to do with... and then there was one in seventy-something... oh, and the ice storms a few years ago that Canada sure as hell didn't cause...
On the verge of existence? That must have been Schroedingers' Bird - the last of which may or may not be going to have been eaten by a cat.
Recycle PCs and build a wireless community network www.hillsborough.org.nz
I work for a utility in protection and process engineering and we do not have any remote ability to change settings. As stated in the comment section of the article control and protection systems do not normally have any remote access even to on-site network operators. This philosophy protects everyone from the utility (employees/technicians) to the customer.
One key issue that seems to be on everyone's mind is the latest MS Blaster virus, could it have caused the outage? Not likely. As stated above our protection and control systems send data via leased phone lines and/or private fiber and do not have any connection to the Internet. Thus no possible way of receiving a virus.
Finally, to all of you who are dying and just can't understand why the investigation is taking such a long time...hang on! Part of my job is to study disturbances on the grid (ie why did the lights go out?). The studies take anywhere from a day to months to explain what happened. And remember the 1965 blackout study took over a year to finish.
This research was done years ago, and everyone in the power business knows how antiquated our power grid is. It's basically at the same level it was back in the 60s except a lot less power was being used back then. The power experts have been imploring the govt to do something but as usual they never do unless a disaster strikes.
It is only upon that foundation of trust and willingness to sustain our future in the glorious educational and intellectual freedom that an army of proud revolutionaries will rise to top of our societies ladder rungs of success and contribute to the greatness that gave this nation its long series of past successes and aesthetically pleasing pastimes that the populace enjoy while feeling all of the pride that their powerful forefathers must have felt upon founding this wondrous democratically based republic which stands for liberty and justice in the face of fierce resistance from the global corporations that threaten even our way of life not to mention the delicate balance to be maintained with nature before our way of life can be sustained. You know they keep sneeking into my house and stealing my meds. They must do it at night cause I haven't seen them but they know I know they're doing it cause they left me a message that said yhbt. Oh and did I mention Open Source?
A vurnerability that isn't Microsoft's fault. I suppose that we could blame them anyways though.... just for the fun of it.
...and many of you are liable to freeze (or in southern parts bake) in the dark. If it weren't for BC Hydro selling power to California's PG&E over the common power grid on the west coast it would have been a certainty. Moreover, PG&E DEFAULTED on MILLIONS of dollars owed for said power to BC Hydro--so perhaps the proper term would be BC GAVE California power. Sooo...who uses who's power grid?
Also, before you start singing a round of "Blame Canada" it has been determined to a high degree of certainty by industry experts that the most recent power outage originated in the US (notwithstanding out boneheaded prime minister's impulsive comments on the matter before anything was determined). One thing is for certain--it was the Homer Simpsons on BOTH sides of the border that allowed the outage to propigate to the extent it did (operator error, scheduled outages that left the whole system running at capacity, etc...).
Deregulation has been bungled in its implementation all over the continent, but moreso in the US and particularly in California (well...EVERYTHING involving goverenment in California is royally fscked and has been for the better part of the last decade). The process was always politicised and the fledgling market manipulated by the established players and governments no matter where deregulation happened.
The concept is sound however...creaky old mandated monopolies should be broken up and the system made as open as technically possible to as many potential generation sources as possible. Decades of monopoly (in generation particularly) set us all up for the situation we are in now.
As a result, we presently have a handful of creaky, large utilities running creaky, large power plants with obsolete technology--and newer technology tacked on with duct tape and baling twine with little attention to stability and security. This has nothing to do with what country you are in--it is the situation continent-wide.
I've worked in the industry and have seen it first hand--and this was BEFORE the industry was deregulated (they still had several 1988-era 386s and a 286 in use--in 1996!). The argument then was that competition would compel established players to innovate and become more efficient. NOTHING has changed in these plants since deregulation--they are moving no slower OR faster in bringing new capacity to the grid. Only now demand has reached critical levels as predicted by some years ago. Only the argument has changed. Now instead of being the solution, deregulation is cited as the reason for problems (careless cost cutting rather than being sheltered from competition).
I'm astonished (but not entirely surprised) that since I was last in a power plant that there has been enough integration of critical systems into the general network that blaster-like infections could disrupt operations. Back in the mid 90's where I was, there were two distinct networks with NO connection at all (be it physical or not). If course, the 'net wasn't what it is now either and dozens of on-site employees had to rely on a 56k leased line for outside access.
Hopefully the blackout made everyone feel vulnerable enough to wake up and put at least as much or more into security and stability as they did into y2k compliance...
Maybe I'm just being an anal-retentive grammar Nazi, but I simply can't respect an author who uses the non-word "virii" in his works.
Sorry. It's simply not a word. He might as well be writing in l33tspeak.
Jeremy
Looking for a Python IRC bot?
We know the big problems we are facing today are due to Windows worms.
Don't ever plug a critical system into the Internet please. Even if we remove every last Windows system that wouldn't make it safe.
Maybe this is a good thing that we have so many poorly designed Windows systems on the net today. People will learn not to trust the network and be prepaired for worms, viruses and all sorts of madness.
But let's say 20 to 50 years from now there is no Microsoft and the populare operating systems are BSD, Linux, MacOsX and Solarus. Save the day? Nope.
While there is no excusing a sloppy a major product operating system like Windows you will always find systems just as bad or worse.
OS/65, Lunix and a whole batch of operating systems exist that could present a horrific nightmare of problems. They are not powerful they run on low end computers and are made entirly for project systems.
You will always find one such system running someplace at some time for some reason. Not just poorly designed commertal systems or obsolet versions.
You'll have improperly configured Gnu/Linux boxes, Obsolete Solarus boxes, Linux code poorly patched to run on BSD (not the BSD porting team), Any system with the security disabled for admin or user convence, neat hacks and cool projects that aren't ready for prime time, "my sons wifes great aunts dentist says...", "I saw it on Slashdot" (Or the slate or 10 o clock news), "Your firing me? Fools!! They'll rull the day they desided to mess with the BAFH" and Collage student with very populare website desides to post a link on his very populare web forum to your cool website and all you have as a screen saying "/. Error"
I don't actually exist.
As far as I'm concerned, this is the big news to come out of the whole incident, and it's apparently being suppressed by the mainstream media - the MS Blaster Worm could have caused the blackout. Here's what the article has to say on the subject, referencing problems with an earlier worm at a nuclear plant:
----
The Slammer worm penetrated the plant's internal network and lodged in an unpatched Windows server. The worm's scanning slowed the internal network to a crawl, eventually crashing the plant's Safety Parameter Display System, according to reports.
While legacy control systems are often UNIX-based ("Control-Alt-Delete scares power plant operators," Ahern said) and thus immune to MS worms and virii, their 10-megabit networking technologies can easily be overwhelmed. "Even the load from leading intrusion detection and monitoring systems can create a denial of service and shut these plants down," Ahern said.
Even though DOE and other sources ruled out cyber attack as a cause for this month's blackouts, Ahern said that control systems are so wide open that no one has the data to credibly make that determination.
----
How long is it going to take for our corporate clowns and the government it bought & paid for to realize that Microsoft Windows is a collection of security holes with a pretty front end? Is it going to take something even MORE spectacular - nuclear meltdowns, planes falling out of the sky, chemical plants belching toxic clouds - before the pinheads in power wake up to the danger Windows represents?
Windows is a proven threat to every other system and device on the Internet or connected to anything on the Internet - even devices which themselves don't run Windows. The government should be mandating that Microsoft institute a crash program to close ALL of the known security holes and obvious vulnerabilities in Windows, and to do so immediately. Close all those damn ports already, and kill all the useless services and the ability to run code from the fucking e-mail program. It's not like M$ doesn't have a few billion to burn mailing patch CDs out to all of its customers.
The software and management side don't tell the whole story. Combine that with the power grid physical security and infrastructure issues and then you have a glimmer of how thin the electric thread we depend on really is. That's not being paranoid, that's being practical. It's a challenge from a cost position to be completely grid independent, no matter where you live. But it is feasible, at least technically, to be less grid dependent. The best cost/benefit balance I've found is to have enough wattage to run the refrigerator, water pump, computer (of course), furnace fan and some lights. Doesn't leave enough juice to run a central A/C, clothes drier, or the other big draws. You really learn just how much electricity we use when you design an alternative power system. And it costs a lot of money.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
So they are imposing realtime requirements onto a shared medium (a computer network)? That's like not putting lights or sirens on emergency vehicles, and then complaining about not being able to get to the scene in time during heavy traffic.
No wonder virii can cause so much damage to the power grid. The whole thing was badly designed to start with!
Any sufficiently unpopular but cohesive argument is indistinguishable from trolling.
Everyone here seems to be to focusing in on Windows as a DIRECT cause of the outage... which isn't likely, of course, but what of an indirect cause.
The transcripts I saw talked of computer outage of systems that were MONITORING the grid, not controlling it. They said they couldn't see what was going on, not that they couldn't control it. Could the "non-essential" monitoring systems be networked but the control systems not be on the Internet?
It still looks like it could be that the worm caused a significant problem when some of the other power authorities could of worked around the cascade if they had notice... and if the companies could of seen what was going on they could of given that notice.
Possible?
Hackers controlling the power grid? Utter and total bull.
I work in IT for a major power company. Our control systems have never been hooked to our own network, let alone the Internet, and never will be. How stupid does this guy think we are?
We've been running computerized control systems in nuclear and other types of generation plants for years. We've had computers in substations and control stations monitoring, controlling and reporting status before most industries even knew what to do with them. I saw my first Z-80 processor in a SCADA system shortly after the Z-80 came out. It could talk any of 5 different control protocols and replaced 2 seven-foot racks of hot, high-current RTL and DTL control logic. It was a thing of beauty.
We're not newbs at this. And no way do any of our control systems run Windows. Get real.
Why would we even want to hook up a generating plant or substation to a network just so it can be controlled from anywhere in the world, BY ANYBODY? No way. No how. Nuh-uh. Ain't gonna happen.
We can't even monitor what's happening on the system from the company's own computer network. It's all totally seperate. And for good reason. Who wants a disgruntled employee or just some joker who's bored messing with the system? The only people who can make operational changes to the system are the people actually present at the secured control center or at the generation plants.
We run quarterly modem audits, company-wide, looking for unauthorized lines with modem. We even restrict who gets an analog phone line and whether they can receive calls on that line. Computers attached to the control systems get NO modems. Never ever.
Even our remote monitoring terminals at regional work centers require dedicated connections to the control center and are receive only. The control computers think the remote monitors are printers and only send data, not receive so they can't be hacked from there either.
It's impossible to get to our control system through the Internet. It could probably be done to some degree (perhaps sending a 'breaker open' command to a key substation, if you know which one), but only by hijacking an existing dedicated connection undetected, which is getting harder as we connect stations via fiber optic.
(Often we connect stations by installing the fiber near the high voltage lines on our towers, a security measure in and of itself. Imagine splicing a broken fiber hanging off a helicopter platform while the line 12 feet below you is energized to 350 thousand volts. No, I haven't done it, but I watched it being done and the crew earned every penny.)
If any utility out there has their control systems connected to computers that can be reached via the Internet (or modem for that matter), the persons responsible should be taken out and shot. Then taken to a doctor, stitched back up and shot again. Same for their bosses all the way up to the CEO.
Sorry if I seen a bit testy on this subject, the subject of keeping the control system secure has been drilled into me for more years than I care to remember. Now it's just automatic.
However, on the subject of aging infrastructure, I totally agree. I blame deregulation. Every utility is now trying to cut each other's throat trying to grab customers away from each other. To cut costs (and thus lower their prices to better compete), most if not all utilities have cut their expenses by eliminting maintenance, lengthening replacement schedules and cutting staff, specifically skilled line workers). It's a race to the bottom to see who can provide the cheapest service. And it will probably go on until the whole thing blows up on them. And unfortunately, us as well.
Beta sux! Join the Slashcott! http://hardware.slashdot.org/comments.pl?sid=4760465&cid=46173047
Well, you might want to look at this article, which includes a description of a solar installation in Woodbury, Minnesota. This suburban community is neither country-like nor particularly sunny, but the guy put solar panels on his roof anyway.
Also, Sustainable Minnesota has plenty of information on use of solar energy in the great white north. Unfortunately, I couldn't find any concrete estimates of the economics of these installations, but with the hefty rebates/tax breaks given by the state ($3,000 back on a $8,500 system!) and selling power to the utilities through net metering, some claim a payoff date of "a few years" for small industrial/commercial installations. A homeowner would probably have to wait awhile before the system started paying off, though.
Of course, the real way to generate renewable power in the upper midwest is wind. In fact, the utilities up here are happy to build wind farms, but that requires building new transmission lines to remote areas, which is always a problem.
A script kiddy would never bring down the power grid...If they did, they'd be bored out of their Internet-dependent minds. Can you imagine these types of kids playing scrabble or cards?!? Or worse yet, being forced to take the opportunity of a black-out to spend quality time with their families. The Horror!
--
Luck is just skill you didn't know you had.
THis will be "seriously discussed" for about a month.
Then something else more entertaining will show up, and this will be brushed under the rug for 5-6 years, until it happens again.
Repeat ad nauseum.
The entire country has ADHD I swear to god.
"We know the power infrastructure is--oh, lookit the kitty..."
I believe the protocol used to manage this stuff is SCATA or something like that. I also believe that it's security model is quite like telnet.
I have heard they were going to beef up their security but I wonder if they ever did.
Like a lot of "market failures", this one has arisen because of boundary issues between private and public spheres of ownership and control.
This article from the Von Mises Institute explains it far better than I ever could.
Classical Liberalism: All your base are belong to you.
http://www.gepower.com/corporate/en_us/aboutgeps/
I think we should do what makes the most sense. For instance, if we're burning fuel to make heat and we need electricity too, we should look at heat engines to convert a little heat to power along the way. It probably makes more sense to create storable fuels via chemical or biological processes (like crop wastes or the hydrogen from algae trick) instead of converting solar or nuclear electricity into hydrogen. Then there are the no-brainers, like compact fluorescent bulbs, hybrid vehicles, insulation and daylighting. None of this is rocket science, it's just attention to detail.
Time is Nature's way of keeping everything from happening at once... the bitch.
Just goes to show, sometimes the most obvious thing is not the right thing. (And isn't Bergey's biggest machine all of 10 KW?)
Time is Nature's way of keeping everything from happening at once... the bitch.
I installed SCADA at control centers and yes we build our own network and yes Our techs come in and plug there laptops into that network to do maintenance. It is not secure from outside infection. As for the Windows issue that is also untrue and yes you are wrong.
I can't agree more. OS X is my personal GUI of choice these days -- and yeah, since the beta release I've seen this thing go down maybe 4 times (not the "server" edition, not that it matters much). I was, each time, completely beating the hell out of the system -- and one of the times I had successfully mounted the core _live_ OS X file system (/) in a Linux based VirtualPC running on said file system. It didn't last too long... :)
I've run Linux for years upon years without interruption and my record keeper was a Netware 3.12 box that ran a few weeks shy of a decade. Still unacceptable for some kind of failure that could end a life (!)
The big benefit to many of the Un*x's is that 99% of the updates (pretty much short of a kernel swap out) can and are updated with no reboots needed. Simply restart the given service leaving all other services up and running. The end user typically may notice a "hickup", but not much more.
Three letters for you then: QNX>
Quebec had the foresight not to connect up to the grid at all. Here in Montreal the power hardly flickered!
I think that the moral is clear. To have reliable power be self-sufficient and stay away from the power grid!
IMHO mass upgrading the systems will result in more trouble once WINTEL boxes are more widely deployed.
Throwing money or regulatory 'breaks' is not the solution. The FERC needs to do some serious work and stop letting the CFOs write the RFCs
If there's anything that 9/11 taught me (and should have taught the rest of us), it's that sometimes, the "best" attack is a low-tech one...
We can have high-tech biochemical sniffers looking for anthrax and C4, etc., but who really would have thought of stealing a plane or two and flying it into a building? Really - think about it. It's pretty low tech, but extremely effective...
Same thing with the power infrastructure - why worry about hacking in? Figuring out passwords and all that nonsense when the FUCKING INFRASTRUCTURE IS OUT IN THE OPEN!?!?!
Drive down any road - and you're likely to see a power line, a transformer, etc... I'm sure we ALL know where at least one substation or transmission line is located. AND they're out in the open...
Have the brains engaged yet? Think about it folks - dig out the old graph theory notes from your data structures classes and then plot out the national power grid -- just the big ole transmission lines...
What happens if you make some cuts in that graph? Wanna bet that about 7 pieces of wire would do it?
You don't even need explosives... some wire, maybe a bicycle chain or two and a modified potato launcher would do the trick... and blamo - lots of chaos and commotion... (and yes, I DO know someone who was a complete moron when he was 14 yrs old and tossed a bicycle chain into a transformer at a local substation.... but I digress).
How are you planning to protect the entire infrastructure against attack? Even if it's redundant, and resiliant - a bit of thought and you're right back where you started....
I don't have solution to this intractable problem - Do You?
Well, the problem is, my 2 computers alone (400 watt power supply each), and my fridge use about 10 kWh a day. And they don't run 24h a day. So I'm afraid that after this use investment, I still need the grid.
And did I mention the snow storms that will put the contraption out of use for days?
Did I also mention that solar cells need to be replaced every 10 years at least, when they degrade? And that manufacturing a solar cell costs actually more power than the thing will ever generate?
Aaaah, so that is why there aren't solar cells on every roof. It's not a conspiracy by Exxon and the Bush family.
It's because when you do the math, you see it is not worth the trouble.
Of course, the solution is simple: don't do the math and keep pushing solutions that don't work, then blame the oil companies.
Alternately, you might want to wonder why France is generating 75% of its energy with nuclear plants licensed from Westinghouse and still doesn't glow in the dark. Naaah, wouldn't work elsewhere.
--
Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/
because it is in the Wiki
Not a troll.
I also work installing SCADA control centers, and yes this does happen. However, usually there's a extreme lack of windows hosts on our control systems so virii are not much of a problem.
The parent works in a company where they're doing things right. Audits, checks, and a lot of hard work to ensure that the system stays secure.
But sometimes I install a software upgrade, only to notice a new host on the system... Well, someone was only trying to leverage the "extra" ports on the switch. Or marketing needs access to the historical records for analysis. Big companies which are prepared to take security seriously have no problem, but there are others...
Horrible others, which have personnel connecting homebrew "proxy" boxes so they can view the web after hours. Systems where every operator has the same dictionary password. Systems where the security camera video feeds get "rerouted" to allow the viewing of Sienfeld. Systems where the SYSTEM ADMINSTRATOR can't remember how to change directories in UNIX or the difference between a command, and that command's argument.
These dark corners are usually cash strapped companies, so yes they scheduled to replace X five years ago, but hey, it sill works, so let's get our money out of it.
Unfortunately I have to post anonymous, as I still intend to make my living scrambling to refactor for security
{power line on the couch talking to the doctor}
Powerline: Doctor, people don't like me, and I don't think I can take the load.
Doctor: Tell me about your mother
Maybe at your company, Dilbert.
Ever look at the point where your company swaps information with other utilities? I don't mean credit histories. After all, nobody would be foolish enough to bridge the control networks with the outside world... and you don't have any TCP/IP running around between the pretty displays and those SCADA systems, right? And it's all the most modern internal IE based web stuff with active-X and java and a little
I mean, no PHB or mid-level manager in a deregulated utility with dreams of being the next guy to win the Montana Power and Light Institutional Ethics award would ever confuse all that fiberoptic cable running control information with, say, providing a little internet backhaul, right? And your exchange administrator, he's always on top of it, right?
Timmy... Timmmmmmmy... Wake up, Timmy - it's time for school! Hurry up, sleepyhead. Were you dreaming?
All I can say is: Imagine a world where an MCSE hefting consultant with little more than some Netbui LAN experience and a puffy resume managed to persuade the folks (who were a tad out of touch with this new fangled internet thing) that he had the answers about how to update the utilities and bring their business into the 21st century. Next, imagine how a fixation with buzzwords and a poor grasp of how the protocols actually work might lead you to build an ugly communications system that was so obviously crocked up from using access and visual basic that it made your head spin. Oh yeah, guess what else? with active server pages and cold fusion, it can be web based!
Now imagine connecting hundreds of power companies together to transfer electricity according to a message passing system (well, a handful of variants built by private companies to the half-baked specs mentioned above...) and then deciding that it was cheaper and better to send those messages over the internet. Unencrypted.
I can't tell you the number of times I've seen supposedly protected private internal "important business" networks bridged to the internet to overcome the limitations of legacy (read vax) hardware and an endless stream of rotating programmers with no ability to understand cause and effect. Or flat files. Or how to debug serial interfaces. The fact that these "private" networks actually pass all the SCADA information and decentralized control information back and forth mixed right in with MSN, AOL & yahoo messenger traffic might make one wonder, but heck, such important traffic will have decent firewall and IDS systems.
Yep. After making all the mistakes enough times to learn from them, the system will one day be pretty good. They're mucking about with XML now, and succeeding at turning really simple processes into expensive, unreliable software... which controls our grid. It's better now than it was. On the plus side, I get to go home early when we can't run the network because it's all dark. Sometimes I think having the occasional blackout keeps us from being too pompous and pretending that we actually understand and control everything. Thank
I am sick of control, this might not be the right place to talk out about canada's problems in general but lets say the US already has control of our power, as proven with the california state vs bc hydro, they also control our lumber industry (softwood trade agreement), our wheat industry, our cattle industry (thanks to mad cow), we might aswell give it up or get invaded at this point. No one cares about us and we are so small that we get bullied into everything anyways. I say divert all the rivers leading into the states into the lower half of Alberta and Saskachewan (to those not familiar with canada its the 2nd and 3rd most western provinces) cut the power lines (thus fixing the grid problem), stop all exports and imports to the states, and give them the middle finger.
Now, why did they *blow up* the power plant, but *hack into* the backup-grid??? It seems to me that it would be much easier to *hack into* the power plant and -if necessary- *blow up* the backup-grid???
They wouldn't even need to use Un*x hacking-techniques, just take a wormed laptop, plug it into the lan and wait for half the east/westcoast to come to a halt.
This unique sig is intended to make this user more recognisable.
We're starting to see a few problems appear more than once, though.
-
Telecom vulnerability to power failure.
-
"Non-critical" systems that aren't.
-
Cross-connection between business systems and control systems
That's a more realistic picture of what's going on.AT&T was determinedly independent of the power grid in the days of Ma Bell. Every central office ran on 48VDC storage batteries, with backup generators. The backup generators were started once a week, and run for several hours once a month. Once a year, each central office ran for 24 hours cut off from external power.
That was a long time ago, back when AT&T was a regulated monopoly common carrier. In the new, competitive era, that depth of backup can no longer be assumed. Carriers in trouble (WorldCom, Adelphia) tend to cut things like that.
The details aren't in yet, but it's beginning to look as if, during the recent big blackout, some comm links went down very early, so that the fault information that's supposed to divide the grid cleanly into islands didn't get through. Once all the logs have been correlated, it will be clear what happened.
A few weeks ago, CSX, the railroad, had a shutdown due to a virus. Railroad signalling has used "code lines" for decades, for remote control of switches and signals. These are basically serial links over which commands and responses are sent. The safety logic is local, but if you lose a code line, the dispatcher can't throw switches and route trains.
The tendency to centralize train control has resulted in a need to transmit code line signals hundreds or thousands of miles. So they tend to be multiplexed over telecom-like facilities. CSX apparently routed theirs over their in-house general purpose network. The routers in that network were managed by a network management system that ran on Windows. When the Windows machines went down, system management of the routers stopped, and, after a while, this apparently took some key routers down. So a "non-critical" system actually stopped train movements.
It's really convenient to be able to see what the plant is doing from your desktop. Order processing is more efficient if the sales network connects to the factory network. Energy traders need to be able to see what the power plants are doing, and give directions to power dispatchers. These things all create vulnerable paths.
"Telecomms use strictly Unix and not windows for a good reason"
Just for information, most of the systems of France Telecom are running OS/2 (yes, it is still used somewhere !).
Taking into consideration what they use forgs for, that would come as no surprise.
YOu'd think that nuclear power station control systems would be connected to the net. THey should be stand alone. Whats doing with that.
'Its pronounced New-cu-ler, Honey' - Homer
-- Karma Karma Karma Karma, Karma Chameleon - Boy George
While the article was right when it comes to internal networks to the control stations (such as ISOs) the extent of insecurity in the energy bussiness is far greater that most people can think of. The fact of the mater is the reason most of the grid is immune to hacker attacks these days are the devices that control power transmission at the lowest level (relays, they control the circuit breakers) are all vt100/rs-232 terminal devices hooked up to aging modems 19.2 is the fastest I know of. Theses relays form the base level of what the power industry calls SCADA (system control and data acquisition). Unfortunately, the vast majority of relays still use the default password, and of course even if it is changed the password is probably going to be the same across all of a companies relays (I haven't seen a relay that has a password attempt lockout either). Of course nobody war-dials anymore so these devices go untouched. Security through antiquity.
He was upgrading a simulator belonging to a well known German airline company and this meant pulling interface cards. As the XP systems came from the simulator company, they were not running corporate edition so they came up asking for a new keys in the middle of the night (all those hardware changes) whilst he was doing his maintenance.
Of course the machine wasn't on the net. There wasn't even a telephone nearby (mobiles don't work there) and he had to go three floors down to find an accessible telephone to get the systems reauthorized. Additionally, many offices are locked overnight. He was not happy.
These days it is very difficult to run machines without any network connection.
See my journal, I write things there
The author of the original post obviously has some half-knowledge about how things were done a while ago:
They USED to do it that way, although I must amend, that the guy doing the splicing would either hang from his feet from a cable attached to the helicopter, or would actually be suspended by holding onto the rope with his mouth!
Nowadays of course, management has realized that such methods are haphazard to say the least and the splice crews use jetpacks to get to fibre.
Oh the days, back then, running nuclear powre plant control systems on the Sinclair Z-80. Nowadays of course, we use at least PlayStaton II's to take care of them there reactors.
While the above is technically true, there are some aspects that you neglected. E.g. you could also send the "breaker breaker" or "breaker ultimo" command from one of the key protostations upstream or down by the river and use that to hijack any connection *directly* into SPECTRE's secret lair, located conveniently in the nose of Abraham Lincoln's portrait on Mount Rushmore.
Uuups! I think you're mixing up how things are done down at the nuclear power plant and how things are done in SPECTRE's scret lair. Don't worry, happens to me all the time, too. But say, you talk to much... would you mind sitting down on the chair on top of the trap door in the conference room in ze Zeppelin?
I'm glad I'm currently out of moderator points, because I couldn't handle the responsibility of modding the parent comment ;-)
We can only hope the script kiddies have the same insight as you.
quiquid id est, timeo puellas et oscula dantes.
and this is the one who's alarms were fuddled. (GE-Harris Transient Recording System) according to accounts by former employees. Old unix systems are often shaky because the code is shaky.
If it were done when 'tis done, then t'were well it were done quickly... MacBeth
I'm assuming whenthey say 10 megabit they mean 10 megabit ethernet.
Repeat after me: "Ethernet is not an appropriate networking technology for industrial control systems!"
This is exactly the type of environment that tokenbus (IEEE 802.4) was designed to handle. Tokenbus can guarantee QoS and does not require a "master" node, so it is immune to that kind of single point of failure. Tokenbus was designed with factory automation in mind - IIRC the major auto manufacturers in the US were big players in the committee - so it is optimized for the industrial environment.
FYI, tokenring is similar, but not identical. Tokenring is a simpler standard that requires a master node. A ring can be locked up if the master node goes into a strange state. Rings are fit for applications where a network failure would be inconvenient, not tragic.
It seems to me the that real problem is inadequate transmission capacity coupled with sky-rocketing demand. Everyone wants to turn on their air conditioner and power-hungry PCs, but nobody wants to have a power line in their backyard. Throw in parochial state utility regulatory boards, half-hearted attempts at deregulation, clueless execs at utilities, and Enron and you have the makings of a bigger mess than even Microsoft can create.
Its too bad we can't just double the clock rate on the power line and transmit twice as much power. Twice the clock rate = twice as fast = twice the power??? OK, so it doesn't work like that -- but then I never understood how those tiny little electrons could go through solid metal anyhow.
120 Hz anyone?
Two wrongs don't make a right, but three lefts do.
The real problem with the grid is that the midwest and the south have not modernized their --people- systems. The PJM grid and to some extent NEPOOL have been moving to a more RTO model that allows for a good balance between a clear market and the command and control necessary to avert disasters.
First Energy made the wrong decisions during the blackout. Let us recall the sequence of events.
a) High voltage lines from Canton to Cleveland drop off line
b) Cleveland begins pulling power from the rest of the grid
c) Normally outbound power from the midwest begins to "flow" back to the midwest.
d) This causes power plants in Michigan to trip off line... by this time the regional disaster was largely guaranteed.
The correct move for First Energy would have been to disconnect Cleveland from the grid off line, immediately.
Even better, had First Energy had a decent vegetation removal program, the transmission line would not failed in the first place.
So basically, had First Energy kept the lines clean and been willing to bounce Cleveland from the grid, their would have been no wider blackout.
But they didn't. They are a utility, not a regional grid operator.
Had this happened to say some power lines from some place to Philadelphia, PJM would have yanked Philly from the grid, told the utility to fix the lines, and there would be no wider blackout.
And, by the way, PJM has a more transparent networking market. Just look at the whose got the better web site, PJM or Midwest ISO?
This is my sig.
I can't help but find it amusing that an article about open source software helping the situation is plastered with MS ads.
Well, that's not entirely true. Quebec's power grid is connected to the rest through high-voltage DC transmission lines, because their AC grid runs at a different frequency than everyone else. The HVDC lines effectively isolate them from the rest of us.
sigs are for suckers
I guess causing a power outage is the hackerish way to test a UPS for proper operation. Its "better" than pusghing the test button or pulling the plug on the UPS itself because it ensures that you did not forget to plug the wall wart for the router into the UPS. It also simultaneously tests all the UPSes (UPI???) in the house/office. It will also tell you if your local internet connection (be it modem, DSL, cable, someone else's Wifi net, etc.) is dependent on the local grid.
Two wrongs don't make a right, but three lefts do.
...the "Great Blackout of 2003" was indeed initiated due to Windows-based SCADA system controllers in Ohio power facilities that were indeed carelessly placed directly onto fully-routable Internet segments with absolutely no form of firewall protection or VPN at all because the SCADA software won't work behind a firewall and the companies were too cheap to buy secure private network WAN links between their sites and were using the public Internet instead. These machines were running W2K as the O/S, unpatched of course, becuse the SCADA software is not "certified for use" with all MS's service packs and patches (lazy sysadmins too) and were promptly infected by the first onslaught of the MSBlaster worm.
There is presently two big political forces happening over this right now: a coverup operation being spearheaded by some very senior state and federal government and power industry people, and a witchhunt-style investigation being spearheaded by another group of powerful government and industry people. It's going to be quite interesting how this is going to turn out. Some heads are gonna roll either way.
the solution here in PA was to install and run a backup Genset system when the power company signs off,,,, this happens a lot by the way. how we, ( a small company ) managed to handle this issue 2-3 years ago is still amazing. how they, (everyone else) did not, is also amazing but predictable.
Also included in the sorry mess were AIX, KShell, and X/Motif.
Anyone who has ever worked with one of these systems knows at least one application that could not be trusted. All the MS bashing that goes on here is totally blind to how crappy any application can be on any platform and how dangerous it is to trust any one system.
If it were done when 'tis done, then t'were well it were done quickly... MacBeth
I'm a PhD physicist, and have been involved (on the periphery) of some power switching issues at a major research facility. One of our problems was putting a lot of power into a small space quickly--it turned out our switching problems, etc., were mathematically identical to the problems of running a large interconnected power grid. Can you spell chaos--mathematically, things are unstable and unpredictable, and a lot of very bright people have been working for a very long time (read decades) trying to come up with robust control/stabilization mechanisms. As I recall (this was 10 years ago), one of the better improvements in all this came from a Chinese PhD we had who was put to work in this department, and who, not being fluent in english didn't know enough about it to know it was an "impossible problem", just sat down and bulled his way through to what was for us a workable solution (our problem was vastly simpler than the national power grid).
The long and short of it is that so long as there is major interconnect, with large proportions of power flowing around destined for non-local users, there is (as a mathematical truth) no possibility of acheiving a stable grid!
Has everyone forgotten what news is? Whether or not this guy Ahern makes some good points, (and I agree he makes a couple) this newsforge story hardly seems to rise above a Veranopress release! Ahern is CEO of Verano, a control systems provider. He's arguably an expert on Control Systems, but not on the root causes of the blackout, or Open Source. Boo. Hiss.
Yea I was not trolling either despite my nick. There are problems and if there were not then techs would not be needed. THanks
Bullpucky!
Quebec runs 60Hz just like everyone else in NA.
They implemented the HVDC links to isolate their grid from the US BECAUSE of the last power failure.
On the flip side the operators in the Southeast, DUKE, Progress, SCANA etc are doing a 'first energy' big time. Just look at the mess they made at GridSouth past few years.
NICE ADV- shitty product
Power can't just be produced... it must be produced in a fashion that is useful to the overall grid. It must:
The power factor correction is the one that works against distributed power generation - a large number of small operations is difficult to regulate to match the grid demand. This is one reason why BC hydro, who generates most of its electricity with hydro, operates a natural gas thermal plant in the middle of Vancouver. They need both a source of power and a turbine that they can dial in phase shifts to respond to the back-emf from the users on the grid. Try that with your solar panel!
-AD
What's wrong with Ethernet in this situation?
Mom says my
How long was your payback horizon? Usually the cost/benefit doesn't really kick in until you're over 12.5 cents Kw. We're at 6.5 here, so my break even is farther out.
My sister's house next door is on the system,with 15 kw to spare.
Sweet. You could run another house with what you have left over. Gotta be nice having capacity to burn.
Hydro-power(Never has went dry yet)
That's a big bonus.
Solar(power storage for 7 days average use.The Batteries are huge.)
Which brand? Some of the big boys are upwards of 200 lbs each. You keep them in their own shed or did you spring for battery boxes? To keep them in our (attached) garage I'd have to get boxes. Adds a lot to the cost and then if we move...whew, lot of weight to haul around.
Granted,I have gone to extremes...
Well, I don't think so, but some people might. Unless you live in town I don't see any reason to depend on the grid anymore and there are a lot of good reasons not to. Ever consider doing a write-up on how you developed your system? I'll bet there's plenty of interest now.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
I'm not sure it would be all that complicated to send bogus operating commands to the RTU's. I developed SCADA software for Landis and Gyr a while ago, but I bet ya I could probably still decode the little packets going back and forth from the SCADA systems to the RTU just using a serial line analyzer. I used to dump the packets out for debugging and it didn't take long to get my eyeballs calibrated to the data. So it's not as tuff as you think.
Once you get that nailed down, ya just gotta tell those great big, oil filled breakers to trip.
There goes everybody's lights....
best regards,
buck
I agree that it is (sorta!) easy to fake an operating command to the RTU. What I was trying to say is that the situation would still be noticed by the SCADA and by the command center, possibly generating alarms, since the neighbouring measures would indicate the real state of the equipment. Some State Estimation software even infers the real state of switching devices through measurements... So, even if you manage to, for ex., fake the opening of a breaker, the measurements on the opened side of the network would show 0 (zero), generating an alarm in the control center, triggering imediate action.
Best,
Joao
Thank you for this long, elaborate answer. Top that up with Wind power, Tidal power, Hydro-electric, then make sure houses use energy saving lightbulbs, are well insulated, etc, and you can have a national energy system wihich needs little or no coal/oil/nuclear.
Actually, hydro-electricity is used as much as it can now. Every new dam implementation is an environmentally dangerous project, especially in Europe.
As for alternate source of productions, let's see. France generated 517 TWh in 2000, 76% of this nuclear. I don't have more recent figure. For the UK, the figure is probably similar since the UK has a larger GNP than France. The country has an area of 500,000 km^2. That's 517*10^12/365/(500000*10^6) = 2.84 W/m2. Now, if you factor by the usual availablity factor (70% efficiency, 8h/day, 120 day/year), you find that a solar generation density would have to be an average of 37W/m^2. How much solar panels would that mean? Well, the best solar panels out there generate about 200W/m^2. Some say 400 W/m^2 is reachable in the desert, provided you use arsenide panels, but these panels release arsenic. Let's retain 300 W/m^2. 37/300 is 12%. So you'd have to cover 12% of the territory with the best available solar panels in the world to reach that kind of power generation.
It is theoretically feasible, but the inhabitant of this one eight of the land would be pretty pissed off. The cost would be staggering. To give you an idea, the total area of all semiconductors manufactured in the world in 2000 is a couple of square kilometers (look up silicon wafer production stats).
Solar energy production is only viable in space. Once we have cheap access to space, it becomes feasable to deploy very large solar arrays in space that can operate 24 hr/day and beam their current production as microwave to receivers on Earth. That's the cleanest energy. But that's still far away, alas.
Regarding MOX: The technique you describe sounds good in theory, but in practice reprocessing still generates unacceptable levels radioactive pollution and waste that is still very difficult to deal in practice
Yet something has to be done to consume the stockpile of plutonium. Even if tomorrow, little green men pop up and give us a solar energy-generating space station, we'll still have the plutonium stockpile problem. Now some people say we have to bury it. This is a cop-out. Who knows where it will leak? Moreover, future scientific breakthroughs might find a solution that elude us today to turn plutonium into something less toxic -- provided their crazy ancestors didn't dump it in a geological fault. Right now, MOX is the only existing process to reduce the plutonium stockpile. A sad and imperfect reality, as often.
And the point is - why bother with nuclear, why take the risk?
Because I prefer to be downwind of a nuclear power plant than from a coal power plant. Or a heavy fuel power plant. Both pollute enormously, directly or indirectly. See the Prestige tanker still barfing heavy fuel pellets on French beaches? It was loaded with heavy fuel for a power plant. As for coal, by burning millions of tons of it, we release more naturally-occuring uranium every year than Chernobyl ever spilled, as you probably know. And look at the pollution by coal mine fires.
It's an imperfect world. Until we have clean power, we have to find a way to generate it. Nuclear is the less polluting alternative. Yeah, I know, Chernobyl yada yada, but in July, 58 people died in China in a coal mine accident, as an example off the top of my head. Civil nuclear energy still has to kill as many people as the oil and coal power plants do.
Ok, I will get off by soap box now.. :-)
I appreciate that you took the time to present your arguments. Thank you.
--
Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/