Slashdot Mirror

← Back to Stories (view on slashdot.org)

Greek Hackers Target CERN's LHC

Posted by ScuttleMonkey on from the try-try-again dept.

Doomsayers Delight writes "The Telegraph reports that Greek hackers were able to gain momentary access to a CERN computer system of the Large Hadron Collider (LHC) while the first particles were zipping around the particle accelerator on September 10th. 'Scientists working at CERN, the organization that runs the vast smasher, were worried about what the hackers could do because they were "one step away" from the computer control system of one of the huge detectors of the machine, a vast magnet that weighs 12,500 tons, measuring around 21 meters in length and 15 meters wide/high. If they had hacked into a second computer network, they could have turned off parts of the vast detector and, said the insider, "it is hard enough to make these things work if no one is messing with it."'"

11 of 445 comments (clear)

  1. Why is that even possible? by Reality+Master+201 · · Score: 5, Insightful

    Why can anyone get to the control systems for a piece of equipment like that from the internet?

    1. Re:Why is that even possible? by Directrix1 · · Score: 3, Insightful

      This is from telegraph.co.uk . It might as well be the National Enquirer, and placed up there with Aliens that impregnated Britney Spears. I wish slashdot had a bury button.

      --
      Occam's razor is the blind faith in the natural selection of least resistance and in universal oversimplification. -- EF
    2. Re:Why is that even possible? by Anonymous Coward · · Score: 4, Insightful

      Hard to sneaker-net data to a > 1000 machine grid.

      This system is a bit larger scale than you suspect.

    3. Re:Why is that even possible? by jd · · Score: 4, Insightful

      Open Source should have meant that a few thousand eyeballs scoured that code over the years between being written and being used. However, those few thousand eyeballs can't see code that nobody is told about. I discovered the source to the various projects by scouring CERN's network and digging deep through nests of links and obscure references. The Yahoo group for discussing grid computing has barely been used in the past year, and none of it for this. If there are any records for these projects on Freshmeat, it's because I added them. The project summaries are vague, where they're given at all. This simply isn't an acceptable way of distributing information. Their brief notices on minor pages away from the real information are about as useful as a house demolition order being posted in a basement with no stairs or lights.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    4. Re:Why is that even possible? by quanticle · · Score: 4, Insightful

      Unfortunately, it's not always that simple. Sure, there may be a few universities that have secure leased lines running to CERN, but, given the prominence of the LHC, there are sure to be researchers not from those universities who want to run LHC experiments. Cutting off those researchers simply because they're at the wrong institution doesn't seem fair.

      --
      We all know what to do, but we don't know how to get re-elected once we have done it
  2. Can't we all just get along? by mpoulton · · Score: 4, Insightful

    Can't geeks just be happy for society's scientific accomplishments and not try to screw up a good thing just because it's possible? Like the guy says, it's hard enough to make these things work when everyone's working together. Assholes.

    --
    I am a geek attorney, but not your geek attorney unless you've already retained me. This is not legal advice.
  3. Re:The correct term by zappepcs · · Score: 4, Insightful

    I'm with you on the nomenclature issue. Such an important experiment and mankind in general offers far too many whack jobs who want to shut it down.

    The logic of the 'we're all gonna die' crowd eludes me. If nothing happens, all is good. If the world ends, doesn't matter anyway. All those that think they will go to meet their maker should be happy either way, right? WTF?

    --
    Support NYCountryLawyer RIAA vs People
  4. Um, for all you jokers out there... by rickb928 · · Score: 4, Insightful

    Wondering why the LHC is connected to the Internet 'at all'...

    Why was the Web even developed? Why was HTTP even thought of? Why was a graphical browser of any interest?

    CERN. Ask Mr. Berners-Lee. And then contemplate the irony of wondering this at all.

    Sadly, it looks like CERN needs to work on the security more, but hey, that's in the spirit of the World-Wide Wild Web, eh?

    --
    deleting the extra space after periods so i can stay relevant, yeah.
  5. Air gap and 15 Petabytes of data annually by fejes · · Score: 5, Insightful
    Ok, I know you want to think that this can be done... but how exactly do you air gap a system that produces 15 Petabytes of data annually and share that data with 100's of labs around the world?

    By manual entry, copying this data across the air gap (120wpm) would take:

    15,000,000,000,000,000 characters /(120 words/minute * 6 characters/word) = 4*10^7 years.

    Even passing that back and forth on hard drives means shutting about (15Pb/365/24 = ) 1.7 Terabytes per hour. (24 hours a day.)

    At some point, you have to admit that just connecting this thing to the internet and securing it is the right thing to do.

    --
    The more you know, the more you know you don't know.
  6. Re:what retard put it online? by profplump · · Score: 3, Insightful

    You could make the same argument about most computers in an office -- why are they even on the Internet? It's just unnecessary risk. Why do you have someone move an external hard drive from the public mail server to the internal mail server and visa versa every hour? The few people that actually need live Internet access can use one of the dedicated systems on another physical network.

    And even the totally impractical air gap doesn't really provide the protection you think it does -- it prevents interactive attacks, but it doesn't actually stop the flow of information to the Internet and back, it just make it asynchronous.

    But hey, why let facts and pragmatism get in the way of your system design bashing.

  7. Re:Not even a VPN? by databeast · · Score: 3, Insightful

    yeah, because there has NEVER been an SSH exploit or man-in-the-middle attack. EVER.