Slashdot Mirror
The One Sided Cyber War
Curseyoukhan writes with a skeptical perspective on the U.S. Cyberwar posturing. From the article: "The first shot was probably the release of Stuxnet sometime during or before 2009. Even though no one has officially claimed responsibility everyone knows who was behind it. Stuxnet hit with a bang and did a whole lot of damage to Iran's uranium-enrichment capabilities. We followed up Stuxnet with Flame — the Ebola virus of spyware. What did the Iranians fire back with? A series of massive, on-going and ineffective DDoS attacks on American banks. This is a disproportionate response but not in the way military experts usually mean that phrase. It's the equivalent of someone stealing your car and you throwing an ever-increasing number of eggs at his house in response. It's fascinating that Iran continues to do nothing more despite the fact that U.S. critical infrastructure currently has the defensive posture of a dog waiting for a belly rub. Keep that in mind the next time you hear that a 'cyber Pearl Harbor' is imminent."
It's fascinating that Iran continues to do nothing more despite the fact that U.S. critical infrastructure currently has the defensive posture of a dog waiting for a belly rub.
It's not surprising actually.....because attacking that infrastructure is not as easy as it sounds. It's not like any script-kiddie can pick up the stuxnet script and modify it to attack their local cell-phone tower.
"First they came for the slanderers and i said nothing."
...is the equivalent of the biggest kid on the block pushing everyone on the playground over in the mud, then claiming to be the victim if they throw a clod of mud back at him. Wait, that was in the summary...
It's been my experience that people from the middle east can't even stay connected to Dungeons and Dragons Online reliably let alone hack the US government. I don't think they quite have the technical infrastructure to mount a large scale cyber attack even if they decided to attempt it. Thus the script kiddie DDOS bullshit against banks. They'd have to buy all better routers and bury some fiber before they even had the infrastructure to make the internet work sufficiently in their country.
In the real Pearl Harbor, people died. Unless and until the people talking about "cyberwar" demonstrate that they're defending us against the same kind of lethal threats, there isn't a legitimate comparison.
At worst, there may be property damage. But the simple fact is that the threats presented by enemies of the United States today are not even close to being the same level of threat presented by the Germans and Japanese and Russians of the past, where if we screwed up it was quite possible that the United States wouldn't exist anymore.
So why do they continue to invoke this stuff? To scare people into putting their organization on the US DoD gravy train.
I am officially gone from
"everyone knows who was behind it"
That word you keep using "knows", does not mean what you think it does.
They should threaten to make available copies of movies and music online for free.
At worst, there may be property damage.
Optimist.
Upward mobility is a slippery slope - the higher you climb the more you show your ass.
For the next god damn excuse to have a pointless war?
Don't get me wrong war is a great training ground for the stupid.
But we really don't want to escalate into total war with Iran over this bullshit. It'll be really bad for business.
Or maybe it is one-sided because they found ours but we can't find theirs?
So why do they continue to invoke this stuff? To scare people into putting their organization on the US DoD gravy train.
Or maybe because the professianls who do this for a living know something you don't. Imagine for a second that someone shuts down our power grid, something that is easy to do and has been demonstrated in Project Aurora. Without power, the internet is down. Without the internet, the economy grinds to a halt. No ships coming into port, no planes flying, no gasoline being delivered, no power in hospitals, no 911 calls, no critical infratructure working at all. This is the cyber 9/11 people like us (I work in the intelligence community) are worrying about.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
All the sources and analysis on Stuxnet said it entered through a weakness in Windows (written by Microsoft, an American company) and targeted specific elements of control software written by Siemens (a German company, and thus an American ally). Stuxnet was highly sophisticated and highly targeted, and likely because those writing it had access to the design flaws and knew what to target.
None of the US or Israeli infrastructure is on software written by Iran, so the access they would have to the design of software that runs things they can target is extremely limited. I would imagine in cyber-warfare it's much like normal warfare; intelligence is key when targeting your weapon. Iran likely does not have the intelligence (meaning information, not mental capability) to target us, so they're using DDoS attacks which are somewhat untargeted. So, to expand on the car analogy, this is like someone stealing your car, and since you don't know how to pick a lock, don't know how to break the alarm, and don't know how to hot wire the ignition, all you know is where they live, so you protest by throwing eggs at them.
It's fascinating that Iran continues to do nothing more despite the fact that U.S. critical infrastructure currently has the defensive posture of a dog waiting for a belly rub.
It's kinda hard to not consider TFS flamebait when it goes out with shit like this.
If it's a fact, why not, you know, provide a citation?
It's not even really interesting that Iran lacks the ability to do anything to retaliate because of the fact that U.S. critical infrastructure isn't really online enough to be at risk.
Touche.
Actually, depending on what kind of damage they can do to utilities and SCADA systems, people could very well die.
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
I don't think they want the Media Industry Controlled States of America to nuke them. I don't blame them on that count.
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
The primary possible effects of cyberattacks are I think social and particularly economic. However, the US has been so successfully doing social and economic damage to itself already that nobody felt the need to do so and potentially risk distracting US from its current trajectory.
Escalating cyberwar to the point of doing serious damage to the USA would invite a stepped up response (probably to actual bombs and missiles warfare) that they couldn't afford. So poke us. Just hard enough to make us notice. But not so hard that we would be justified in a military response.
This is why I don't have a major problem with them having a few nukes. They'd be crazy to use them for anything other then a last resort in self defense. Iran is, after all, surrounded by 'enemy' Arab states. It is a delusion of grandeur that we are worth dropping a few missiles on in exchange for their very existence. We need to get over ourselves.
Have gnu, will travel.
Ahh to be young and naive again...
This much ought to be painfully clear, yet government-and-industry keeps drumming the "imminent grave danger" drum like they were sitting on Iraqian WMDs or something.
Which ought to give rise to the next question: Why?
Well, we already know the answer for that, and we coulda seen it coming decades away. Back when it was coined the "military-industrial complex", these days it has a large sideshow in transport security, and the next wave of innovation is in cyber.
There's a few problems with this, of course. The American[tm] image elsewhere, though no American[tm] can be arsed to care about that, for there's nuttin' but yokels in them rest of the world, amirite or amirite? Nevermind that it regularly backfires (contras, and, oh hey, taliban, to name just a few); moving on, what else?
Well, this security thing is a large driver of big data and invasive tracking and whatnot, and starting with the civilian version is great because having to separately "militarise" the tech means a bigger market and fatter margins. Yum, fat margins. Ah, yes there's a cost but facebook, end of privacy discussion, and if not just say "terrorists" or "paedophiles" until detractors shut up, in fact use anytime to keep the pressure on. So, moving on, what else?
Well, it's overhead. As in, while fat government contracts lead to paychecks, they don't create wealth; they're overhead and slowly suck the economy dry. Ah, what the hell, the fed will QE us out.
Alright, no problems there. Carry on.
I probably should be in this business too, eh?
This is so incredibly wrong that it's astounding to me. A whole series of declarative statements that show a total lack of knowledge, and a total lack of understanding of the background material as well. Let's count them:
"The first shot was probably the release of Stuxnet sometime during or before 2009."
No. Cyber warfare did not start with Stuxnet...and common sense bears that out. Nobody can mount a successful and incredibly complex offensive the first time they field troops on the battlefield. Chinese thought leadership on cyber warfare goes back to the early 90s, when they seized upon it as an avenue to even the odds after witnessing our performance during Desert Storm...which, quite simply, made them wet themselves with shock at how effective we were at kinetic warfare.
"Even though no one has officially claimed responsibility everyone knows who was behind it."
Um, Obama took responsibility for it. At least read the headlines of what you're talking about? He was even called out for doing so, by others.
"Stuxnet hit with a bang and did a whole lot of damage to Iran's uranium-enrichment capabilities."
AWESOME! You FINALLY said something that was factually accurate! Too bad it took three sentences to get there.
"We followed up Stuxnet with Flame — the Ebola virus of spyware."
Uh, nope. Flame/Duqu, by all assessments, was actually a predecessor to Stuxnet, and I don't get the "Ebola" reference, since it's a data stealer and not designed to brick systems.
"What did the Iranians fire back with? A series of massive, on-going and ineffective DDoS attacks on American banks."
Okay, so first off, this is not the first thing...or the only thing...the Iranians have done. They've been in the cyber business a long, long time and are viewed as one of the big three actors in offensive cyber operations. Second of all, the attacks were not at all "ineffective"; ask any Bank of America customer who uses online banking. The site was down for weeks nonstop. And the banks have gone to the NSA asking for help in fending off the attacks as well.
"It's fascinating that Iran continues to do nothing more despite the fact that U.S. critical infrastructure currently has the defensive posture of a dog waiting for a belly rub."
See again, under Iranian cyber operations and how the banks fared during the DDoS attacks. Also keep in mind that the financial industry is at the top of industry sectors, when ranked in terms of cyber security maturity.
NOW, let me add the total way in which the OP ignores anything related to Russia or China, using only his incredibly faulty understanding of one country to justify his assessment of an entire form of warfare. Forget Red October (Russia, still in play but being shut down), forget Ghost Net (China), forget Aurora (also China), right? Forget what the Russians did in Georgia and Estonia. Forget North Korean actions against South Korea. Yeah...wow, good analysis dude. I bet Fox News would love you.
For your security, this post has been encrypted with ROT-13, twice.
My brother works for a very large electricity plant and he says that the only computer controlled anything is the monitoring systems. The action of turing on/off turbines is manual. I know this isn't true of the whole electrical grid but I'm sure there are considerations made when hooking up computers to critical systems like those ones.
Why do I get the impression that this is a planted story designed to provoke a foreign government into action. It would seem that there is little justification for the massive waste of tax payer money and someone is looking for one. If I were really paranoid, I may feel that this provocation was actually a means of getting the old jack boots of government inside the data of the private sector.
Oh not you again! Does your fallacious "intelligence" position grant you highlevel access to sources such as the telegraph and wall street journal?
Look, if you've hooked up your command/control infrastructure to the Internet, all the DHS in the world is not going to save you. Stuxnet like viruses? Sure. Maybe. Unpreventable, by anything beyond quality engaged PHYSICAL security.
As for impact, if you recall, 10 years ago, power was down for up to 3 days across the NE. This was caused by something far less insidious and delibrate than a cyber attack. It's impact beyond the first grid affected was also completely mitigable and took several MANUAL command/control failures to become as pervasive as it did.
http://en.wikipedia.org/wiki/Northeast_blackout_of_2003
---Up Up Down Down Left Right Left Right B A START
I don't hope for it to happen, but I've got to agree that people would finally take security a little bit more seriously if it did happen. A little bit.
Muhammad said young men might use them to look at women's ankles. So their hackers are a little behind the curve compared to the non-Muslim-nutball world.
What political party do you join when you don't like Bible-thumpers *or* hippies?
I dont know. There are lots of critical infrastructural that can be affected in a cyber attack. This about what would happen if someone should shutdown a specific power station causing a regional outage like what happened to the north east. Now imagine if that happened in the winter, many people, particularly older folks could die.
When you cant win, ad hominem.
He is talking about imaginary property. If someone copies and modifies Stuxnet, it would be against its license?
If electricity in a city went out for a week there would be riots and looting. If gas refining stopped, your car wouldn't drive and you couldn't work.
Or maybe because the professianls who do this for a living know something you don't. Imagine for a second that someone shuts down our power grid, something that is easy to do and has been demonstrated in Project Aurora. Without power, the internet is down. Without the internet, the economy grinds to a halt. No ships coming into port, no planes flying, no gasoline being delivered, no power in hospitals, no 911 calls, no critical infratructure working at all. This is the cyber 9/11 people like us (I work in the intelligence community) are worrying about.
Why are you, or the intelligence community, worried about not having Internet? The United States does not depend on Internet or electricity as much as you want us to believe. Planes will still fly, trains will still travel, cars will still work, and hospitals will still function. For the sake of humanity, please stop with your self fulfilling paranoia.
By the way, your spelling is stereotypical of the people in the un-intelligence community.
They simply will disconnect them from the net. For now the connection is open so they can inject even more malware (including the ones targetting people).
What, like the person working on the machine and maybe the first person to run over after? You would need to target specific machines if you want to get anywhere near the death toll, like nuclear power plants or a dam. And I'm pretty sure they have non-internet connected systems in place to overflow water / cool the reactor.
how about the systems informing people to manualy turn valves?
Why does everything lead to an attack? Perhaps the Iranians feel that they are above such playground level ideas. Iran hasn't attacked anyone for hundreds of years. Maybe they are a bunch of annoying pacifists...
That's all made up scaremongering to gather $$ and enforce central authority. I work on the "other side" no, not the black hat side, I mean the infrastructure provider side. Seriously claiming that our main site backup generator which doesn't have a networked SCADA interface will magically fail? And all our POPs which have gens that barely have electronic engine computers on the diesels will be magically reprogrammed? My cousin maintains large fixed diesel gens for hospitals, you're going to reprogram his ratchet set so he can't turn bolts? Without the internet no planes fly? LOL
A grid hit would look EXACTLY like the great NYC power outage about a decade ago. In fact, seeing as no newsies really looked into it to the depth necessary, it could very well have been an external hit to send a message.
A REAL hit wouldn't look like Jericho or a survivalist fanfic, it would look like an economic hit. If every centrifugal pump VFD at the local plant instantly reversed so they get to buy new ones, that doesn't mean we're going back to worldwide feudalism, it merely means bankruptcy for one plant. Actually it would look a heck of a lot like a major aerospace jetliner manufacturer having to ground an entire worldwide fleet leading to all kinds of economic effects.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
But without the internet you are safe from further cyber attacks. In fact, that would probably take the whole global network with you. And comparing a few days of blackout to the destruction of war is still fearmongering.
Taking the initiative (i.e., firing the first shot to surprise the enemy) and applying overwhelmingly dominant force have long been core tenets of US and Israeli military doctrine. It's not as if they've any reason to be humble about it.
I'm just surprised that Israel hasn't yet bombed the research facilities and turned Iran into a radioactive wasteland, ala Ian McDonald's "The Dervish House.". Send a loud message to all Muslims that only friends of the West can be trusted with nuclear energy.
Or a whole bunch of machines on a small scale. Traffice lights and elevators come to mind depending on how much of the systems rely on simple hard blocks for the dangerous things they can do, and how much is processed through the more complex systems.
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
Sorry, as someone who has lived through power outages longer than a week, I can assure that doesn't happen. When Hurricane Charlie ripped through Florida, 2 MILLION people were without power. In my case it was for a week. However, if you do the math that means 12 million HAD POWER. I went to my girlfriend's house, took a hot shower and did laundry. When I was hungry I went out to eat at a restaraunt.
The infrastructure to bring gasoline into Florida was damaged also, and it was hard to get gas. What did I do? Drive less. Carpool.
And now I am in the process of getting photovoltaics installed. I'd like to see the Iranians "hack" the panels on my roof.
There were no riots. There was no looting. People coped and we moved on. You would go outside and hear the most beautiful sound in the world: chainsaws. That sound meant someone was on the job repairing the infrastructure--clearing a tree that blocked the road or clearing a tree that had taken out power lines.
What the facts show is that the US has a lot of people trying to start a cyber war - there's a lot of money to be made. They have developed all the complex software and attacked. ...or any interest in achieving one.
Iran as a state, as far as we know, has done nothing in response to our continual attacks. The DDOS attacks we receive are from individual hackers - who may well be Iranian, but who aren't really 'commanded and controlled' by the state.
In fact, there's precious little 'state organised' attack on the West at all. What there is is usually dreamed up by small teams of insurgents, who have often lost a family member to American bombing - almost certainly bunches of friends and acquaintances. The Iranian state may approve of their efforts, and rejoice when they succeed, but there is NO evidence of any strategic organised warfare aim.
That's a shame, because we are continually building the story up in order to justify more government control over our own citizens and increased budgets for the military......
Don't be naive. Right now this minute, in some top secret Iranian bunker, they are drafting elaborate plans to hit us where it will irrecoverably cripple us. They will break down the social structures upon which our civilization rests. Yes my friends, they mean to take down Facebook.
+1 Disagree
In the real Pearl Harbor, people died. Unless and until the people talking about "cyberwar" demonstrate that they're defending us against the same kind of lethal threats, there isn't a legitimate comparison.
I completely agree that the "Cyberwar" term is hyped up and thrown around too much. But an attack on critical infrastructure like Water and Energy systems through SCADA attacks could easily result in the loss of lives. Just as an example, how many people depend on life support systems that require energy in hospitals?
Really? Someone shuts down the power grid and the entire world grinds to a halt? Maybe we should train someone who knows how to, well, turn the power grid back on?
I understand that the grid is a complex legacy systerm that isn't well understood. It's not clear, for example, how to cold-start the nationwide power grid if some catastrophe shut it all down, nor is it clear how long it would take to do so. But assuming that the economy comes to a catastrophic halt is simply fear-mongering. Every few years, winter storms shut down the Eastern seaboard for days with no lasting effects. The World Trade Center attacks shut down most of the financial industry for a week, and had severe repercussions on it for weeks thereafter; but we survived. The Sept 11, 2001 attacks shut down air traffic completely for a week - and yet, the world didn't stop.
Taking down the electrical grid would be more comprehensively catastrophic than the Sept 11 attacks, but it would still be no more than a minor blip on the Human History chart. A week later, it would be back up and running and those cunningly flexible and adaptable human beings would still be infesting this planet.
Please, for the sake of the United States and the world, get out of government service and take your paranoia with you.
And the worms ate into his brain.
well, if you really want to go with that analogy...
More like the bully and that kid who had the funny smell that nobody wanted to hang around...
The bully and funny-smell kid were exchanging words - hard to say who started it at this point, and the bully escalates and starts throwing spitwads after the smelly kid threatens to go home and grab a lead pipe for "a school project".
The bully has several, and knows exactly what kind of projects those pipes are used for, after having 'dual-wielded' them on what is now one of his best friends.
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
You work in the intelligence community? Then you should gather some intelligence on a thing called "history". Because the internet has only been around for 30 years, but the economy ran just fine without it for decades. Sure it would hurt, because a large part of the economy incorporates the internet now. But I find it highly unlikely that the power grid coming down would make no ships come into port, make planes stop flying, stop gasoline from being delivered, remove power from hospitals, and remove 911 calls.
Ships are powered on their own, so they can still sail into port. The cranes to offload them are typically run on rails and powered by onboard diesel gensets. The internet connection they have is typically for records purposes.
Planes fly on thier own. POwer coming down would hurt, but the systems have backup and emergency beacons with their own generators. PLanes fly without hte internet; they won't just drop out of the sky.
Gasoline is delivered via trucks, not by the internet. Trucks run on diesel fuel using a mechanical combustion engine not powered by the power grid.
Hospitals all have emergenvy backup generators to support critical systems, all run by either diesel or natural gas fuel cells.
The 911 system has it's own back up systems and generators, and is one of the few things working in the case of a major emergency.
Really, you should get out more and not just read cheesy spy novels. How thi sis rated insightful is beyond me.
Are you sure they aren't controlling the reactor cooling using an an iPhone app? Because that would be awesome!
No, think back a few years to the massive blackout in the Eastern part of the US. That was an accident, but that's the kind of thing a well-run attack on SCADA could do. Then if you want to kill people, as part of the attack, attack hospital utility systems. You know, like the stuff that brings the backup generators online when the mains fail. There are all sorts of regulations about keeping patient data safe, but it wouldn't surprise me if the utility systems are just as secure as a lot of the rest of them. (not very)
The living have better things to do than to continue hating the dead.
And I'm pretty sure they have non-internet connected systems in place
I believe Stuxnet was not delivered over the internet as well. You can target non-internet connected devices with a bit of social engineering or espionage.
Regardless, taking out critical infrastructure through cyberwar could lead to large amounts of deaths.
Someone has been watching Revolution....
wb Hurricane Katrina?
"Until then, it's lies."
Until then, it's predictions of risks."
FTFY.
which has as many holes as Swiss cheese. that would be a natural for the Talibani, Islam's TEA Party, because we'd all be back to 700 AD in a flash.
if this is supposed to be a new economy, how come they still want my old fashioned money?
I know this isn't true of the whole electrical grid
Full stop; that pretty much sums up your point.
Secret evidence is indistinguishable from fabricated evidence. Maybe the professionals who do this for a living are a bunch of frauds collecting fat paychecks for nothing. I have as much proof of my assertion as you have of yours.
[Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
So why do they continue to invoke this stuff? To scare people into putting their organization on the US DoD gravy train.
Or maybe because the professianls who do this for a living know something you don't. Imagine for a second that someone shuts down our power grid, something that is easy to do and has been demonstrated in Project Aurora. Without power, the internet is down. Without the internet, the economy grinds to a halt. No ships coming into port, no planes flying, no gasoline being delivered, no power in hospitals, no 911 calls, no critical infratructure working at all. This is the cyber 9/11 people like us (I work in the intelligence community) are worrying about.
Or maybe the professionals (security "consultants", sales, and everyone else in line to make a friggin buck) just wants to hammer home that the sky is falling to keep the good times rolling. And yes, that means you too, Mr I work in the intelligence community. Is the state of "cyber" security in the various critical infrastructures weak? Absolutely and they need to be improved upon. I too work "in the field" and am very familiar with the state of security for several organizations in a specific critical infrastructure. It's bad. Really bad. The risks are primarily sensitive data (commercial). The weaknesses in controls systems are organizational. That's right, organizational. When the resources are taxed to just maintain the status quo, things slip when you have to engage in new projects. Security improvements fall under new projects and completion/success is declared at some arbitrary implementation level so everyone can get their check mark and move on to the next issue. The core reason? Profits and specifically O&M numbers. Don't fool yourself, it's a business. And security doesn't show up on profit side, only the cost.
The US blew up a Russian gas pipeline in 1982 using a logic bomb. I don't know if anyone died but someone could have. Messing with a bridge's control systems could probably kill a few people too. Airline sabotage could be bad. Maybe there's something that's possible that you just haven't thought of. Certainly if you hacked every vulnerable system in the entire US simultaneously and killed as many people that way as you could, you could end up killing more people than the 2500 Americans who died at Perl Harbor.
The attacks don't seem to be ineffective to BB&T.
Their website (http://www.bbt.com) has been down or unreliable for the few days.
And your brother's employer won't spend a time to improve the controls system on that turbine. With CIP v4 (v5 waiting for FERC approval), there's no reason to ever upgrade a manual/analog control system to anything that contains actual logic circuits... even op amp based ladder logic.
What is your source for the bombing of the Ministry of Intelligence?
From Wikipedia:
"The pretext for the attacks was the assassination of German diplomat Ernst vom Rath..."
http://en.wikipedia.org/wiki/Kristallnacht
Other than people on life support, exactly who would be killed, rather than severely inconvenienced? Serious question. I'm totally ready to admit it if you come up with something convincing which I had not thought of.
Even people on life support might not be killed if the hospitals have generators that runs on petrol (gasoline) for emergencies. Admittedly there may be problems with further petrol deliveries, but local supplies might be sufficient to ride out the worst of the crisis.
I'm willing to admit that what you describe could be a substantial crisis. To use the term 'severely inconvenienced" may softpedal the impact a little, but if you want to compare a crisis such as this to Pearl Harbor or to the 9/11 attack, then there should be actual deaths.
Otherwise it's a bit disrespectful to the memories of the people who actually did die during those crises.
Actually it would look a heck of a lot like a major aerospace jetliner manufacturer having to ground an entire worldwide fleet leading to all kinds of economic effects.
You mean that time they grounded 50 planes out of a fleet of 50,000? Yeah, earth shattering. My 401k may not survive!
Just as an example, how many people depend on life support systems that require energy in hospitals?
That's why pretty much all hospitals have generators. They know how to deal with power outages and water issues.
I am officially gone from
I think you hit the nail very much on the head. There are 300 million people covering a vast landscape; the magnitude of destruction is enormous for our country to fall into complete chaos and for us to go back to the stone age.
Do you know of any way I could get hold of these people? I would really like to assist them in achieving their goal. :)
If I were God, wouldn't I protect my churches from acts of me?
You fiend!! How do you expect me to see the baby pictures from people I don't remember from high school? Think of the children!!
+1 Disagree
if you lived in an area affected by sandy you can imagine what can happen with a cyber war with out electricity.
The thing is, absolutely everything needs to be like that. Keep in mind that the US energy grid is vastly outdated, and so if just a small part of it is damaged or taken out of commission (like by fooling monitoring systems into thinking something broke, or hiding warnings until stuff does get damaged, for example) that could cause a domino effect as other parts of the grid are overloaded and so also go out.
No need to imagine it, it happens frequently. Ice storms take out power to large areas for days or a week, not many (if any) people die because of it.
People in Siberia without expected power... yes deaths. One of the biggest explosions recorded by seismographs of the century, Damaged property, costing money in a communist regime, yep people did not get their bread.
The CIA are assholes.
I will quickly counter my own argument by saying maybe this contributed to the downfall of that communist regime and had a net benefit. But thats one of those simulation things, we just don't know for sure (TM) if we had to do this.
Are they also planning to lawyer up and hit the gym?
Your controllers don't need to be an actual computer terminal to be given bad chips that were bad from manufacture to installation and operation. We, have blown up stuff indirectly like this before by paying off the manufacturers of said products.
The end result is were you going to buy your micro-controllers? I don't see nuke plants spending money for their own in house ones. They probably use stuff off the market.
Oh what else happens when someone drops some in a bin who appears to have legit clearance and they get installed. Its the almost untraceable sabotage. It doesn't have to happen over the inter tubes to be hacking. Allot of the best hacks require good phishing and physical access.
In order for "Project Aurora" to shut down the entire grid, a huge number of teams would have to coordinate and trigger the event simultaneously, dispersed across every state.
It would also be theoretically possible for 315 million terrorists to simultaneously punch every American in the face in a coordinated attack . . . but I don't hear anyone whinging about the threat of "Project Facepunch".
The Cyber Pearl Harbor already happened. (Man, I hate that term.)
And to keep up the analogy, this time The U.S. was the aggressors and the Iranians were the ones with their pants down and all their eggs in one basket.
Help! I'm a slashdot refugee.
Traffic light and elevators come to mind ...
No way. Both traffic lights and elevators have low level hardware interlocks that prevent them from going into an unsafe mode. Even if you have access to the control systems, the most you could do is stop the elevators, or put the lights into 4-way blinking red mode. To make the lights go into something dangerous, like 4-way green, you would need to conduct physical sabotage with a crowbar and a soldering iron. It would be easier to just buy a gun and shoot people as they drive by.
> At worst, there may be property damage. But the simple fact is
> that the threats presented by enemies of the United States
> today are not even close to being the same level of threat
> presented by the Germans and Japanese and Russians of the
> past, where if we screwed up it was quite possible that the
> United States wouldn't exist anymore.
Even the total loss of hawaii and all other US assetts in southeast Asia would not threaten the existance of the US, its not clear that such a threat has ever actually existed. The Germans were nasty and may have continued to expand but, the idea that they could just keep expanding and would make it over here? or were in any way an existential threat? I don't buy it.
"I opened my eyes, and everything went dark again"
Or maybe because the professianls who do this for a living know something you don't.
That's not likely. A lot of people on Slashdot do this for a living, too.
I will fully admit there are people who know more about security than I do, but when people say, "trust me, it's going to be scary if you don't give me control, and you can't understand why," well you better explain it to me in clear terms if you want that much control. Remember they were asking for an internet 'kill switch.'
Also, are you talking about Operation Aurora that Google was the center of? That definitely did NOT show it is easy to shut down the power grid. And if you think the economy grinds to a halt without the internet, you've been staying behind a computer too long.
"First they came for the slanderers and i said nothing."
Think in terms of what stuxnet itself did. Stuxnet caused very subtle changes that were just enough to ruin things in a not-so-obvious way. So imagine them managing to sabotage medical systems so that they operate outside of safe guidelines. Outputting unsafe levels of radiation, or dispensing unsafe levels of medication. People might not die right away, but sooner or later you start to see an increased level of cancer, kidney failure, etc.
Or how about traffic lights. Every so often make a 4 way green light. If you make it happen at less used intersections, or in the middle of the night, there won't likely be many witnesses to verify, and the person saying "I swear the light was green" will sound just like every other person that makes that claim. It won't seem obvious at first, but over time you'll see a nationwide increasing trend in these sort of accidents.
There's lots of other possibilities, like water refineries letting through unsafe water, explosions in factories, failures in vehicle safety systems, etc.
I've written a paper on this nearly a decade back. Let me tell you how to do it:
You attack the water system in rural regions. Twofold
1) you increase fluoride injector pumps to toxic levels. Most systems should have emergency shutdowns to prevent this, but you can. This is just gravy and not relevant, unless the shutdown actually stops water distribution. And even then it probably impacts the 'wrong' region.
2) You throttle some of the control points on and off as fast as possible to increase stress on the pipes, and open up remote irritation systems full throttle and locked on to deplete line pressure and start knocking. Infrastructure is old, this will almost certainly burst something important.
Now -- your goal is not to get people to die of dehydration. Your goal is to disrupt supply to natural gas compressor stations that use water for cooling. Depending on setup, the compressor may shut down. It may also burn itself entirely out. When the compressors can't run, the natural gas delivery system doesn't work. People can't heat. When people can't heat, water pipes freeze and burst. When there's not enough natural gas, certain types power stations can't produce electricity.
It's harder to disrupt coal or nuclear (although there's some great documentation of people breaking into nuclear plant SCADA systems over wifi) -- but water is your shortcut to heating and electricity for a growing number of regions.
While the gas network itself is nationally robust, it's often locally stressed. It's also susceptible to a variety of business pressures much like the old Enron electricy rate manipulations.
Traffice lights and elevators come to mind depending on how much of the systems rely on simple hard blocks for the dangerous things they can do
Any traffic light installed in the US since 1932 have the green lights crosswired and fused. If the controller applies power to both greens at the same time, the fuses will short and blow, killing both lights. You'd need to physically rewire the whole intersection to give both traffic flows green lights.
Traffic lights have to gracefully handle extreme weather, lightning strikes, power outages, accidents, vandalism, and shitty maintenance. They are pretty robust.
I found this from the article typical; "It's fascinating that Iran continues to do nothing more despite the fact that U.S. critical infrastructure currently has the defensive posture of a dog waiting for a belly rub. Keep that in mind the next time you hear that a 'cyber Pearl Harbor' is imminent."
Rubbish! Will not happen. Thinking... the Iranians aren't stupid? Just a guess but if you are being attacked by the most powerful empire the Earth has ever seen, it's something you just put up with. DOSS attacks in retaliation for the most technical cyberattack yet goes to show they know what they're up against. Everyone in the West seems to think that Iran will bring the 'cyber Pearl Harbour' while AT THE SAME FRICKIN' TIME describing the Stuxnet attack and others which, especially considering these attacks hit a NUCLEAR station, is itself a Pearl Harbour moment. Just not in the US. The fact is US policy is to attack Iran, presumably to trick it into an offensive action and providing a window for the US to attack the oil rich nation (brinkmanship gentlemen). The US has already murdered Iranian scientists, bombed Iranian citizens, and flown spy-drones over Iran. All flat out war-crimes.
Reading US fears of Iranian threats is flippin' hilarious.
or put the lights into 4-way blinking red mode. ... buy a gun and shoot people as they drive by.
Those two events are not mutually exclusive. Cause the lights to go 4-way red, have people waiting at intersection and start teeing off. Since everyone has come to a halt, people will try to race away but can't because everyone else is trying to race away.
Fish in a barrel and all that.
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
There's a documentary about this you should see called "Live Free or Die Hard." It's even got the guy from the Mac commercials in it, so you know they're computer experts.
We don't have a state-run media we have a media-run state.
Even if they were, nuclear plants have so many analog failsafes that the most you could do is cause the reactor to SCRAM and the backups to kick in. Why do you think nuclear plants are so expensive? They are so expensive because you have to have multiple redundancy including analog backups for any safety critical systems.
And then you will get the internet-TSA next.
I'd prefer the nothing happens at all option...
If Iran actually did damage to the USA, they'd invade and blow the shit out of everything.
This is like the kid who when bullied by some monstrosity who started shaving when they were 6, after being bullied and their lunch money taken every single day, deciding that trying to fight back would
a) let the bully claim that they were only defending themselves (the "He started it!" gambit)
b) would have the bully put them in hospital
and decides that missing the midday meal is a small price to pay to be able to eat the dinner mom cooks at home.
whew!
For a moment I thought they would cut off my MTV reality shows.
"Action without philosophy is a lethal weapon; philosophy without action is worthless."
"I understand that the grid is a complex legacy systerm that isn't well understood."
Well, I think the "grid" is better understood than may be obvious. If the national grid goes down, each local utility will disconnect from the grid, then bring their own lines up section-by-section. They are well practiced due to ice storms, hurricanes, etc. Reconnecting all the local utility grids to the "national grid" would be a new experience, however.
Place nail here >+
"The US has very little direct influence in Iran "
Either citation needed if you're saying the US does very little to interfere with Iran, or you're saying that the influence is not open.
You have a point, one that I have argued as well. The question is can you affect places where there isn't an established redundancy systems, or if you can coordinate physical attacks. Places like India experience widespread power outages so often that a significant number of homes have their own electricity generators, and the US have multiple supply lines for redundant power supply, although it's more top down. The useful area to look at are places that have something like hospitals that can be relatively easily deprived of those redundancies, if any exist.
Why would Iran do anything to alter the present situation? Sure, those whacky spy kids and their cracker-jack programmers might have delayed the rollout date a couple of years but in other parts of the world there is this concept known as patience and all the Persians need is time. Anyhow, they couldn't have done anything to shitcan the US economy any more effectively than seeing Obama reelected.
'I don't know what it's called. I just know the sound it makes, when it takes a man's life.' ~ Four Leaf Tayback
Distributed control systems such as ABB's are prevalent in power plants. They are networked, and more often than not, connected by a firewall to a business network, which is connected to the internet. The DCS controls nearly everything.
Or maybe because the professianls[sic] who do this for a living know something you don't
Like that they need to stir up for FUD to keep the paychecks coming. People in power will use that power to keep that power.
Generals will find us wars to fight. Security consultants will find security threats. Prosecuters will find criminals. Low-level beurocrats will find forms for you to fill out.
And if they can't find any, the more cut-throat ones will create them. Either by redefining a term to be more inclusive, broadening their scope, or literally paying someone to be the boogyman.
There is a push for putting a power stabilization system* on every electrical generator. You can't do that with analog/manual controls.
*This is a Mitsubishi article, but it does a good job of explaining. I am not affiliated with Mitsubishi.
Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
How about we stop talking about Iran? This and every other "news" story is insultingly stupid garbage designed to talk about war, move us toward war and ultimately involve the U.S. in a "war" with Iran whereby we steal Iran's resources. Moving us closer to One World. As our Kindergarten teacher would say to a truculent child: "No thank you!"
...but Iran has had the dick of the west up their ass since 1953. Who has Iran attacked?
You call them "murderous assholes," yet the US is responsible for FAR more murder.
IOW: fuck off you cowardly apologist for the empire.
Are you proud of your CIA rape rooms? Are you proud of murdering innocent Iraqis and Afghans for oil and empire?
Most gulf countries live in fear of the US and their buddies the Israelis and the Saudis.
My taxes fund murderous thugs.
I agree there is a lot of pro-war propanda ongoing, as Netanjahu badly wants a war and they can indeed pull of nice information operations. They have their people almost everywhere and certainly in the US.
Having said that, I disagree that the Iranians are completely incompetent. An Iranian hacker apparently completely owned a Dutch Certificate Authority to the point of creating bogus SSL/TLS certs for Google.com.
If they really wanted to kill people by means of cyber attack, they could do that. Lots of opportunities from candy factories to insecure, networked medical devices.
But, Iran is not a very large nation and they have to prioritize their efforts. Nukes are priority #1 and that is understandable because they are threatened by one country in their vicinity with 200 nukes ready for action and by another country with something like 20000 nukes ready for action.
Say you're Mr. Ahmadinejad and your hackers report that they have access to all kinds of critical systems in the US and Israel. The US takes down your nuclear facility with a computer virus. Do you:
A) Take down US systems in retaliation, causing damage but revealing your enemy's weakness such that they have a chance to fix it.
B) Do nothing. Keep the fact that "all U.S. bases are belongink to Iran" a secret so that if the US ever does attack militarily you can deal them a serious blow at a more opportune time.
Revenge motivates petty individuals. Nation-states are motivated by intelligence, survival and strategy.
And any good nerd knows that the answer to the question of "have you been hacked?" is always "Not that I know of".
Point being, there's no way for the Iranians (or some other Evil Empire) to pull off that kind of attack from the safety of a computer console halfway around the world.
I am officially gone from
While Iran is an example of single sided cyber war; you only have to look at China to see that it isn't all single sided. In many ways, through outsourced, etc. we've shipped off our technology around the world and one of these techs is computer science. The Chinese are damn good at this and presumably Indians are not far behind. Chinese cyber espionage is growing rapidly and the US seems ill prepared to counter it. Also, take a look at the Israelis; their cyber security is quite a bit more robust than the American one.
The first misconception here is that there is a national power grid. There isn't. There are several regional grids that operate autonomously from one another. Each one has a documented black start procedure for how to bring the grid back online if it becomes completely segmented ... which plants and electrical paths to reconnect first, what order to do the rest, and so forth. This is engineering, not black magic.
If the "nerd" wants to push the Jews into the sea, I'm fine with being the bully. We should bully such murderous assholes more.
Don't the Iranians have a right to the opinion that Israel shouldn't be a state?
I'm not saying we have to agree with them, I'm not saying the US shouldn't help out Israel, if attacked...
But this is preemptive warfare.
Where does it end?
These hacks only postpone their nuclear program, and cause a lot of animosity...
The only option for true peace in the region is negations, all out war could stop a nuclear program, but it certainly wouldn't bring peace.
Yes, you are correct. But I can't say if most of those grids have ever had a black start event in a long time. I've been in the distribution side of the power industry, not the transmission side, so I defer to your greater subject knowledge.
Place nail here >+
Traffic lights have to gracefully handle extreme weather, lightning strikes, power outages, accidents, vandalism, and shitty maintenance. They are pretty robust.
Well, so are prison gates. NOT.
Upward mobility is a slippery slope - the higher you climb the more you show your ass.
Indeed, here is something further to consider.
While chicken littles are running around screaming about some ghost in the machine, we ignore the real issue:
Our own energy security!!!!
What happens if this week the power goes out for 3 days in the middle of winter because of our doing (and not some imaginary systemic viral infection)? Will your gas furnace turn on? Outside my house right now its -27C with further windchill.
---Up Up Down Down Left Right Left Right B A START
If electricity in a city went out for a week there would be riots and looting.
Clearly you don't live in New York, where you were proven wrong less than 3 months ago.
Oh fuck not you again. Actually I read books. And I sourced them in another post. I was trying to find articles that discussed the points I made. Try reading them and/or being stupid somewhere else. See, I can be snippy too rather than making intelligent points. The blackout was for 3 days and came back on. Project Aurora demonstrated that a simple cyber attack, easily carried out by anyone with minimal haxor skillz, can take power grids offline PERMANENTLY by BLOWING THEM THE FUCK UP. So, no, not back up in 3 days.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
"Even though no one has officially claimed responsibility everyone knows who was behind it."
Bullshit. Israeli military officers have even admitted in their domestic media that it was their doing,
Are you friggin' kidding me? Do you know anything about the world? The war is ongoing and just because the media doesn't show it, you say it doesn't exist? n00b!
The power goes off in the US, and the US grinds to a halt. That's what has US cyber authorities worried. And no, it won't just turn back on. I've posted this elsewhere, but look up Project Aurora. It demonstrated that simple hacking techniques can cause the generators to BLOW THE FUCK UP. You basically send commands to GO FAST then GO SLOW in quick succession. In short order, it tears itself apart. So, not back on in a coupla days. And China makes them. So if they're the ones that turn us off, we may be buying them on their terms.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
I don't own a TV. I read books. Like Cyber War by Richard Clark, and America the Vulnerable by Joel Brenner. This isn't fiction.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
AFAIK a security researcher said that they believed it came from the US, and an anonymous source "from the US government" confirmed it. How exactly do we jump from that to "everyone knows who was behind it". I've seen both a show on the history channel and an anonymous comment on Slashdot confirming that aliens cause hurricanes. Does that mean everyone knows who was behind it? Is there more substantiating evidence than this that I just haven't read about? I won't lie, after the first 500 or so stories on /. I began skipping over them, so I might just be ignorant on the issue, but would really like to know.
And they've published books too. Cyber War by Richard Clark and America the Vulnerable by Joel Brenner are two I've read recently. It's not fabricated and it's not secret. You just don't know anything about it. But don't let that stop you from making snide ignorant remarks.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
Aren't you mixing up your history books a bit?
For Reichskristallnacht (or Reichsprogromnacht) the pretense used was the shooting of a member of the German embassy in Paris by a local Jew.
The building you might remember is probably the Reichstag (in Berlin) which wasn't bombed but burned (5 years before Reichsprogromnacht) and the alleged arsonist's connections to left parties were used as pretext to repeal several citicen rights, pursue left parties and thereby ensure the victory of NSDAP at the next election.
In Munich threre was a failed coup by the Hitler and others about 10 years earlier.
Without trucks delivering food to cities, millions would die within weeks. No gas pumps would work, no software used to direct trucks to destinations would be up, no GPS devices would have power. Look at what happens when a hurricane hits. The shelves are bare within hours and stay bare until trucks get back in. Hospitals would run out of medication, water treatment facilities would be offline. Big cities, and many smaller ones too, are highly dependent on the flow of food, water, medicine, etc coming in every day.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
Unfortunate coincidence of names. Aurora Project was a staged exercise to demonstrate how one could hack into a power station and shut it down. I was often confused myself reading books about cyber war that talk about both Aurora Project and Operation Aurora.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
So why do they continue to invoke this stuff?
Probably because it is simple to remember like "Remember The Alamo!" even more than a century after it happened and many don't know it was all about.
Actually for me I have continual cyber war problems from sales and marketeers constantly trying to hack my computer. When I first fired up Zone Alarm, I saw all kinds of penetration attempts, a friend said those are from companies wanting to gather information to profile what kinds of products to sell. Then there is mischief like the Sony rootkit. God only knows what internet dangers are there besides enemy countries and malicious troublemakers.
mfwright@batnet.com
Nevermind that it regularly backfires (contras, and, oh hey, taliban, to name just a few); moving on, what else?
What else? Well, I'm wondering why you left Iran out of your examples since that's the article topic and we created the situation there by toppling their old government and installing a brutal right wing thug who was then overthrown by the current religious extremists with a totally justified hatred of America.
I'm not convinced that trucks would stop though. A temporary solution could easily be found to the issue of pumping gas, and GPS is hardly necessary to deliver food. We did manage to drive places before it existed.
When power has gone down, trucks have stopped. It's an incredibly complex system of moving parts enabled by internet connected devices. And the things we've relied on in the past to get things are done are largely gone. Paper maps? Pay phones? Not so much. Certainly not enough to keep hundreds of thousands of trucks moving to and from the right places at the right time. Besides, the trucks get the cargo from trains and ships. Both of those need power and fuel. Fuel comes in on ships, train, and trucks. It's all inter-dependent, and that's our vulnerability.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
Or maybe the code could replicate itself and infect multiple power stations, sort of like a VIRUS.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
The targets are just waiting for a bail-out, and a crapload of deficit-fueled contracts. What's not to like?
Banks to Iran: "come at me, Bro!"
(note to the douchebags of the world: War is soooo 20th century.)
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
The reality is, based on my 30+ years as an EE in the 'power industry', analog Power System Stabilizers existed LONG before digital system were even a glint in the eyes of the crony capitalists. The trick is that the analysis required, and calibration needed, to make it actually work, requires paying the circuit designers and calibration technicians a wage commensurate with their knowlege, which is NOT going to happen. AND I mean both the power systems circuit and the control equipment circuit designers.
IF (zero probability) and WHEN (never) the vulture investors are willing to pay "me" in a manner commenurate with my 'worth', as in if I am only going to be paid for six months work every five years, and never after I am over 45 years of age, and there really is an extremely limited availability of "me" who CAN do the work correctly, THEN I should, if free market values are in place, be paid like a *ball star in MILLIONS of dollars for a few hours work.
There was looting going on during that as I recall. Not to mention, loss of criminal data, etc...
I just want to say its cold in California too. Yesterday morning we had frost.
Power outages are just another reason to have pets. Food in case of nuclear war, heat in case of power outage etc.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
was long before Stuxnet.
Stuxnet did receive more mass media attention than some previous 'shots', but that doesn't make it the first 'shot'.
WTF?
The CIA have a great sense of humor (in this case).
What are the Russians going to do, complain that their stolen software is defective? They have no more of a valid complaint then any warez downloader that gets infected.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
woah
Over here in Australia we'd never have to worry about our Traffic lights being hijacked, in the city I live half our Traffic lights are run by a local council and the other half by the state, delve in deeper and you have 4 different control systems that are incapable of talking to one another. The joys of government!
Maybe that's true in other parts of the US, but in the NW the major utility command center computers aren't connected to the outside world. The most that can be done remotely is load shedding, which while inconvenient, is not destructive and can be fixed rapidly. I'll take the word of the guy who heads up electronic security for a major regional utility over some random person on the Internet, personally.
The use of 'we' is something everyone should take a look at when it is used in broader terms. I had no part in the Stuxnet or Flame malware, even though I'm a US citizen, and I do work in cyber defense. The collective 'we' used in this is similar to the collective 'they' as in "who did this to us?.. they did". It is much the way sports fans (I've caught myself doing it) refer to their favorite team's victory as their own (It was a tough game but 'we' pulled it out).
And China makes them. So if they're the ones that turn us off, we may be buying them on their terms.
Isn't this one of the real dangers here? It seems the US is fast reaching a point where we no longer have sufficient domestic industrial capacity even to maintain our own existing infrastructure, let alone do major reconstruction.
iran won't attackbecause they don't want their sand pile turned into one big ball of glass.
Project Aurora demonstrated that a simple cyber attack, easily carried out by anyone with minimal haxor skillz, can take power grids offline PERMANENTLY by BLOWING THEM THE FUCK UP. So, no, not back up in 3 days.
Hahaha, that's funny.
I'm going to tell this one to the Arabas, I'm sure if it is as easy as you claim it to be shit'll blow up tomorrow, not several days later, tomorrow.
There are plenty of pissed off people at the U.S., many for good reasons, that for something as simple as you think causing as much damage as you think, it would've happened already.
And where are the stories of script kiddies playing morse code with some city blocks? Seriously if it is THAT easy to do ...
"oh, and doing the same in Syria now too"
You credibility goes into the crapper because you did not check you facts for that lie. The syrian and the Iranian government are ALLIES.
And I think he will have a word with cowboys and banksters if they chose to use nukes anywhere. The claws of the bears are nuclear-tipped.
> What did the Iranians fire back with? A series of massive, on-going and ineffective DDoS attacks on American banks.
They also borrowed an RQ-170 stealth drone spy aircraft from the CIO and still haven't returned it. Russian reports say those nasty persians actually sold the drone to the chinese.
It is quite possible that the hi-tech in that drone is worth more for the chinese in dollars than the entire iranian nuclear programme. Swapped the 30 silvers of Judas for one gold coin from Hamlet.
Entirely made-up garbage. If cyberwar was a real problem, not just a way to transfer money from the public purse to military contractors, no government computer would be running Windows.
http://rocknerd.co.uk
If all the computers do is monitor, how can that cause failures. Monitoring only reads sensors, it doesn't shut down grids. The employees manually shut down the systems but don't usually do this blindly.
HAH! Friend of mine is involved with ATMS (Advanced Traffic Management System) and the county and state having issues at shared intersections with the state wanting the lights controlled with some overpriced systems that won't talk to anything and the county wanting stuff that can be MANAGED (funny how they even have that word in the description of the system they're implementing) but looks like the state may actually play along finally realizing what they're getting out of the deal. BUT we'll see. Overall I'd love to see when all the ATMS is lit up in all the counties that are doing it. Might not hear as many traffic reports about the "Car Strangled Spanner" with some of the bridges during rush hour. Unlikely but hey at least when traffic is moving it might move smoother :)
So, the iranians are funding the NRA.?