DDoS Attack Halts Heating in Finland Amidst Winter (metropolitan.fi)

← Back to Stories (view on slashdot.org)

DDoS Attack Halts Heating in Finland Amidst Winter (metropolitan.fi)

Posted by msmash on Tuesday November 8, 2016 @02:40AM from the topsy-turvy-world dept.

A Distributed Denial of Service (DDoS) attack halted heating distribution at least in two properties in the city of Lappeenranta, located in Eastern Finland. In both of these events, the attacks disabled the computers that were controlling heating in the buildings. An anonymous reader writes: Both of the buildings were managed by Valtia, the company which is in charge of managing the buildings overall operation and maintenance. According to Valtia CEO, Simo Ruonela, in both cases the systems that controlled the central heating and warm water circulation were disabled. In the city of Lappeenranta, there were at least two buildings whose systems were knocked down by the network attack. According to Rounela, the attack in Eastern Finland lasted from late October to Thursday -- the 3rd of November. The systems that were attacked tried to respond to the attack by rebooting the main control circuit. This was repeated over and over so that heating was never working.

138 comments

Min score:

Reason:

Sort:

Amidst Winter? by tsqr · 2016-11-08 02:47 · Score: 2, Funny

I know it's cold in Finland this time of year, but the first day of winter is still a month and a half in the future.
1. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 02:55 · Score: 1
  
  "Winter" in cold areas is anywhere from October to April
  Technically Winter is only 3 months long... but 'feels like winter'... that is another thing entirely.
  I used to go trick or treating as a kid during snow storms... and I didn't even live in THAT cold of a place
2. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 02:56 · Score: 3, Interesting
  
  The issue is that "winter" doesn't mean the same thing to everyone. I used to argue with my (Finnish) wife about this for a while, but Finns typically refer to something which translates as "thermal winter" (terminen talvi) which starts on the first day the average temperature for an area consistently drops below 0C
3. Re:Amidst Winter? by gweeks · 2016-11-08 02:58 · Score: 5, Interesting
  
  The temperature in Helsinki is below freezing and isn't expected to get above freezing even during the daytime highs for at least a week. That's close enough to winter for me, no matter what the divide the year into four equal seasons says.
4. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 03:06 · Score: 2, Informative
  
  Its -6C(22F in retarded units) in Lappeenranta right now which sounds Wintery to me.
5. Re:Amidst Winter? by EvilSS · 2016-11-08 03:31 · Score: 4, Funny
  
  I know it's cold in Finland this time of year, but the first day of winter is still a month and a half in the future.
  Yes, this is the most important part of the story. Who cares if some dipshit HVAC system failed due to a DDOS attack, disabling heat for buildings in sub-freezing temperatures. What we should really be discussing is this completely unacceptable disregard for when winter actually starts!
  
  --
  I browse on +1 so AC's need not respond, I won't see it.
6. Re:Amidst Winter? by kelemvor4 · 2016-11-08 03:33 · Score: 1
  
  "Winter" in cold areas is anywhere from October to April
  Technically Winter is only 3 months long... but 'feels like winter'... that is another thing entirely.
  I used to go trick or treating as a kid during snow storms... and I didn't even live in THAT cold of a place
  Let's just be clear. If you lived someplace where frozen water literally falls out of the sky... you lived in THAT cold of a place.
7. Re:Amidst Winter? by DatbeDank · 2016-11-08 03:45 · Score: 3, Insightful
  
  Seriously, there is absolutely NO good that comes from wiring up every little thing to the internet. What's the purpose behind connecting this to the open internet?
  Call me a Luddite and get these things off of the open internet. These idiots deserve what happens to them and those same idiots should be held accountable when someone dies from their ineptitude.
8. Re:Amidst Winter? by thegarbz · 2016-11-08 03:54 · Score: 1
  
  You haven't been in Europe this week have you? It's winter come 2 months early right now. Snowfall almost record early in the year and much of Europe had below freezing temperatures over the last few days.
  For all intents and purposes as far as heating a house goes, it's the middle of winter.
9. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 03:54 · Score: 0
  
  The definition of thermal winter according to Finnish Meteorological Institute is the part of the year when temperature is "permanently" below 0 Celsius. In practice it's a bit more complicated; it's considered to have begun when sum of daily average temperatures (in Celsius) since beginning of September has reached its' maximum, and again ends when the minimum is reached. Clearly this can be determined properly only after the fact, but by this definition, winter at Lappeenranta begun more or less precisely in the beginning of November.
  Whatever is the astronomical definition is pretty pointless when your prime consideration is that if temperature drops below zero and you fail to provide consistent heating, pipes inside houses will eventually break as water inside those freezes and expands, causing massive moisture damage afterwards. You seriously don't want to rely on an useless definition at that point.
10. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 04:01 · Score: 0
  
  These idiots deserve what happens to them and those same idiots should be held accountable when someone dies from their ineptitude.
  I'm sure those "idiots" are all directly responsible for their building's HVAC. That's why they deserve to die, right?
11. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 04:16 · Score: 5, Funny
  
  I believe you mean 22 in Freedom Units.
12. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 04:22 · Score: 0
  
  This is what Lappeenranta looks like right now.
  In Northern Europe, heating season starts at around early October. Permanent snow cover (considered the beginning of winter) comes usually in mid-December, but it's been unusually cold autumn this year.
13. Re:Amidst Winter? by ShanghaiBill · 2016-11-08 05:11 · Score: 2
  
  The issue is that "winter" doesn't mean the same thing to everyone.
  Indeed. I lived in China for a few years, and there winter starts on Dec 1st and ends on Mar 1st. That makes more sense, since it syncs up with both the calendar and the weather. The first 21 days of Dec are shorter and usually colder than the first 21 days of March.
14. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 05:27 · Score: 0
  
  first day the average temperature for an area consistently drops below 0C
  Or as they say in parts of Manitoba: "We have two seasons. Winter, and July."
15. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 05:38 · Score: 0
  
  Oh no, there are degrees of winter. For example, here in Minnesota it is pretty balmy in winter compared to say, Fairbanks, Alaska or Siberia.
16. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 05:39 · Score: 0
  
  Yes, this is the most important part of the story. Who cares if some dipshit HVAC system failed due to a DDOS attack, disabling heat for buildings in sub-freezing temperatures. What we should really be discussing is this completely unacceptable disregard for when winter actually starts!
  Son, I'm currently arguing with my VPN group over their continued use of 12:00PM and 12:00AM. Our users honestly do not know if TFA is going to launch at noon or midnight.
  It might seem petty, but technical groups use technical language for a reason. Imagine if Valtia had announced in September that they would have their DDoS mitigation in place by "winter". Just WTF would that mean?
17. Re:Amidst Winter? by mysidia · 2016-11-08 06:04 · Score: 1
  
  Seriously, there is absolutely NO good that comes from wiring up every little thing to the internet.
  Wiring things up to IP networks provides remote control which saves time, money, and effort.
  The reason they wind up connected to the internet is because internet connectivity is a commodity available through Internet service providers as a consumer service and other network-based services are not commodities, or require hiring professionals to help design and build, or paying the service provider extra costs. Internet is cheap, widely available, and easy to install --- there is no need to hire IT professionals to build a simple network that costs of an ISP line and a DHCP router, or no need to pay the phone company extra for an additional POTS line or serial lead-line, just slap in a patch cable hook it up (Newer HVAC products are probably including built in Wi-Fi, so just set the name of the Access point, and maybe the pre-shared password If the equipment supports WEP or WPA2 [It probably doesn't]), and route that traffic over a cheap, ubiquitous, and generic WAN service.
18. Re:Amidst Winter? by Toad-san · 2016-11-08 06:05 · Score: 1
  
  Below 0C? Hell, that's not cold! Admittedly I'm living in Nawth Ca'lina now, far different from my years in Massachusetts, Bavaria, and winters in northern Maine.
19. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 06:18 · Score: 0
  
  its'
  
  Die in a fire, ni99er.
20. Re:Amidst Winter? by GNious · 2016-11-08 06:18 · Score: 1
  
  You haven't been in Europe this week have you? It's winter come 2 months early right now. Snowfall almost record early in the year and much of Europe had below freezing temperatures over the last few days.
  Sen Jim Inhofe must be celebrating this further evidence of Global Warming being a hoax!
21. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 06:19 · Score: 0
  
  I know it's cold in Finland this time of year, but the first day of winter is still a month and a half in the future.
  -11C in Oulu (540Km north of Helsinki) today, and it doesn't look like it'll be warmer tomorrow
22. Re:Amidst Winter? by Mashiki · 2016-11-08 06:26 · Score: 1
  
  That's wintery? Pft wimps. That's still shorts weather in Canada, and I'm not even kidding. You'll see people out here in t-shirts and shorts when it's -10C(14F), it's only when the windchill starts kicking in and it's really cold that winter starts. Most people here don't consider it winter until there's 6cm of snow on the ground and it hits -15C in the daytime(or twilight).
  
  --
  Om, nomnomnom...
23. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 06:48 · Score: 0
  
  You get what you pay for?
24. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 07:11 · Score: 0
  
  You're confusing astronomical seasons with meteorological seasons.
25. Re:Amidst Winter? by orgelspieler · 2016-11-08 07:12 · Score: 2
  
  My wife used to work for a company that controlled the thermostats of all of its satellite locations remotely. It's called micromanagement. Basically, if her patients were uncomfortable, the only thing she could do was apologize. But it saved the company hundreds of dollars per site each year, so that's totally worth it, right?
26. Re:Amidst Winter? by Darinbob · 2016-11-08 07:27 · Score: 2
  
  Winter is still coming.
27. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 07:30 · Score: 0
  
  Winter is 3 months per year, exactly? Over here, winter is defined as having a sub-zero (degC) temperature for 5 days in a row. And spring starts when the temperature is above the freezing point for 7 days in a row. Some years there is no winter, some years there is a really long one...
28. Re:Amidst Winter? by BitterOak · 2016-11-08 08:02 · Score: 1
  
  I know it's cold in Finland this time of year, but the first day of winter is still a month and a half in the future.
  You didn't see the white ravens released from the Citadel last June? Winter is here.
  
  --
  If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
29. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 08:40 · Score: 0
  
  -6 in Arrogant Cunt units?
30. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 08:48 · Score: 0
  
  Let's just be clear. If you lived someplace where frozen water literally falls out of the sky... you lived in THAT cold of a place.
  When it's too cold for snow, the real cold comes... That's when you get below -20C, and it can reach -50C here.
31. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 08:52 · Score: 0
  
  Freedom Units, or FU
32. Re:Amidst Winter? by jittles · 2016-11-08 08:52 · Score: 1
  
  You haven't been in Europe this week have you? It's winter come 2 months early right now. Snowfall almost record early in the year and much of Europe had below freezing temperatures over the last few days.
  For all intents and purposes as far as heating a house goes, it's the middle of winter.
  If there's one thing the internet taught me is that you really meant to say "intensive purposes." Cause freezing cold is intense!
33. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 08:52 · Score: 0
  
  It's already -10C or so here in Kuopio, Finland. We expect it to get a bit colder, likely -30C to -40C. Thermal winter started a few weeks ago, and will last until next year May.
34. Re:Amidst Winter? by Anonymous Coward · 2016-11-08 09:18 · Score: 0
  
  But isn't the real point that the HVAC system should work even in the face of no internet access. Being able to adjust it or get readings off of it are fine, but it should still function at the last settings (or locally programmed defaults in case of a reset) without access.
35. Re:Amidst Winter? by angel'o'sphere · 2016-11-08 10:40 · Score: 1
  
  These idiots deserve what happens
  Which idiots do you mean? The poor folks having no heating or the service provider company that is not serving its customers?
  
  --
  Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
36. Re:Amidst Winter? by lars_stefan_axelsson · 2016-11-09 01:07 · Score: 1
  
  I know it's cold in Finland this time of year, but the first day of winter is still a month and a half in the future.
  Maybe in the Anglo-Saxon world. But in the nordics we use the meteorological definitions. Hence, "First day of winter" isn't a day on the almanac, it's officially announced by the met office. (And typically on the news, weather segment).
  The official definition of winter being; the average temperature being below freezing for five days in a row. (The other limit being 10C. I.e. above 10C for five days, then it's summer, below then it's autumn.
  
  --
  Stefan Axelsson
37. Re:Amidst Winter? by fintux · 2016-11-09 02:43 · Score: 1
  
  It makes no sense to define the seasons by the months globally. Think about the southern hemisphere for example - the seasons are timed exactly the opposite in there as in the northern hemisphere, so saying that "winter is the time from December to February" (or whatever like that) in a global context is simply nonsense. Also, there are even different seasons in different parts of the world (for example, wet season and dry season in the tropics). You can read about the seasons in Finland in the web pages of the Finnish Meteorological Institute at http://en.ilmatieteenlaitos.fi... if you want to know more.
38. Re:Amidst Winter? by Anonymous Coward · 2016-11-09 05:16 · Score: 0
  
  you really dont know the regulations in finland, it could be the case that some law forces them to have some kind of computer thingy in the building to regulate heat distribution so they can be green and ecologically awesome, and they just simply went with the cheapest one or whatever
  i mean, in europe it doesnt even have to be your choice because as they say
  winter is comming
Probably only going to get worse by Anonymous Coward · 2016-11-08 02:51 · Score: 1

This time last year, I had my boiler replaced. While shopping around for a new one, a number of companies attempted to flog me cloud-based heating solutions.
"You can control it from your mobile phone."
"It knows you've left the house and turns itself off."
"It can be made to learn when you're coming home, and to switch on so that the house is warm when you get in."
"You can have them installed in your elderly relatives' homes, and control their heating for them, remotely."
My first thought was, well, if I can control all this shit remotely, so could someone else. An intranet solution would've been cool, though.
1. Re:Probably only going to get worse by Hognoxious · 2016-11-08 02:59 · Score: 1
  
  An intranet solution would've been cool, though.
  
  I suppose that's batter than bloody freezing.
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
2. Re:Probably only going to get worse by Anonymous Coward · 2016-11-08 03:03 · Score: 0
  
  I recently had my _alarm system_ replaced, and got the exact same sales pitch (oh, you don't want to control your alarm from Timbuktu??). This is only going to get worse. Very worse.
3. Re:Probably only going to get worse by fustakrakich · 2016-11-08 03:16 · Score: 1
  
  "It knows you've left the house and turns itself off."
  Will it call the plumber when the pipes freeze?
  
  --
  “He’s not deformed, he’s just drunk!”
4. Re:Probably only going to get worse by thegarbz · 2016-11-08 04:15 · Score: 1
  
  You know that none of the systems on the market work like this right?
5. Re:Probably only going to get worse by fustakrakich · 2016-11-08 04:38 · Score: 1
  
  So very sorry
  
  --
  “He’s not deformed, he’s just drunk!”
6. Re:Probably only going to get worse by 0100010001010011 · 2016-11-08 05:08 · Score: 1
  
  Eh, it's not as big and scary as you make it sound out to be.
  There's a perl module someone wrote so you can self host the front end.
  You can also change your DNS and redirect stuff to where ever you want it.
7. Re:Probably only going to get worse by sjames · 2016-11-08 05:18 · Score: 1
  
  That's exactly it. An intranet controllable thermostat suitable for control from a browser and a well documented REST based API would be potentially useful. Ideally it should have a switch to take it off of the network and operate in local-only mode in case of trouble. A thermostat that has to phone home to work is a terrible idea.
  I can't decide if the big push for the cloud when it comes to the (id)IOT is based primarily on incompetence or a cynical move to lock people in.
8. Re:Probably only going to get worse by Anonymous Coward · 2016-11-08 05:26 · Score: 0
  
  > This time last year, I had my boiler replaced.
  Dear Thomas and friends, we know you are hiding a tank engine in your backyard. Don't even try to deny it, we saw you haul it on the satellite with IR to see through the night.
9. Re:Probably only going to get worse by afidel · 2016-11-08 05:33 · Score: 1
  
  Actually the Nest thermostat did that to quite a few people when the mandatory firmware update was pushed to their unit while they were on vacation and the units failed to work post-update. It's the #1 reason I won't buy a Nest or any similar cloud controlled product.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
10. Re:Probably only going to get worse by mysidia · 2016-11-08 06:11 · Score: 1
  
  My first thought was, well, if I can control all this shit remotely, so could someone else.
  Yeah.... I do think there's a simple solution though.
  "Sanity-protected smart thermostat"
  Put the system on an automated internet-connected thermostat, But in the wiring include a supplementary Limiting device in series
  with the Smart stat which will transfer control of heat to a mechanical T-stat if temperature exceeds 68 degrees,
  Or if temperature drops below 60 degrees... And transfer control of A/C to mechanical if temperature goes below 72 or above 78.
  Install the mechanical override T-stats with permanently established settings,
  and put them inside the cold-air return to make sure ordinary people cannot see or mess with the limiter T-S.
11. Re:Probably only going to get worse by thegarbz · 2016-11-08 12:13 · Score: 1
  
  Actually the Nest thermostat did that
  Actually the Nest had a major fault as the result of a botched firmware update. The way Nests works for many people all over the world without any issue what so ever is to have a safety temperature which brings me back to:
  "You know none of the systems on the market work like this right?"
Explain to me by The-Ixian · 2016-11-08 02:57 · Score: 5, Insightful

1. Why are these infrastructure computers reachable from the Internet?
2. Why this system doesn't fail safe if the controller is taken down?
Yet another cautionary tale of IoT woe, but also some seemingly bad design...

--
My eyes reflect the stars and a smile lights up my face.
1. Re:Explain to me by Anonymous Coward · 2016-11-08 03:07 · Score: 0
  
  Simple short-sighted business logic:
  1: Because is allows for easy remote access without having to invest in additional infrastructure.
  2: Because if it is still functional, it ain't broken and people start to argue when invoices are being sent.
  How it could be:
  1: Incorporate security in the design.
  2: Be transparant and communicative about detected "issues" and how they will be resolved.
2. Re:Explain to me by Anonymous Coward · 2016-11-08 03:14 · Score: 0
  
  This is usually to "manage" the furnaces so employees don't set the temperatures to something perceived as costing too much money to operate.
  Now, this can be done safely with something like pair gain modems over a leased line or dry loop with end-to-end encryption, but this costs money, so the same mentally that leads to remote climate control ends up killing any hope of security.
3. Re:Explain to me by Anonymous Coward · 2016-11-08 03:30 · Score: 1
  I do security in automotive. This is a classic case of a design which did not consider security whatsoever. But, like you say, a lack of robustness in the design exacerbates the security problem, because attackers can more easily cause big problems.
  Getting into the nitty gritty details (which the article does not), there are two ways I can see a DDoS causing systems to go down:
  
  There was a dependency on the network, and when the network was down, the devices didn't work
  Flooded requests reached end nodes and overpowered their processors, bogging them down so that they no longer performed their primary function properly.
  Let's hope it was not #1. I shutter to think that there are industrial control system engineers creating systems that don't operate when a network goes down. #2 is difficult to solve, but not impossible. An RTOS, properly configured (and tested), could probably handle this challenge. I don't want to trivialize, however. Fixing #2 is genuinely difficult. Fixing #1, though? That's kid stuff. I certainly hope it wasn't #1.
4. Re:Explain to me by Anonymous Coward · 2016-11-08 03:33 · Score: 0
  I am a security engineer (essentially) in automotive. This is a classic case of a design which did not consider security whatsoever. But, like you say, a lack of robustness in the design exacerbates the security problem, because attackers can more easily cause big problems.
  Getting into the nitty gritty details (which the article does not), there are two ways I can see a DDoS causing systems to go down:
  
  #1) There was a dependency on the network, and when the network was down, the devices didn't work.
  #2) Flooded requests reached end nodes and overpowered their processors, bogging them down so that they no longer performed their primary function properly.
  Let's hope it was not #1. I shutter to think that there are industrial control system engineers creating systems that don't operate when a network goes down. #2 is difficult to solve, but not impossible. An RTOS, properly configured (and tested), could probably handle this challenge. I don't want to trivialize, however. Fixing #2 is genuinely difficult. Fixing #1, though? That's kid stuff. I certainly hope it wasn't #1.
  I posed again to fix my formatting.
5. Re:Explain to me by EvilSS · 2016-11-08 03:38 · Score: 1
  
  Hell even a simple VPN would have shielded the control units from the DDOS. Yes, they would not be remotely manageable, but they probably would have just kept on doing what they were last told to do, instead of freaking out and going into a reboot loop.
  
  --
  I browse on +1 so AC's need not respond, I won't see it.
6. Re:Explain to me by Critical+Facilities · 2016-11-08 03:40 · Score: 1
  
  1. Why are these infrastructure computers reachable from the Internet? 2. Why this system doesn't fail safe if the controller is taken down? Yet another cautionary tale of IoT woe, but also some seemingly bad design...
  Exactly. I've been working in Facilities Management for 16 years. I have a LOT of experience with Building Automation systems and Building Monitoring systems. If these dummies were stupid enough to put their Building Automation System on the Internet and didn't bother to put the infrastructure in place to provide adequate security and/or failsafe modes for controller or communications failures, then they deserve what they got.
  
  This is not the way the pros do it. I've never heard of this management company, and it's clear why.....they suck. There is no reason this should have happened. I'd be willing to bet that someone took a shortcut so he/she wouldn't have to come in after hours to respond to issues, so they grabbed an old copy of PC Anywhere and installed in on a client machine or something stupid like that. Too often, I see cases like this where human laziness ends up being the culprit.
7. Re:Explain to me by GerardAtJob · 2016-11-08 03:51 · Score: 1
  
  Viva el Internet of things XD
  
  --
  I can't call that English ;-)
8. Re:Explain to me by sinij · 2016-11-08 03:55 · Score: 1
  
  I do security in automotive.
  
  Personal request, since your industry doesn't quite get it, please help fellow nerds and add an easily accessible jumper somewhere to turn it all off. I don't want my car to have an ability to connect to anything, but right now finding, isolating, and/or disabling radios is very involved process.
  
  Much appreciated!
9. Re:Explain to me by Depili · 2016-11-08 04:07 · Score: 1
  
  2. Why this system doesn't fail safe if the controller is taken down?
  Yet another cautionary tale of IoT woe, but also some seemingly bad design...
  It is actually failsafe, because the system goes safely to a safe state when the control is lost. The heater running at full blast would certainly not be failsafe...
10. Re:Explain to me by thegarbz · 2016-11-08 04:08 · Score: 1
  
  1. This system relies on remote control. On loss of remote signal it would likely happily operate autonomously. This doesn't excuse the fact that it wasn't locked behind a tight VPN though.
  2. It did fail safe. On loss of control the safe thing to do is shutdown and turn off energy sources, no blindly feed heat into apartments. That's the key here, on loss of the computer it would probably operate autonomously using the last setpoint, this is called Loss of View (loss of the computer commanding the controller to do its thing). Loss of the controller however is just that, loss of control. By definition you can't then control so the only safe thing to do is shut down.
11. Re:Explain to me by slashcross · 2016-11-08 04:33 · Score: 1
  
  2. Why this system doesn't fail safe if the controller is taken down?
  Yet another cautionary tale of IoT woe, but also some seemingly bad design...
  It is actually failsafe, because the system goes safely to a safe state when the control is lost. The heater running at full blast would certainly not be failsafe...
  The definition of "failsafe" depends a great deal on where you are. In areas where it's cold more than it's hot, the heater running at full blast definitely is the failsafe condition. I have had to deal with that exact issue. Midsummer we had a failure in the temperature control system. All the heaters were running full blast. I was told it's part of the building code here, a requirement.
  
  --
  Slashdot your i and slashcross your t.
12. Re:Explain to me by ljw1004 · 2016-11-08 04:55 · Score: 1
  
  Why are these infrastructure computers reachable from the Internet?
  If I were a city council purchasing a heating system, and one option was 20% cheaper and and could be controlled and configured by offsite engineers even in the middle of an impenetrable blizzard, while the other one couldn't -- then choosing the first (connected to internet) is a no-brainer.
13. Re:Explain to me by Anonymous Coward · 2016-11-08 05:17 · Score: 0
  
  There's no logical explanation, some boob hired some other boob to make the dumbest heating system in Finland and now we're supposed to be surprised when it fails.
  
  I'll be more surprised when /. starts posting news for nerds and/or stuff that matters.
14. Re:Explain to me by sjames · 2016-11-08 06:00 · Score: 1
  
  Actually, neither problem is that hard to solve with appropriate hardware. You just have to rate limit the network interrupt by only re-enabling it if there is room in the Rx queue. Another answer is to use a dedicated I/O processor for networking and a main processor that polls it only when idle. You can get WiFi devices with such a dedicated CPU built in these days. If it gets a DDOS, the I/O processor gets overloaded and polls from the main CPU just time out and the device continues to operate normally in local mode (even accepting local control inputs). No need for real time at all. Perhaps it turns on a status light to indicate network failure.
15. Re:Explain to me by Anonymous Coward · 2016-11-08 06:12 · Score: 0
  
  It's also fairly obvious. Finding a way to turn the heater of is trivial (switch of the electricity, pull the fuel supply, try to open it - well, hopefully it will switch of in that case), so it's a no-risk solution.
  Anywhere where heating is required for more than comfort however, heating not working might kill people (even if unlikely, and you'd probably have a backup anyway).
16. Re:Explain to me by Anonymous Coward · 2016-11-08 06:15 · Score: 0
  
  > By definition you can't then control so the only safe thing to do is shut down.
  No, not in general. If your ABS fails, it is not a fail-safe to shut down the breaking system.
  And unless your controller is necessary to prevent your heater from creating a fire (oh dear god, tell me nobody ever did such an idiotic design), too much heat is less of a risk than too little.
17. Re:Explain to me by sjames · 2016-11-08 06:32 · Score: 1
  
  Thinking about it, if they're actually thinking of relocating tennants rather than just unplugging the internet connection, it must be #1 :-(
18. Re: Explain to me by MarkH · 2016-11-08 06:54 · Score: 1
  
  Fail safe is usually to disable system - as in this case.
  As for backup comms route ( manual in building, sms or even plain old modem ) good point
19. Re:Explain to me by DarthVain · 2016-11-08 07:07 · Score: 1
  
  Yes, my first question was "why are these things connected to the internet in the first place?" The only rational reason would mean to operate remotely. Again "Why?" Then the next question is "There is no manual operation/override, that seems a bit dumb?"
  I've seen things like this with Wind Turbines, being "controlled" by the manufacture a continent away over the internet, which at first blush seems a bad idea. However as you say there is a default fail safe in place basically a windows safemode, not to mention they can also be controlled locally, as well as individually manually.
20. Re:Explain to me by Darinbob · 2016-11-08 08:15 · Score: 2
  
  Jumalauta! It's damned cold in Finland right now. You really expect them to trudge through the snow just to flip some switches? That may be what they do in sunny Spain, but in Finland they are smart and stay inside!
21. Re:Explain to me by Anonymous Coward · 2016-11-08 09:25 · Score: 0
  
  #2 is easy to mitigate, have the router in front of it rate limit the data that can be sent to it.
22. Re:Explain to me by AHuxley · 2016-11-08 12:20 · Score: 1
  
  Because contractors, branding, profit, shareholders.
  Or:
  Why send out a repair crew when the user can be helped with a phone call?
  So the energy producers know what load to expect every year.
  It's more sensitive and better for the earth?
  Think of the local IT networking jobs for design, support and upgrades.
  It makes the design look more modern and stand out from other brands.
  
  --
  Domestic spying is now "Benign Information Gathering"
23. Re:Explain to me by Anonymous Coward · 2016-11-08 12:31 · Score: 0
  
  I'm with you, but you probably should have spoken up louder as the Google's and Facebook's of the world have eroded our very dignity with their data mining. Consumers have sent a very powerful message to all industries: they will tolerate any amount of privacy intrusion with very little resistance. The auto industry wants your data just like all the others.
24. Re: Explain to me by Anonymous Coward · 2016-11-09 21:52 · Score: 0
  
  I haven't worked on systems like this but surely, for number 2 just putting a router in front of it which which limits the number of requests going to the heating unit would fix the problem. You might bring the router down but the the heating would still work.. am I missing something or would it be a simple as this?
so Hollywood isn't too far off? by gemtech · 2016-11-08 02:58 · Score: 1

Why, oh why, do software engineers (or maybe just coders) allow external access to mission critical processes?

--
Insanity: doing the same thing over and over again and expecting different results. Albert Einstein
1. Re:so Hollywood isn't too far off? by Anonymous Coward · 2016-11-08 03:10 · Score: 0
  
  Management considered security as unimportant so the coder in India got orders not to implement any.
  I doubt that he knew how to do it correctly anyway...
2. Re:so Hollywood isn't too far off? by EvilSS · 2016-11-08 03:41 · Score: 1
  
  Why, oh why, do software engineers (or maybe just coders) allow external access to mission critical processes?
  Why would a software engineer have any control over this? This sounds more like an individual implementation issue where the property managers exposed the systems directly to the internet instead of securing them properly.
  
  --
  I browse on +1 so AC's need not respond, I won't see it.
Remember Georgia & Ukraine? by Anonymous Coward · 2016-11-08 03:00 · Score: 0

http://www.channel4.com/news/ukraine-cyber-warfare-russia-attacks-georgia
Do you remember the DDNS cyber attacks on Georgia and Ukraine? Lots of little hacks that preceded an invasion.
Putin's also been flying jets violating Finnish airspace.
https://theaviationist.com/2016/10/06/this-armed-russian-su-27-flanker-has-probably-violated-the-finnish-airspace-today/
Putin really is counting on Trump getting elected. But surely Republicans wouldn't sell out their country to get a leader they didn't like into power simply because he's "red team"? You do realize that's Putin red not GOP red??
Moron designed systems fail by Lumpy · 2016-11-08 03:04 · Score: 2

Sorry but if your heating system is 100% cloud based so that a DDOS attack or internet outage will stop heat control, then it was designed by the worlds biggest morons.
Cloud based is great for toys, for anything important it's 100% shit.

--
Do not look at laser with remaining good eye.
1. Re:Moron designed systems fail by thegarbz · 2016-11-08 04:11 · Score: 1
  
  They didn't DDOS the internet, they DDOSed the device controlling the heater itself. This also isn't cloud based and has nothing to do with the cloud and everything to do with remote control of infrastructure.
2. Re:Moron designed systems fail by sjames · 2016-11-08 06:44 · Score: 1
  
  In other words, the device was connected to the cloud so that it could be attacked. And since they apparently can't fix it by disconnecting the controller from the internet (they're talking about relocating tenants), it is cloud dependent. Cloud doesn't JUST mean a massive provider like Amazon.
3. Re:Moron designed systems fail by sysrammer · 2016-11-08 07:10 · Score: 2
  
  Got it. The cool kids use the cloud, the rest of us are stuck using the internet.
  
  --
  His ignorance covered the whole earth like a blanket, and there was hardly a hole in it anywhere. - Mark Twain
4. Re:Moron designed systems fail by sjames · 2016-11-08 07:54 · Score: 1
  
  In the sense that Cloud is more a marketing term than a technical one, yes. It's basically just the hipster way to say internet. It often indicates some sort of dependence on a remote server somewhere, generally unwarranted.
  It's a reference to the cloud icon in old style data flow diagrams.
5. Re:Moron designed systems fail by sysrammer · 2016-11-08 08:13 · Score: 1
  
  It reminds me of one of the earlier buzzwords, "database". In the tech journals, the word "database" had specific properties (though those were still being argued about, so yeah). Then the marketing folks and PHB's heard enough techs saying the word, and soon the trade journals were full of copy, describing pretty much any collection of files used by a program as "their database", whether it was related to a DBMS or not.
  
  And don't get me started on when programs became apps.
  
  --
  His ignorance covered the whole earth like a blanket, and there was hardly a hole in it anywhere. - Mark Twain
6. Re:Moron designed systems fail by thegarbz · 2016-11-08 12:05 · Score: 1
  
  In other words, the device was connected to the cloud
  Yes because Slashdot has deranged to the point where a network connection is now suddenly a cloud, even the same remote management systems that have existed since the internet first came online.
  Someone with your UID should know better.
7. Re:Moron designed systems fail by sjames · 2016-11-08 13:36 · Score: 1
  
  "The Cloud" is just marketing speak for being utterly dependent on a remote server on the internet. How did you miss that one? Marketers like calling it the cloud because it's so fluffy.
  OP's point stands, it was stupid as hell to make the thing so that a flood or any other loss of connectivity would cause it to fail at it's most important function. Which end of the connection is DDOSed is of little importance to determining the level of stupidity.
8. Re:Moron designed systems fail by Anonymous Coward · 2016-11-08 18:50 · Score: 0
  
  I remember the cloud being promoted as a a symbol for "don't worry about it". Intransparent like the old-fashioned black box, but less material and (deceptively) less scary. The internet teems with evil "hackers" and out-of-control "algorithms"; the cloud is a cushy safe space for your data. Also computers can fail, but the cloud will always be there.
9. Re:Moron designed systems fail by thegarbz · 2016-11-09 03:54 · Score: 1
  
  Except it's not Cloud dependent. Remote access does not mean something is cloud dependent. It means that some additional abilities are exposed by it and this is something which we have doing since the day you first singed up to Slashdot.
10. Re:Moron designed systems fail by sjames · 2016-11-09 05:03 · Score: 1
  
  According to TFA, the system failed as a result of the DDOS and they were talkiong about relocating people.
  I have seen a followup article from another source saying that the system was actually maintaining the last temperature set and could be disconnected from the internet. That does put a very different light on the situation, but it is from a different article and different information.
  But you're still missing it. The only thing new about "The Cloud" is calling it "The Cloud". One of it's more famous complainants is just virtual server rental with more automation and a shorter timeframe.
11. Re:Moron designed systems fail by thegarbz · 2016-11-09 10:30 · Score: 1
  
  the system failed as a result of the DDOS
  Yes, by forcing the main controller to reboot. What does this have to do with the cloud again? Again there's nothing new or cloudish here. Shithouse security for a device that was remotely operated, nothing more. An attack on the device directly caused it to reboot over and over again. That's a denial of service. DDOS doesn't mean "cut off internet access", it just means "cut off access" the means are not relevant.
  This isn't virtual cloud someone else's computer anything. It's a physical machine with optional remote access. This has been happening for 25 years now, possibly longer.
12. Re:Moron designed systems fail by sjames · 2016-11-09 12:24 · Score: 1
  
  Again, going by the first article, relocating people implied that disconnecting it from the internet wasn't a viable solution. The onlyu reason that would be is if it depended on tyhe internet. Is that hard to grok?
  No need to argue further over the name. Call it purple parakeet poop if you like. No skin off of my nose if someone says cloud and you look like a fool because you don't know what it might mean. (Why not, they look like fools for not knowing it's just the same-old with a shiny new name.)
13. Re:Moron designed systems fail by thegarbz · 2016-11-10 03:46 · Score: 1
  
  Honestly it probably comes down to lowest common denominator journalism. I'm clearly applying some biases to my reading.
Yeh, even heating systems should be hardened by Anonymous Coward · 2016-11-08 03:11 · Score: 1

Turn off the heating in a critical office building to shut the office down. Even heating systems are critical in cold countries.
Even heating should be hardened and not available to Putin attack.
2007 Russian cyber attacks Estonia, blocking banking, government, newspaper headlines and Estonian Reform Party head quarters. This was after Russia tried and failed a propaganda attack during that years elections. Does that sound familiar? They failed to get their stooge into power.
https://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia
https://en.wikipedia.org/wiki/Estonian_parliamentary_election,_2007
"The Centre Party, led by the mayor of Tallinn Edgar Savisaar, had been increasingly excluded from collaboration, since his open collaboration with Putin's United Russia party, real estate scandals in Tallinn,[1] and the Bronze Soldier controversy, considered as a deliberate attempt to split Estonian society by provoking the Russian minority.[2]"
Putin tried to get his puppet elected. The people rejected the Putin puppet, so Russia did widespread cyber attacks on the country. Latvia has electronic voting, it is at the biggest risk of a Putin hacker rigged election. Estonia is more aware about the risks. Finland is very glib, but they were once under Russian control and should be more careful.
Never underestimate the power of a Russian puppet leader to undermine the security of a country. Never underestimate a cyber attack on critical systems, or worse, election systems.
1. Re:Yeh, even heating systems should be hardened by gtall · 2016-11-08 04:40 · Score: 1
  
  Currently, the Reform Party will probably lose control of the government and Centre Party is expected to take over given the fractious nature of the governing coalition. So maybe Putin will finally succeed in getting his stooge into power. Maybe he'll screw up spectacularly before turning the country over to Putin and his merry band of kleptocrats.
You anti-science denialist scum! by CajunArson · 2016-11-08 03:11 · Score: 0, Offtopic

How dare you deny the GLORY of Global Warming as foretold by the holy prophets of Hockey Stick!
Global Warming means that heat is not necessary and this story is obvious heresy by the denialist infidels!

--
AntiFA: An abbreviation for Anti First Amendment.
1. Re:You anti-science denialist scum! by Anonymous Coward · 2016-11-08 04:17 · Score: 0
  
  Game on!
2. Re:You anti-science denialist scum! by gtall · 2016-11-08 04:41 · Score: 2
  
  You don't really get global warming, do you?
Idiots by Anonymous Coward · 2016-11-08 03:35 · Score: 0

Sorry, but if you have hooked your important infrastructure systems to the internet you are an idiot. A moron. A fool. IMHO the person or persons at Valtia responsible for the decisions that led to installation of inherently vulnerable systems should pay the price of any retrofitting necessary to install isolated systems and compensation to any persons or companies that lost productivity due to this problem. We need to start holding responsible the persons making decisions like these so that, hopefully, at some point down the road installations like this one no longer occur. Critical systems need to be isolated. Yeah, that means you might have to hire an actual person to go and change settings when something goes wrong, rather than doing it across the net, but too damn bad.
The Internet Of Hacked Things by Citizen+of+Earth · 2016-11-08 03:47 · Score: 1

Someday, we'll figure out that it's not a good idea to subject critical infrastructure to Internet control.
1. Re:The Internet Of Hacked Things by thegarbz · 2016-11-08 04:13 · Score: 1
  
  No, some day we'll figure out that it's not a good idea to subject critical infrastructure to internet control insecurely.
  People have been doing this for as long as the internet has existed, it's all a question of competence.
2. Re:The Internet Of Hacked Things by gtall · 2016-11-08 04:42 · Score: 1
  
  Right, so all industries should build out their own private network infrastructure. That shouldn't cost you too much, should it?
3. Re:The Internet Of Hacked Things by misxn · 2016-11-08 04:44 · Score: 2
  
  Not true. If you want to secure it with competence then you separate the two domains, not connect them.
4. Re:The Internet Of Hacked Things by GerardAtJob · 2016-11-08 05:05 · Score: 1
  
  +1! (Where are my mods points when I really need them!???)
  
  --
  I can't call that English ;-)
5. Re:The Internet Of Hacked Things by thegarbz · 2016-11-08 12:11 · Score: 1
  
  Not true but true? Is that what you're trying to tell me? Or are you implying that leased lines are still easy to come by in the modern world and that we don't live in a world of common infrastructure?
  I say this as someone who was forced to decommission a dedicated leased line in exchange for a modem with a public IP address by a major telecom company, so it's not a far out scenario.
6. Re: The Internet Of Hacked Things by misxn · 2016-11-08 13:19 · Score: 1
  
  Leased lines? Are you replying to the right thread? I simply stated that one should airgap their domains and not connect critical infrastructure to the Internet. If one HAS to be on the Internet, then use a data guard.
7. Re:The Internet Of Hacked Things by Anonymous Coward · 2016-11-09 03:02 · Score: 0
  
  Can someone clarify if this was a GSM system or if it was connected on the internet? The article does not mention GSM, but I've read that most smart electricity meters are using a SIM card to receive commands (including the OFF command) and send readings.
8. Re: The Internet Of Hacked Things by thegarbz · 2016-11-09 03:56 · Score: 1
  
  So that's kind of what I was saying when I mentioned insecurely and it's a question of competence.
  And you replied with not true... I can't understand if you are agreeing with me or disagreeing with me.
Could be worse by davidwr · 2016-11-08 03:49 · Score: 1

They could've turned off the heating at a polling location in the United States. Everyone would be blaming Putin even if he didn't do it.

--
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Solution by Anonymous Coward · 2016-11-08 03:53 · Score: 0

The solution is simple. For some reason the people responsible don't take action. Maybe we are waiting for the big one? Like an explosion in a nuclear electricity facility?
GET. ALL. CRITICAL. INFRASTRUCTURE. SYSTEMS. OFF. THE. INTERNET.
1. Re:Solution by Anonymous Coward · 2016-11-08 03:55 · Score: 0
  
  and stop using controllers with network capabilities.
2. Re:Solution by WaffleMonster · 2016-11-08 06:40 · Score: 1
  
  The solution is simple. For some reason the people responsible don't take action. Maybe we are waiting for the big one? Like an explosion in a nuclear electricity facility?
  GET. ALL. CRITICAL. INFRASTRUCTURE. SYSTEMS. OFF. THE. INTERNET.
  To play the devils advocate.. what is the alternative? Leased lines and private networks?
  Do you think Telco you pick one of those up from isn't going to provision it using same (mostly virtualized) infrastructure and management systems they use for Internet traffic? Do you really think their systems are any more secure?
  I strongly believe any and all attempts at securing the network is both dangerous and counterproductive. It is dangerous because it sucks resources from the only thing that matters... securing *systems* and counterproductive because it essentially amounts to "castle defense" in the age of super sonic jet fighters.
  If people connect their shit to the Internet with the understanding that it is both a hostile and unreliable environment and take precautions to guard against it (obviously these jokers did no such thing) such systems end up being better engineered and more secure over time vs. dolts with leased lines or private cables who never see an unsolicited byte or dropped packet and become complacent and less investment is subsequently made in engineering systems for reliability and security.
  The alternative is when someone does hack a leased line or cut into dark fiber in anger all bets are off. This shouldn't be. Control systems don't have to be the joke that lies just behind most corporate firewalls. It takes investment to get there. Every dollar spent on private lines and DIY networks are dollars not spent on R&D into control systems that are more survivable in hostile environments.
3. Re:Solution by Anonymous Coward · 2016-11-08 21:17 · Score: 0
  
  What I meant to say was to get all controllers that are part of the critical infrastructure off the internet. When necessary to do maintenance and updates, they have to be manually done one by one.
  I know it's better^W cheaper to outsource this to some 3rd world country and have it done over the internet. But the risk is just too high to be cheap when it comes to critical infrastructure.
  Also the controllers' local network should be restricted in message passing only, and not allowing any sort of firmware updates and LKMs to be propagated remotely between controllers. MANUALLY. ONE-BY-ONE.
At least this elections wakes people up by Anonymous Coward · 2016-11-08 04:12 · Score: 0

If there's one good thing to come out of Trump's games, its that everyone suddenly takes cyber security of election and computer infrastructure seriously.
Suddenly when you're facing annexation by Putin's puppets, you finally decide you need to protect your computer systems from attack. Suddenly the need for unbreakable encryption becomes clear. Suddenly the terrible idea of backdoors becomes clear.
Now if only you'd thought about that early this year when his hackers began trying to put Trump into power?!
All that US infrastructure, all that mighty army, and it could all be rendered useless by a simple hack of the election system, and a Putin stooge planted in the Whitehouse. It's like a decapitation strike, a strike designed to take out the leadership, only Fox News and the Republican election rigging system help you deliver the fatal blow.
And once he's in power, can you protect those backdoors you put in, from Trump handing them over to Putin? And once you're in power, can you stop Trump giving Putin access to all that domestic surveillance machinery? How would you defend Finland, if the major country head of Nato is a puppet? How would you defend US bases around the world, if President Puppet won't give the order to counter attack?
1. Re:At least this elections wakes people up by Anonymous Coward · 2016-11-08 04:35 · Score: 0
  
  One more person that doesn't have a fucking clue about the separation and limits of power between the 3 branches of the US government. And Trump is an ego maniac who has no qualms about answering challenges with open and no holds bar hostility. And with control of the most devastating military on the planet he would never let Putin or anyone else forget that small detail. A President can only deploy the US military for 60 days without Congressional approval but you can do a lot of damage in those 60 days. The last thing the US needs to do is waste time resetting relations with countries that are nothing but belligerent every time they open their mouth. Political negotiations between foreign countries have never solved the important disputes. Quick and unrelenting violence on the other hand has defined the world we live in. And Putin is no danger to the US. Russia is a 3rd world country with a nuclear arsenal and that is it. The state of California has a higher GDP than Russia. If anything Russia will end up being a client state of China the way things are progressing. With the US able to suppress the price of oil all the countries that depend on oil to fund their state budgets are now vulnerable. With US natural gas exports increasing to Europe Russia no longer has a way to use their gas exports to project their power.
Lesson to be learned by Anonymous Coward · 2016-11-08 04:14 · Score: 0

don't ask Valtia to manage your building, because if there's an Internet outtage, your building freezes over.
Re:Explain to me Why? by BoRegardless · 2016-11-08 04:16 · Score: 1

Default ought to return to my 80 year old, still working bimetallic thermostat, with no electronics. Never failed in 80 years.
General Winter Protection Fault. by Anonymous Coward · 2016-11-08 04:20 · Score: 0

Bob: Who is General Winter Protection Fault and why is he reading the hard drive of our Internet-connected central heating apparatus?
Alice: General Winter supports Mother Russia and our protection has obviously failed!
Bob: I'll give up my soul-warming vodka flask when you pry it from my cold, dead hands!
Alice: Oops, the lights went out and there is no phone either...
Bob: I, for one welcome our novo-russian hacker overlords! Unbreakable Union of freeborn Soviet Republics, Great Russia has welded forever to stand ... la-la-la ...
Re:Moron designed systems fail, ... so by BoRegardless · 2016-11-08 04:25 · Score: 4, Insightful

Let a mechanical thermostat be the default control when the computer fails, regardless of why!
Why is this connected to the internet? by Anonymous Coward · 2016-11-08 04:41 · Score: 0

Internet s double-edged, it allows you to watch your favourite film from anywhere in the globe but it also allows anyone from anywhere in the globe to screw whatever you connect to the internet. So, why on earth are strategic sectors (heating no less) connected to the internet??? Months ago it was a hospital, a bloody hospital connected to the internet and hijacked with ransomware. There are things that should never be online. Things that society can't live (properly) without.
How do you Fins keep... by Anonymous Coward · 2016-11-08 05:01 · Score: 0

How do you Fins keep the polar bears out of your igloos?
The obvious soution by Anonymous Coward · 2016-11-08 05:12 · Score: 0

It might not be as productive as blaiming Putin for hacking, but if the finnish people DDoSed back they could use the excess heat to heat their homes.
Gets rid of SJW, let me rethink things ... by Anonymous Coward · 2016-11-08 05:24 · Score: 0

Thats the sound the brownshirts boots will make as they carry the SJWs off for reprocessing.
You realize many are now thinking of voting for Trump, was that your intent?
IoT, Internet of Thermostat by Anonymous Coward · 2016-11-08 05:31 · Score: 0

IoT, Internet of Thermostat
IoT by p51d007 · 2016-11-08 06:11 · Score: 1

With the attach a couple weeks ago, the more crap that doesn't but gets hooked up to the internet, WITHOUT PROPER SECURITY, it's only going to get worse.
Attacker was probably just too warm by Anonymous Coward · 2016-11-08 07:08 · Score: 0

This reminds me of my own experience last winter. My building at work has climate control regions of several offices each. Each region is collectively controlled from simple up/down 1 degree buttons on each of our internal company profile webpages that you can press at most every 10 minutes per person. The page also shows a history of who changed the temperature in which direction.
When I moved into this office, I discovered that two people were fighting between 68 and 72 degrees(mind you, you can only move it one degree every 10 minutes, so this was a slow battle throughout the day). I shot off an email to form a truce of 70 degrees, hinting that the one who wanted it warmer might just put on more clothes. They both agreed and maintained 70 degrees against any other changes for a few weeks. Then the 72 degree person broke the truce, and went even warmer when he could. So in response, I wrote a simple script that every 11 minutes will check the temperature and turns it down if it was above 71. But the enemy caught on when clearly I was either working really strange hours and obsessively checking the page, or was running a script. He wrote his own script(or more likely got someone smarter to do it), that seemed strangely more successful than mine. After a few weeks of automatic back and forth, I got contacted by a maintainer of this internal company server asking if I was running a script. It turns out the enemy didn't use any sort of timer, and his script just constantly pressed the button whether the 10 minutes was up or not(so sometimes he'd slip in two changes before I got my one). This caused 1000s of hits/second on the server and numerous errors. They only realized I had a script because they looked at the history and saw that we fought all night long. My boss thought it was funny and encouraged me to make my script more human like. I ended up just buying a fan for under my desk and stopped caring.
With this global warming.. by Keruo · 2016-11-08 09:35 · Score: 1

Finnish winters are starting to resemble the summer, but unlike the summer, which was on Thursday this year, the winter is scheduled on Tuesday.

--
There are no atheists when recovering from tape backup.
I have had first-hand experience by thebigmacd · 2016-11-08 09:47 · Score: 1

I am an HVAC controls Technologist and the product we use used to have an unintentional DOS issue. If there was too much traffic on the controller's network port (including traffic not intended for it), the processor would spend all of its time responding to network interrupts and actual operation would grind to a halt. The fix was simple...the manufacturer made new firmware that would simply ignore network interrupts if the program scan rate got too low. Sure, the controller would quit communicating on the LAN but it was still accessible via rs-232/485.
These controllers have 32MHz processors, 2MB ram, and 10Mb half-duplex ethernet, and cost multiple thousands of dollars.
Internet ALL the things! by Anonymous Coward · 2016-11-08 10:09 · Score: 0

That is such a clever idea... I wonder at what time the planets engineers became morons?
Re:Explain to me Why? by angel'o'sphere · 2016-11-08 10:48 · Score: 1

We are not talking about a remote control that is for some absurd reason controlling your local heating in the house.
We actually are talking about remotely distributed heat, hot water, steam, to heat the houses in question.
Otherwise the owners could simply fiddle with the controls I guess.

--
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
If only they used an Amiga by sad_ · 2016-11-08 23:38 · Score: 1

I'm sure that school that has their heating system controlled by an Amiga won't have this problem :P

--
On a long enough timeline, the survival rate for everyone drops to zero.
GSM closed network vs internet? by Anonymous Coward · 2016-11-09 03:15 · Score: 0

Is this on a GSM closed network? Are the meters receiving commands via (signed) SMS messages, or are they actually on the internet (use GSM to go online via an ISP)?
curso NR 10 by Instituto+Santa+Cata · 2016-11-09 05:08 · Score: 1

Curso NR 10 online curso NR 10 curso NR 10 online
Who Designed this PoS? by Anonymous Coward · 2016-11-09 08:48 · Score: 0

Was it marketing? Did some MBA dip shit decide they had to include "cloud" technologies in their bullets-on-the-box and, thus, forced engineering to do something stupid.
Or, was it just some dip shit engineer who decided he wanted to create a "cool" design based on the current technology fad?