Clearly you do no know Stuxnet nearly as well as you think you do, I'll address you mistakes individually
1) No contention
2) No contention
3) The Irian network was airgapped as far as we know, however that is no the only vector that Stuxnet uses. Stuxnet can spread quite rapidly through windows networks, thus leading to more machines that could potentially infect flash drives that would latter be used in critical machines. It also makes the task of cleaning a facility much more difficult because any missed machine could potentially reinfect the entire facility. Additionally, Stuxnet contains code to contact control servers in order to report information and update the software, allowing updated and more virulent versions to propagate quickly, further worsening the problem.
4) While being up to date would not have prevented the initial spread of the worm, after the exploits were identified patches were released fixing those issues. Patches for Windows have been around for 9 months. If everyone affected had applied those patches as quickly as reasonable, the infection rate would have significantly decreased.
5) I never claimed that everyone noticed all a once, I'm just saying would should have happened at the first sign (which in this case is the security researcher making a big deal about it)
6) I never claimed that it was a good idea to have a veritable buffet of OS's and versions, its a huge pain in the ass. But lets say that they deployed Windows and RHEL on servers and workstations, where appropriate. The linux boxes could have acted as a moderator for the spread of the worm. And, despite the large of amount of work that comes with deploying a new OS, the long term added work of managing 2 OS, when both are standardized
As I said before, none of these steps (except perhaps the flash drives) would have stopped the worm, I a merely suggesting that the statement "many companies that owned Siemens equipment were left wondering what, if any measures, they should take to protect themselves from the new worm" is quite stupid since good IT practices would have greatly reduced and restricted the impact and spread of the worm, and its clear that among those most affected, some or all of them were not followed.
What they should have done:
1) anyone bringing in flashdrives and plugging them into mission critical should be taken out back and shot, or at least given a stern talking to. Autorun should be disabled
2) Any machines brought into from the outside (laptops etc) should be placed on a separate, untrusted network
3) Mission critical machines shouldn't be on a network. If that isn't possible, they should be on a separate network or vlan with only the machines they need to talk to, at the very least they shouldn't be able to access the internet
4) Always ensure that all security updates are applied promptly and all relevant hardening is performed
5) At the first sign of such a massive infection across multiple machines and devices, everything should have been taken offline, wiped, flashed, and reinstalled and brought up again on a know clean environment, with security procedures tightened.
6) If all of your machines are running version X of OS Y, they will all suffer from the same 0 day attacks. Diversity, where appropriate, is useful.
This may not have prevented a infection, but it would have definitely reduced its impact. I really question the competency of any IT person that had no idea what to do.
I actually like the name LibreOffice a lot better than OpenOffice.org, which I have always thought was kinda silly. I'm hoping the document foundation keeps the new name.
I doubt that those projects could do without the meetings if the projects weren't mature. Besides, in those projects, they may not have conference calls, but I am sure groups of developers gather on forums or IRC channels and touch base on their work.
This is actually not a terrible idea, and with a few decent point and shoots, plus a little software to process the images it could work nicely.
I'd do it like this: a couple cameras (maybe 5? You'd need to do some experimentation) on tripods (aimed for good coverage) tethered to a computer (there are some good alternate firmwares for Canons that allow this on cheap cameras). When the vote comes up, a script tells each camera to snap 2 or 3 images (separated by a few seconds each). It would then process all the QR codes in each image into a table and merge all the tables together. Any missing or conflicting entries can then be manually resolved by consulting the photos. You could ring the QR codes with a color for each vote (y/n/a) to make this a very quick process. You could have your vote done in 30 seconds. It will take some money and doing, but cost a lot less than the $24000 clickers would cost you.
I am implementing this at my factory. In fact, tanks c4ca4238a0b923820dcc509a6f75849b, c81e728d9d4c2f636f067f89cc14862c, eccbc87e4b5ce2fe28308fd9f2a7baf3, a87ff679a2f3e71d9181a67b7542122c, and e4da3b7fbbce2345d7772b0674a318d5 just rolled off of the the assembly line.
that as soon as they start moving towards that, lobby groups start leaning on their governments, who will start leaning on the Brazilian government, which will quickly do an about face. Gotta love those international trade agreements.
Looks like I'll finally have a reason to get around to rebuilding my home server. Well, as soon as WD finishes warrantying one of the drives in the array that is. Current estimates put ZFS and the drive arriving at the same time!
Well you could always change all the numbers and important information that you can. After that I recommend praying to your favorite diet(y|ies). That or keeping all of your money in a shoebox under your bed.
At the single biggest security problem at the place were I work. We tried disabling it, but we had too many problems of people putting in flash drives or cd and the stupid flash based window not popping up like it did "on their home computer" and that "their computer was broken." Sometimes, its just easier to clean up afterwards, then to preempt it and deal with people complaining.
Slashdot Mirror
Clearly you do no know Stuxnet nearly as well as you think you do, I'll address you mistakes individually
1) No contention
2) No contention
3) The Irian network was airgapped as far as we know, however that is no the only vector that Stuxnet uses. Stuxnet can spread quite rapidly through windows networks, thus leading to more machines that could potentially infect flash drives that would latter be used in critical machines. It also makes the task of cleaning a facility much more difficult because any missed machine could potentially reinfect the entire facility. Additionally, Stuxnet contains code to contact control servers in order to report information and update the software, allowing updated and more virulent versions to propagate quickly, further worsening the problem.
4) While being up to date would not have prevented the initial spread of the worm, after the exploits were identified patches were released fixing those issues. Patches for Windows have been around for 9 months. If everyone affected had applied those patches as quickly as reasonable, the infection rate would have significantly decreased.
5) I never claimed that everyone noticed all a once, I'm just saying would should have happened at the first sign (which in this case is the security researcher making a big deal about it)
6) I never claimed that it was a good idea to have a veritable buffet of OS's and versions, its a huge pain in the ass. But lets say that they deployed Windows and RHEL on servers and workstations, where appropriate. The linux boxes could have acted as a moderator for the spread of the worm. And, despite the large of amount of work that comes with deploying a new OS, the long term added work of managing 2 OS, when both are standardized
As I said before, none of these steps (except perhaps the flash drives) would have stopped the worm, I a merely suggesting that the statement "many companies that owned Siemens equipment were left wondering what, if any measures, they should take to protect themselves from the new worm" is quite stupid since good IT practices would have greatly reduced and restricted the impact and spread of the worm, and its clear that among those most affected, some or all of them were not followed.
Clearly you need to brush up on some BOFH-style Boss/Employee diplomacy.
"anyone bringing in flashdrives from the outside and plugging them into mission critical should be taken out back and shot,"
Fixed
What they should have done:
1) anyone bringing in flashdrives and plugging them into mission critical should be taken out back and shot, or at least given a stern talking to. Autorun should be disabled
2) Any machines brought into from the outside (laptops etc) should be placed on a separate, untrusted network
3) Mission critical machines shouldn't be on a network. If that isn't possible, they should be on a separate network or vlan with only the machines they need to talk to, at the very least they shouldn't be able to access the internet
4) Always ensure that all security updates are applied promptly and all relevant hardening is performed
5) At the first sign of such a massive infection across multiple machines and devices, everything should have been taken offline, wiped, flashed, and reinstalled and brought up again on a know clean environment, with security procedures tightened.
6) If all of your machines are running version X of OS Y, they will all suffer from the same 0 day attacks. Diversity, where appropriate, is useful.
This may not have prevented a infection, but it would have definitely reduced its impact. I really question the competency of any IT person that had no idea what to do.
I actually like the name LibreOffice a lot better than OpenOffice.org, which I have always thought was kinda silly. I'm hoping the document foundation keeps the new name.
I doubt that those projects could do without the meetings if the projects weren't mature. Besides, in those projects, they may not have conference calls, but I am sure groups of developers gather on forums or IRC channels and touch base on their work.
This is actually not a terrible idea, and with a few decent point and shoots, plus a little software to process the images it could work nicely.
I'd do it like this: a couple cameras (maybe 5? You'd need to do some experimentation) on tripods (aimed for good coverage) tethered to a computer (there are some good alternate firmwares for Canons that allow this on cheap cameras). When the vote comes up, a script tells each camera to snap 2 or 3 images (separated by a few seconds each). It would then process all the QR codes in each image into a table and merge all the tables together. Any missing or conflicting entries can then be manually resolved by consulting the photos. You could ring the QR codes with a color for each vote (y/n/a) to make this a very quick process. You could have your vote done in 30 seconds. It will take some money and doing, but cost a lot less than the $24000 clickers would cost you.
Well I guess wikipedia's right to free speech includes the right to not say anything at all I suppose.
Thats the point...
I am implementing this at my factory. In fact, tanks c4ca4238a0b923820dcc509a6f75849b, c81e728d9d4c2f636f067f89cc14862c, eccbc87e4b5ce2fe28308fd9f2a7baf3, a87ff679a2f3e71d9181a67b7542122c, and e4da3b7fbbce2345d7772b0674a318d5 just rolled off of the the assembly line.
... welcome our new nuclear, robotic overlords.
if(player.win())
{
player.loseAnyway();
scaryPressRelease(REALLY_SCARY);
Legislation* cyberRegulation = new Legislation;
cyberRegulation->ramThroughCongress();
Bureau bigBrother = cyberRegulation->biggerGovernment()
}
IE as well know, unpatched security vulnerabilities? Thats so surprising!
that as soon as they start moving towards that, lobby groups start leaning on their governments, who will start leaning on the Brazilian government, which will quickly do an about face. Gotta love those international trade agreements.
Strange, the only thing that I can think of is that the xbox uses PPC and Macs used to.
Looks like I'll finally have a reason to get around to rebuilding my home server. Well, as soon as WD finishes warrantying one of the drives in the array that is. Current estimates put ZFS and the drive arriving at the same time!
Make 'im shave with a rusty razor...
Well you could always change all the numbers and important information that you can. After that I recommend praying to your favorite diet(y|ies). That or keeping all of your money in a shoebox under your bed.
Hopefully not to far, servers don't handle drops well. Keyboards seem to do alright though.
I thought the point of the name Chatroulette was to be a play on russian-roulette. How can it be russian-roulette if nothing bad ever happens?
At the single biggest security problem at the place were I work. We tried disabling it, but we had too many problems of people putting in flash drives or cd and the stupid flash based window not popping up like it did "on their home computer" and that "their computer was broken." Sometimes, its just easier to clean up afterwards, then to preempt it and deal with people complaining.
Every piece of new writable media gets formated immediately. I also have autorun killed on all my windows boxes.
Due to theft.
Toche
I count 0, 1, 10, 11...