publishing photographs of the insides emergency management and civil defense facilities isn't such a hot idea either
Why? This isn't some super secret military facility. What you find in this room will likely be no different to any other emergency response room anywhere in the world. If anything the firestation we have at work looks more complex than this.
What have we learned? They have multiple clocks. They have cameras. They monitor the weather. They have more than 2 telephones like any emergency room. They have swipe card access. There's a password for an unknown system on the monitor.
We could have guessed what this picture looked like when you say "emergency response room".
5.1.1.1 Memorized Secret Authenticators Memorized secrets SHALL be at least 8 characters in length if chosen by the subscriber. Memorized secrets chosen randomly by the CSP or verifier SHALL be at least 6 characters in length and MAY be entirely numeric. If the CSP or verifier disallows a chosen memorized secret based on its appearance on a blacklist of compromised values, the subscriber SHALL be required to choose a different memorized secret. No other complexity requirements for memorized secrets SHOULD be imposed. A rationale for this is presented in Appendix A Strength of Memorized Secrets.
So much so that the latest NIST recommendations are that you Should NOT impose composition rules and you Should NOT require the password is changed frequently.
Key word in there is highlighted. Given those NIST recommendations are less than 6 months old, we've got another 4 and a half years at the very least before you start to see them adopted widely.
There's also more to this. Humans are imperfect and make mistakes. Firing a human over a mistake doesn't mean you'll end up fixing the problem in a way that the mistake can't happen again. The replacement human is just as fallible.
To fix any mistake you need to first identify the systematic problems that allowed the mistake to escalate into an incident. Simply firing someone shows that you not only don't understand humans, but also that you refuse to improve your own systems.
Note: cell phones and even laptop mics aren't very omnidirectional
You clearly don't own a cellphone if you think this. Most on the market have no problem at all opening up Google Assistant, Bixbi, or Siri from the otherside of a large living room.
So, the decision to make the phone virtually impossible for the average user to open, to make the battery as difficult as possible to replace, cannot be seen as anything but an attempt to force users to upgrade
It's almost impossible for the average person to maintain a modern car. That doesn't mean you throw them away at the 10k mile service and buy another one. iPhone battery replacement services are dime a dozen even if you don't want to pay Apple to do it the official way. Your argument makes no sense.
If Apple and other smartphone manufacturers were truly sincere about doing the right thing, they would make models with user replaceable batteries.
Why? The cost of getting the battery replaced is tiny compared to the cost of the battery itself. Same for your car: Cost of battery $100, cost of labour to install $25. And no I won't do it myself because I don't have the extension bit on my wrench to reach the bracket holding it down and I don't want to deal with the cost of disposal of the old one.
You're right, well almost. I would say 99.9% of strangers have no influence on your life. The problem is the number of friends you hang out with is generally fixed while you get to meet a new set of 100 strangers every other day.
Strangers that control access to your money. Strangers that control access to your freedom. Strangers that control access to your income, your promotions, and strangers who can generally make your life a living hell.
For better or worse your friends rank barely above someone you haven't ever met in terms of true impact on your life (the exception being the ones that end up in your bedroom). They offer little more other than friendship and are generally easily discarded should that friendship go sour. The same can not be said for the strangers we truly rely on.
When you think about it you will probably also treat your friends the worst of all your acquaintances. For instance I've never called my a boss a fucking moron to his face, the same can not be said for some my friends.
Part of the reason delivery works today is that shops rely on people desperate enough to try to make tip money as drivers during slow hours
What is wrong with America that you have to tip for a company to survive. Also having worked for a Pizza joint for 3 years... you pay for your own gas, and WTF don't you get a company car with advertising? What the heck is wrong with you.
So I have to walk out and not have it at the door? I may as well pick it up
To be clear, are you one of those self-centred people who live directly opposite a Dominos and still orders takeaway? If so your comparison is quite silly.
I usually take the train - even before the dedicated HS lines were completed between France and A'dam
The Eurostar is being extended through to Amsterdam shortly so you won't even need to change to a Thalys or something like that. The problem is still cost. ~$100 each way with the Eurostar, about $80 return with a plane.
I can't believe there are not plenty of poor areas of the world that are more concerned with meeting human needs rather than catering to fashion taste.
It's not about fashion, it's about the fact that no one wants your second hand $10 shirt when they can buy the same shirt new back home for $1. The affordability gap for cloths has plummeted both in the first world and the third world.
Just compare the charts against that of a standard economic bubble. It drops off like this every time about this time,... and it will drop a shitload more.
So your definition of car is the type of car they are banning in many cities of the world due to environmental reasons?
Though seriously the GP said $5k maintenance. WTF is wrong with American cars! Or more likely, WTF is wrong with GP's math. You don't need to wrench on it yourself for it to cost you next to nothing. $25/month would be about right for maintenance.
TPLink recommends you buy a better router than what they sell..
Seriously? A hundred thousand packets over the radio causes it to crash? Toss that trash in the trash.
Yeah TPLink. Oh also D-Link, ASUS, Google, Apple, and Netgear. So who's product should I buy?
The problem isn't the number of packets, but also the type, frequency, and the fact that this is a completely unexpected DoS scenario from within your network. mDNS isn't supposed to cause 100000 packets,... unless you count them over the course of a year.
So, TP-Link "routers" can crap out when you send 200 MB through them?
No. TP-Link routers can crap out when you send 200MB multicasting at a very short interval, something that no client is expected to do.
Time to buy a competitor's product.
Whose? D-Link, and ASUS both have come out and said they are affected. This problem is affecting my father's top of the line D-Link modem/router too. It also apparently affects Google's WiFi as well as Apple's Airport.
There's more to data than just how much is going through.
The fault is from both sides. The router for not managing the traffic it is receiving, and the device for causing a completely unexpected Denial of Service attack using a protocol in a way that no sane device should.
The problem is far more the Google devices than the router. It is unreasonable to expect a perfectly functioning network from any router during an internal DoS attack.
I could easily see how billions of dollars worth of industrial systems simply will not be able to patched due performance cost of the patches.
Doubt it. The systems themselves are unaffected by this mess and don't need patching in any case (controlled access and all). What is being patched here is a handful of database servers. Spend the $3000 to buy a better one. In the grand scheme of "industrial control" not only will it not break the bank but you can most likely pay for it using petty cash.
Stuxnet : Stuxnet did not infect a connected system. It was spread by direct attack via USB. Connected : A wonderware historian serves the sole purpose of storing long term trends of your entire control system. This is very useful data... if you have access to it. This is very sensitive data which some governments will require you to store in realtime... offsite.
Now to make a point: On a well setup and secure site the Historian will sit on a different network than the control system and receive data through some specific channel, either one way firewall (data diode) or through some other DMZ. The historian itself should sit on a DMZ specifically so that people have no requirement to access the control system.
The real-time live data from the historian is critical information to drive real-time business decisions and often needs to be accessible not only away from the plant, but outside of the building, or even on the other side of the world. Good luck doing that without some "connection".
If you have a system that simple and unimportant that you can throw a desktop computer at controlling it then there will be a properly industrial hardened PLC in your price range. No seriously some proper PLCs from the vendor mentioned in the post run at a lower cost than any computer you can throw at it. Just configure and provide it with 24V.
But chances are if you're having problems with the performance of a Wonderware Historian you're problem is that you have 5000 analogue instruments on site and you're committing their values to the database every few seconds.
and I will tell you that none of the greedy rich farm owners here pay more than a pittance for the pickers.
Comparing the life of an underpaid fruit picker to someone working an electronics production line shows that you either have no empathy for people or no clue at just how bad life is for the latter group.
Do your farmers put nets around their farm to stop their workers comitting suicide?
You should compare the 5 year market price of bitcoin to the published models of a bubble. Take note where we are on the bursting part and then consider yourself lucky you're not that gambling man.
On what grounds should a game cheater get thrown into jail... are they stealing your money or something?
It would be consistent with all the other completely stupid reasons why Americans jail their citizens.
publishing photographs of the insides emergency management and civil defense facilities isn't such a hot idea either
Why? This isn't some super secret military facility. What you find in this room will likely be no different to any other emergency response room anywhere in the world. If anything the firestation we have at work looks more complex than this.
What have we learned?
They have multiple clocks.
They have cameras.
They monitor the weather.
They have more than 2 telephones like any emergency room.
They have swipe card access.
There's a password for an unknown system on the monitor.
We could have guessed what this picture looked like when you say "emergency response room".
The reference is the lates NIST recommendation. https://pages.nist.gov/800-63-...
5.1.1.1 Memorized Secret Authenticators
Memorized secrets SHALL be at least 8 characters in length if chosen by the subscriber. Memorized secrets chosen randomly by the CSP or verifier SHALL be at least 6 characters in length and MAY be entirely numeric. If the CSP or verifier disallows a chosen memorized secret based on its appearance on a blacklist of compromised values, the subscriber SHALL be required to choose a different memorized secret. No other complexity requirements for memorized secrets SHOULD be imposed. A rationale for this is presented in Appendix A Strength of Memorized Secrets.
So much so that the latest NIST recommendations are that you Should NOT impose composition rules and you Should NOT require the password is changed frequently.
Key word in there is highlighted. Given those NIST recommendations are less than 6 months old, we've got another 4 and a half years at the very least before you start to see them adopted widely.
There's also more to this. Humans are imperfect and make mistakes. Firing a human over a mistake doesn't mean you'll end up fixing the problem in a way that the mistake can't happen again. The replacement human is just as fallible.
To fix any mistake you need to first identify the systematic problems that allowed the mistake to escalate into an incident. Simply firing someone shows that you not only don't understand humans, but also that you refuse to improve your own systems.
Note: cell phones and even laptop mics aren't very omnidirectional
You clearly don't own a cellphone if you think this. Most on the market have no problem at all opening up Google Assistant, Bixbi, or Siri from the otherside of a large living room.
So, the decision to make the phone virtually impossible for the average user to open, to make the battery as difficult as possible to replace, cannot be seen as anything but an attempt to force users to upgrade
It's almost impossible for the average person to maintain a modern car. That doesn't mean you throw them away at the 10k mile service and buy another one. iPhone battery replacement services are dime a dozen even if you don't want to pay Apple to do it the official way. Your argument makes no sense.
If Apple and other smartphone manufacturers were truly sincere about doing the right thing, they would make models with user replaceable batteries.
Why? The cost of getting the battery replaced is tiny compared to the cost of the battery itself. Same for your car: Cost of battery $100, cost of labour to install $25. And no I won't do it myself because I don't have the extension bit on my wrench to reach the bracket holding it down and I don't want to deal with the cost of disposal of the old one.
Service industries exist for a reason.
You're right, well almost. I would say 99.9% of strangers have no influence on your life. The problem is the number of friends you hang out with is generally fixed while you get to meet a new set of 100 strangers every other day.
Strangers that control access to your money. Strangers that control access to your freedom. Strangers that control access to your income, your promotions, and strangers who can generally make your life a living hell.
For better or worse your friends rank barely above someone you haven't ever met in terms of true impact on your life (the exception being the ones that end up in your bedroom). They offer little more other than friendship and are generally easily discarded should that friendship go sour. The same can not be said for the strangers we truly rely on.
When you think about it you will probably also treat your friends the worst of all your acquaintances. For instance I've never called my a boss a fucking moron to his face, the same can not be said for some my friends.
Part of the reason delivery works today is that shops rely on people desperate enough to try to make tip money as drivers during slow hours
What is wrong with America that you have to tip for a company to survive. Also having worked for a Pizza joint for 3 years ... you pay for your own gas, and WTF don't you get a company car with advertising? What the heck is wrong with you.
So I have to walk out and not have it at the door? I may as well pick it up
To be clear, are you one of those self-centred people who live directly opposite a Dominos and still orders takeaway? If so your comparison is quite silly.
I usually take the train - even before the dedicated HS lines were completed between France and A'dam
The Eurostar is being extended through to Amsterdam shortly so you won't even need to change to a Thalys or something like that. The problem is still cost. ~$100 each way with the Eurostar, about $80 return with a plane.
but there's still a demand/need in the USA at least.
Define demand. If the demand isn't comparable to the new supply then it becomes a large waste issue regardless.
I can't believe there are not plenty of poor areas of the world that are more concerned with meeting human needs rather than catering to fashion taste.
It's not about fashion, it's about the fact that no one wants your second hand $10 shirt when they can buy the same shirt new back home for $1. The affordability gap for cloths has plummeted both in the first world and the third world.
Friends have very little in the way of influence on your life. It's the strangers who judge you that are the problem.
Just compare the charts against that of a standard economic bubble. It drops off like this every time about this time, ... and it will drop a shitload more.
So your definition of car is the type of car they are banning in many cities of the world due to environmental reasons?
Though seriously the GP said $5k maintenance. WTF is wrong with American cars! Or more likely, WTF is wrong with GP's math. You don't need to wrench on it yourself for it to cost you next to nothing. $25/month would be about right for maintenance.
TPLink recommends you buy a better router than what they sell..
Seriously? A hundred thousand packets over the radio causes it to crash? Toss that trash in the trash.
Yeah TPLink. Oh also D-Link, ASUS, Google, Apple, and Netgear. So who's product should I buy?
The problem isn't the number of packets, but also the type, frequency, and the fact that this is a completely unexpected DoS scenario from within your network. mDNS isn't supposed to cause 100000 packets, ... unless you count them over the course of a year.
So, TP-Link "routers" can crap out when you send 200 MB through them?
No. TP-Link routers can crap out when you send 200MB multicasting at a very short interval, something that no client is expected to do.
Time to buy a competitor's product.
Whose? D-Link, and ASUS both have come out and said they are affected. This problem is affecting my father's top of the line D-Link modem/router too. It also apparently affects Google's WiFi as well as Apple's Airport.
There's more to data than just how much is going through.
The fault is from both sides. The router for not managing the traffic it is receiving, and the device for causing a completely unexpected Denial of Service attack using a protocol in a way that no sane device should.
The problem is far more the Google devices than the router. It is unreasonable to expect a perfectly functioning network from any router during an internal DoS attack.
I could easily see how billions of dollars worth of industrial systems simply will not be able to patched due performance cost of the patches.
Doubt it. The systems themselves are unaffected by this mess and don't need patching in any case (controlled access and all). What is being patched here is a handful of database servers. Spend the $3000 to buy a better one. In the grand scheme of "industrial control" not only will it not break the bank but you can most likely pay for it using petty cash.
WTF are these things doing connected anyway
So to answer your question from multiple points:
Stuxnet : Stuxnet did not infect a connected system. It was spread by direct attack via USB. ... if you have access to it. This is very sensitive data which some governments will require you to store in realtime ... offsite.
Connected : A wonderware historian serves the sole purpose of storing long term trends of your entire control system. This is very useful data
Now to make a point: On a well setup and secure site the Historian will sit on a different network than the control system and receive data through some specific channel, either one way firewall (data diode) or through some other DMZ. The historian itself should sit on a DMZ specifically so that people have no requirement to access the control system.
The real-time live data from the historian is critical information to drive real-time business decisions and often needs to be accessible not only away from the plant, but outside of the building, or even on the other side of the world. Good luck doing that without some "connection".
If you have a system that simple and unimportant that you can throw a desktop computer at controlling it then there will be a properly industrial hardened PLC in your price range. No seriously some proper PLCs from the vendor mentioned in the post run at a lower cost than any computer you can throw at it. Just configure and provide it with 24V.
But chances are if you're having problems with the performance of a Wonderware Historian you're problem is that you have 5000 analogue instruments on site and you're committing their values to the database every few seconds.
and I will tell you that none of the greedy rich farm owners here pay more than a pittance for the pickers.
Comparing the life of an underpaid fruit picker to someone working an electronics production line shows that you either have no empathy for people or no clue at just how bad life is for the latter group.
Do your farmers put nets around their farm to stop their workers comitting suicide?
You should compare the 5 year market price of bitcoin to the published models of a bubble. Take note where we are on the bursting part and then consider yourself lucky you're not that gambling man.
If you're going to do that, why not install solar power generators in the same places, which reduce need for dirty power generation?
Because far away power plants aren't the cause of inner city smog, and solar panels aren't the solution them.