Too funny actually. I thought I would get modded for trolling but this be/.
Comments galore for a trivial grammar post but a score 5 insightful on a security thread merits no discussion.
's ok. Tis only the human condition to take small things to heart and let the large objects pass by. Need budget approval for $100K server capital; no problem. Need a $15 screwdriver kit from Canadian Tire to put the beasts in the rack? That requires a business case.
From dictionary.com although a more detailed listing may be found in the OED:
verb (used with object) 10. to produce as an effect; bring about; accomplish; make happen: The new machines finally effected the transition to computerized accounting last spring.
Thus 'effect this change' is correct and in this case 'affect this change' is wrong. (changing the change, which BTW did not happen)
Go directly to grammer jail. Do not collect any reward. Let the beatings commence!
In the summary, 'affect this change' [grrrrrr] should be 'effect this change'. It could have read 'affect the situation'.
Oh the humanity: I'm having flashbacks of my grade 8 grammar teacher thrashing us mercilessly for just such an offense. Twas eons ago and most of my grammar synapses have degenerated to dust but the affect/effect thingy persists.
Well now, it's been my keen observation over the years that people suspect of others the same nefarious behaviour that they indulge in themselves or would do given the opportunity. I am sure that there exist proposals to have Cisco/Juniper/Akami network gear do more than is advertised.
Knowing that the West intelligence services would do (are doing??) what Lenovo & Huawei are suspected of is enough to have those companies banned, at least in CIA/NSA thinking.
It's difficult enough to keep malware out of the network as it is without providing an easy doorway.
eg: stuxnet
However, if evaluation of the policy to ban Lenovo were up to me, I would do a serious risk evaluation and compare Lenovo to others such as Dell. Truth is that state sponsored malware could be introduced at many levels including embedded firmware in say, network or video chipsets.
I suspect that the multinational component sourcing makes banning Lenovo analogous to plugging a small hole in a screen door while leaving all the windows open.
I don't understand how Canipre intends to be effective against the endpoint downloader. Canada's legal environment is significantly different from that of the US.
Criminal punishment is very limited by the recent legislation and civil judgements are limited to actual concrete losses. If somebody illegally downloads a song worth, say, $1 then the civil loss is $1. The plaintiff is not necessarily likely to get court costs either, especially if the judge feels the $1 could have easily changed hands without resorting to civil court.
At least that is what I have observed.
Perhaps their model is to get lots of funding from big business and impress them by arching their legal 'backs' (see how big I am) and making lots of hissing/spitting noises.
er. . . Typically these are tied to dial up modems or to IP port servers. They are used to access systems when the secure front door is unavailable due to Internet outages, firewall problems or the access gateway being unavailable.
You would not think anyone would be so dumb to set these up but sone may be legacy, or put in place by a local hero sysadmin.
It may even be, get this, a contractually required remote support access point. Many vendors have a very limited concept of what is required to prevent unauthorized access. One vendor sales guy told me that it was secure because no one would know about the dial up number and they had no reported break ins at other installations.
Sigh.
Of course there are ways of providing secure alternative access paths but there are a lot of folk who are under the impression that obscurity is sufficient.
Another issue besides the lack of authentication is the lack of logging and activity reporting. One outfit I did some work for spent a dinghy full of large bills on an IPS for the network side but would not pay for caller ID on their dial-up access point. Against their financial responsibility policy to pay for frivilous monthly charges.
⦠a friend of mine and his wife just passed the Canadian citizenship test. I said 'Congrats! You have just earned the right to bitch about everything along side the rest of us. And what's the deal with the Oilers eh?'
He said that's exactly what his wife said (minus the hockey bit).
This is like putting barely enough gasoline in your car for the planned journey and then taking a longer trip and wondering why you ran out of gas. The problem is between the seat and the steering wheel.
I think you are too kind. The problem is between the ears.
Reading the articles, my take is the car does what it says it does and the reporter decided to get cute and act dumb. 'Disingenuous' is the term that should be applied to the Times and the reporter.
The Times is no stranger to concocted or manipulated stories. eh, anyone who is a reporter or a politician is automatically suspect in my books.
Not really -- I don't see how they are parasitic at all.
... The MPAA are not 'parasitic' in a technical sense but you don't take exception to the assertion that they are 'bastards' in a colloquial descriptive sense?
IMHO 'bastards' is term well used in this context.
'Abominable, hideous and abhorrent agents of cold, manipulative and greedy international corporations' would be more accurate and precise than 'parasitic' but a bit wordy. Given that 'bastards' is a figurative description, 'parasitic' isn't so wrong; matches the tone and meaning of the comment.
Besides, 'parasitic' is not so far off: sucking from the stream of income originating from the people they prosecute is somewhat 'parasitic'.
er . . . about the same worry as any software from anywhere. Do your self protection rituals and don't install it on anything that contains critical information. Look for oddities (unexpected network connections etc) and check for an online community that may show some pedigree for the software.
Trojan software is a real worry but the fact that it comes from China does not seem to me to alter the worry level. ie: be worried and be careful
A very cursory check of sites that track threats shows China as a source is about on a par with the US. Somewhat worse but still, a lot of malware comes from the good ol US of A. Most sites seem to agree that the USSR er Soviets er Commies er RUSSIA is a major source of crap, standing out from the others.
eh, stats is stats.
The reason Chinese companies (ummm: Huawei) have been labelled a security worry is that the People's Lib Army of the PROC is assumed to be the defacto owner. Worry being that their routers/switches/cell equipment come with back doors pre-installed.
Who knows if this is true or not, but I have often wondered if companies like Cisco, Juniper, Alcatel-Lucent, Siemens etc are working closely with their own governments to provide "special" firmware loads for foreign installations. Maybe domestic as well. But I may be paranoid.;->
Governments have been caught in the past doing industrial espionage for their own domestic interests. The French apparently bugged first class airline seats for competitive business reasons and the Chinese reported that a Boeing 767 was delivered complete with surveillance bugs.
So: although China doesn't worry more than say the US, it doesn't worry me any less either.
So you don't like RIM to the point that it makes you angry. I get it. Thanks for providing detail.
Just don't assume you know what I think or believe based on me tagging a response onto a cheap joke. Sheesh.
All I said was that the mobile leaders have areas of weakness that can be exploited and that RIM (and MicroSquash) are positioning themselves to take advantage. Also, I hope that RIM makes significant improvements to user functionality that intensifies competition and causes others work harder. Better for all if they do IMO.
I am also glad to see Mozilla and others working to get into the market. Diversity is good.
Nothing there says I like or dislike RIMs methods, services or infrastructure.
You know, I didn't say I like BB or RIM. I said there is plenty of room for competition and that Apple as a market leader in NA has significant weaknesses, and I said I like competition from another player. I'm not religious for or against Apple, RIM, MSoft, Google, Mozilla or whatever.
As far as routing mobile traffic through servers, this happens in many places and many circumstances but usually transparent to the user (one obvious example: firewalls). The trick is to have a good reason for doing it and to build a reliable and available infrastructure with the required performance capability.
Multitasking on iPhones is pathetic and a total pain to move data between apps. BB 10, if it is still based on QNX, should have the built in capability to change how parallel applications and parallel processing paths function on mobile devices. Raise the bar as they say.
Yes because BSD can't multitask. The iPhone's implementation is purely a design choice. Having QNX below it wouldn't have changed anything. Multitasking on BB10 (I've used it somewhat extensively) is a design choice that RIM has made. I have mixed feeling about both approaches.
Good call! I knew I was spouting gibberish when I blamed iOS for bad multitasking at the user interface layer. The devil made me do it.
I guess my hope is that an OS like QNX will inspire or foster an attitude which supports useful multitasking at the user level. Naive, I know.
"BB loyalist" is about as disparaging as you need to be...
this is a blanket? jah and we are pigs? jah then this is funny, jah? jah! that is a good one!
Cheap jokes aside, IMHO this is lots of room for BB to move back into being a player.
First, they still have a very large user base and second, the other players all have significant weak areas that BB could target.
BB has always been about business communications and productivity, areas that Apple has never been any good at. Email on iPhones is a joke at best. Even if you jailbreak and install "mail enhancer pro" (jah, that is a good one too!), the mail tool is missing core functionality.
Multitasking on iPhones is pathetic and a total pain to move data between apps. BB 10, if it is still based on QNX, should have the built in capability to change how parallel applications and parallel processing paths function on mobile devices. Raise the bar as they say.
The iPad is interesting and a decent lightweight tool for browsing web but again absolutely not a power tool. More like a kids workbench.
The two vendors who have traditionally been powers in the business space, Microsoft and BB, seem to recognize this and are making plays in an area that Apple just does not understand or fails to address well.
I don't quite know what to make of Android in this area as it should be able to fill the void as well but does not seem to have a leader in the business arena.
BYOD is popular amongst the working population but corporately there is a desire to retain control over corp. communications and security, at least in the Fortune 500. Time is ripe for BB to get back into business.
Anyways, competition is good and from that point of view I am hoping BB succeeds.
Best not to be too religious about platforms, companies, hardware etc. They are just tools and who wants to be mired in a world dominated by iOS and Android when other excellent systems exist?
Sure but you will have to emigrate from litigation happy US. [JOKE not TROLL]
Seriously, consumer safety and potential litigation issues should always be part of an assessment before product release. It is part of what makes it costly to bring new products to market.
In the best case lawsuits are a form of extreme market feedback that the product was not a good idea/implementation.
Yeah, at least the screen is away from the fingers and hands, not like the touchpad which caused many problems prior to the auto enable/disable feature. Minor gripe but still it has been a long standing low-grade headache.
Also not as bad as reflective screens. Almost impossible to get an anti-glare laptop since the reflective ones sell well in the store despite clear user preferences for anti-glare over the long term.
You are correct: hopefully we can just use it / not use it as appropriate without any usability or cost penalty.
Also, hopefully ubiquitous touch screens do not cause presentation layers to ignore the mouse as a HID.
I was just talking to my boss about this subject today. The merging of mechanical and network engineering is still considered a "new" development, often times the engineers designing the system for a building doesn't fully understand the IT that it rides on. It's a problem, and it's being addressed, but as the submission states there's a huge lag time with huge companies, so it'll continue to be a problem for a while.
Very insightful but the problem is worse than just the merging of mech/network engineering within a single company. There is a sea of dysfunction washing over the different companies, systems, processes, players and roles. There is a big mess to clean up and although it galls me to say so, I think some sort of legislation may be required both in terms of setting standards and of assigning accountability for poor systems. I won't hold my breath waiting for help on this side.
Some stuff I know to be true:
- CEOs & CFOs are motivated by share price and stock performance issues; they consider IT infrastructure to be an expense item to be minimized. Security devices are cheap but no in house expertise is fostered, and external advice may be poor or ignored if it leads to inconvenient costs. Truck drivers and drag-line operators are valued positions at a mining company because what they do generates income and income to cost is readily calculated; network designers and IT security admins are just an expense item to be minimized. They generate no obvious positive monetary benefit. More trucks/draglines/drivers/operaters = more income and more profit. More IT people = less profit.
- Equipment vendors may be experts at their specific technology but the control programs are not part of their core knowledge. An example I have seen: although the vendor uses some robust logic controllers in the system, they all tie back to a custom control layer built originally by a summer co-op student for a lab demo. The control program does have login security but has never been through any sort of security audit. All system functionality funnels through this layer. It does have a beautiful presentation layer built by a contract software house. BTW, although the login has some protection, by default there is a network API that is always wide open and can not be shut off or everything crashes. No one knows why. If Production Company A buys production equipment from Vendor Company B, the security vulnerabilities are provided at no extra charge. None of the security issues are documented by B (they largely don't know they exist) and B has no good advice to offer on security issues in any case. The sales droids typically say security is not an issue and their track record speaks for itself. No serious events must mean the product is great.
- Even if production security is seen to be an area of need, corp culture and politics keep anything meaningful from happening. The IT expertise that a company does have is usually focused on internal desktop and financial/HR security issues. They know nothing of the SCADA world which marries physical devices to the abstract world of networks and computing. Worse, the IT division (complete with VP or EVP) views any use of computers and networks outside of the corporate LAN to be a threat to the corporate well being. The IT division sees the production network as a threat to the corporate LAN (usually the threat is worse in the other direction!) so production must run outside the corporate firewalls. This is ok, but IT management actively undermines development of a production side IT division as that is a threat to the corp. power structure. Production networks are built and run by engineers who are smart and have a side interest in computing but whose areas of expertise are power control or chemical production or mechanical systems.
- There is no widely accepted set of standards for production network design and deployment. Production network implementers invent the wheel again and a
Slashdot Mirror
Too funny actually. I thought I would get modded for trolling but this be /.
Comments galore for a trivial grammar post but a score 5 insightful on a security thread merits no discussion.
's ok. Tis only the human condition to take small things to heart and let the large objects pass by. Need budget approval for $100K server capital; no problem. Need a $15 screwdriver kit from Canadian Tire to put the beasts in the rack? That requires a business case.
Cheers
Exactamundo!
Verily and to wit! My bristling beard is scaring the cat.
No guts, eh? Won't log in. What a putz.
'effect' may be used as a noun or as a verb.
From dictionary.com although a more detailed listing may be found in the OED:
verb (used with object)
10. to produce as an effect; bring about; accomplish; make happen: The new machines finally effected the transition to computerized accounting last spring.
Thus 'effect this change' is correct and in this case 'affect this change' is wrong. (changing the change, which BTW did not happen)
Go directly to grammer jail. Do not collect any reward. Let the beatings commence!
As Red Forman says: "Dumbass". 8->
In the summary, 'affect this change' [grrrrrr] should be 'effect this change'. It could have read 'affect the situation'.
Oh the humanity: I'm having flashbacks of my grade 8 grammar teacher thrashing us mercilessly for just such an offense. Twas eons ago and most of my grammar synapses have degenerated to dust but the affect/effect thingy persists.
I whimper.
8-P
Well now, it's been my keen observation over the years that people suspect of others the same nefarious behaviour that they indulge in themselves or would do given the opportunity. I am sure that there exist proposals to have Cisco/Juniper/Akami network gear do more than is advertised.
Knowing that the West intelligence services would do (are doing??) what Lenovo & Huawei are suspected of is enough to have those companies banned, at least in CIA/NSA thinking.
It's difficult enough to keep malware out of the network as it is without providing an easy doorway.
eg: stuxnet
However, if evaluation of the policy to ban Lenovo were up to me, I would do a serious risk evaluation and compare Lenovo to others such as Dell. Truth is that state sponsored malware could be introduced at many levels including embedded firmware in say, network or video chipsets.
I suspect that the multinational component sourcing makes banning Lenovo analogous to plugging a small hole in a screen door while leaving all the windows open.
AC not funny,
Must be DC.
I don't understand how Canipre intends to be effective against the endpoint downloader. Canada's legal environment is significantly different from that of the US.
Criminal punishment is very limited by the recent legislation and civil judgements are limited to actual concrete losses. If somebody illegally downloads a song worth, say, $1 then the civil loss is $1. The plaintiff is not necessarily likely to get court costs either, especially if the judge feels the $1 could have easily changed hands without resorting to civil court.
At least that is what I have observed.
Perhaps their model is to get lots of funding from big business and impress them by arching their legal 'backs' (see how big I am) and making lots of hissing/spitting noises.
er. . . Typically these are tied to dial up modems or to IP port servers. They are used to access systems when the secure front door is unavailable due to Internet outages, firewall problems or the access gateway being unavailable.
You would not think anyone would be so dumb to set these up but sone may be legacy, or put in place by a local hero sysadmin.
It may even be, get this, a contractually required remote support access point. Many vendors have a very limited concept of what is required to prevent unauthorized access. One vendor sales guy told me that it was secure because no one would know about the dial up number and they had no reported break ins at other installations.
Sigh.
Of course there are ways of providing secure alternative access paths but there are a lot of folk who are under the impression that obscurity is sufficient.
Another issue besides the lack of authentication is the lack of logging and activity reporting. One outfit I did some work for spent a dinghy full of large bills on an IPS for the network side but would not pay for caller ID on their dial-up access point. Against their financial responsibility policy to pay for frivilous monthly charges.
⦠a friend of mine and his wife just passed the Canadian citizenship test. I said 'Congrats! You have just earned the right to bitch about everything along side the rest of us. And what's the deal with the Oilers eh?'
He said that's exactly what his wife said (minus the hockey bit).
Did. And I don't give a hoot for Tesla. Thanks for your opinion AC! 8->
This is like putting barely enough gasoline in your car for the planned journey and then taking a longer trip and wondering why you ran out of gas. The problem is between the seat and the steering wheel.
I think you are too kind. The problem is between the ears.
Reading the articles, my take is the car does what it says it does and the reporter decided to get cute and act dumb. 'Disingenuous' is the term that should be applied to the Times and the reporter.
The Times is no stranger to concocted or manipulated stories. eh, anyone who is a reporter or a politician is automatically suspect in my books.
;-)
Not really -- I don't see how they are parasitic at all.
... The MPAA are not 'parasitic' in a technical sense but you don't take exception to the assertion that they are 'bastards' in a colloquial descriptive sense?
IMHO 'bastards' is term well used in this context.
'Abominable, hideous and abhorrent agents of cold, manipulative and greedy international corporations' would be more accurate and precise than 'parasitic' but a bit wordy. Given that 'bastards' is a figurative description, 'parasitic' isn't so wrong; matches the tone and meaning of the comment.
Besides, 'parasitic' is not so far off: sucking from the stream of income originating from the people they prosecute is somewhat 'parasitic'.
Just sayin' . . .
8=>
My first batch downloader
.
.
.
Must be a SLOW news day.
I guess I could have just ignored the story. Dang me and my OCD.
er . . . about the same worry as any software from anywhere. Do your self protection rituals and don't install it on anything that contains critical information. Look for oddities (unexpected network connections etc) and check for an online community that may show some pedigree for the software.
Trojan software is a real worry but the fact that it comes from China does not seem to me to alter the worry level. ie: be worried and be careful
A very cursory check of sites that track threats shows China as a source is about on a par with the US. Somewhat worse but still, a lot of malware comes from the good ol US of A. Most sites seem to agree that the USSR er Soviets er Commies er RUSSIA is a major source of crap, standing out from the others.
eh, stats is stats.
The reason Chinese companies (ummm: Huawei) have been labelled a security worry is that the People's Lib Army of the PROC is assumed to be the defacto owner. Worry being that their routers/switches/cell equipment come with back doors pre-installed.
Who knows if this is true or not, but I have often wondered if companies like Cisco, Juniper, Alcatel-Lucent, Siemens etc are working closely with their own governments to provide "special" firmware loads for foreign installations. Maybe domestic as well. But I may be paranoid. ;->
Governments have been caught in the past doing industrial espionage for their own domestic interests. The French apparently bugged first class airline seats for competitive business reasons and the Chinese reported that a Boeing 767 was delivered complete with surveillance bugs.
So: although China doesn't worry more than say the US, it doesn't worry me any less either.
So you don't like RIM to the point that it makes you angry. I get it. Thanks for providing detail.
Just don't assume you know what I think or believe based on me tagging a response onto a cheap joke. Sheesh.
All I said was that the mobile leaders have areas of weakness that can be exploited and that RIM (and MicroSquash) are positioning themselves to take advantage. Also, I hope that RIM makes significant improvements to user functionality that intensifies competition and causes others work harder. Better for all if they do IMO.
I am also glad to see Mozilla and others working to get into the market. Diversity is good.
Nothing there says I like or dislike RIMs methods, services or infrastructure.
You know, I didn't say I like BB or RIM. I said there is plenty of room for competition and that Apple as a market leader in NA has significant weaknesses, and I said I like competition from another player. I'm not religious for or against Apple, RIM, MSoft, Google, Mozilla or whatever.
As far as routing mobile traffic through servers, this happens in many places and many circumstances but usually transparent to the user (one obvious example: firewalls). The trick is to have a good reason for doing it and to build a reliable and available infrastructure with the required performance capability.
Sigh.
sorry for being such an insensitive clod
Multitasking on iPhones is pathetic and a total pain to move data between apps. BB 10, if it is still based on QNX, should have the built in capability to change how parallel applications and parallel processing paths function on mobile devices. Raise the bar as they say.
Yes because BSD can't multitask. The iPhone's implementation is purely a design choice. Having QNX below it wouldn't have changed anything. Multitasking on BB10 (I've used it somewhat extensively) is a design choice that RIM has made. I have mixed feeling about both approaches.
Good call! I knew I was spouting gibberish when I blamed iOS for bad multitasking at the user interface layer. The devil made me do it.
I guess my hope is that an OS like QNX will inspire or foster an attitude which supports useful multitasking at the user level. Naive, I know.
Cheers
"BB loyalist" is about as disparaging as you need to be...
this is a blanket?
jah
and we are pigs?
jah
then this is funny, jah?
jah! that is a good one!
Cheap jokes aside, IMHO this is lots of room for BB to move back into being a player.
First, they still have a very large user base and second, the other players all have significant weak areas that BB could target.
BB has always been about business communications and productivity, areas that Apple has never been any good at. Email on iPhones is a joke at best. Even if you jailbreak and install "mail enhancer pro" (jah, that is a good one too!), the mail tool is missing core functionality.
Multitasking on iPhones is pathetic and a total pain to move data between apps. BB 10, if it is still based on QNX, should have the built in capability to change how parallel applications and parallel processing paths function on mobile devices. Raise the bar as they say.
The iPad is interesting and a decent lightweight tool for browsing web but again absolutely not a power tool. More like a kids workbench.
The two vendors who have traditionally been powers in the business space, Microsoft and BB, seem to recognize this and are making plays in an area that Apple just does not understand or fails to address well.
I don't quite know what to make of Android in this area as it should be able to fill the void as well but does not seem to have a leader in the business arena.
BYOD is popular amongst the working population but corporately there is a desire to retain control over corp. communications and security, at least in the Fortune 500. Time is ripe for BB to get back into business.
Anyways, competition is good and from that point of view I am hoping BB succeeds.
Best not to be too religious about platforms, companies, hardware etc. They are just tools and who wants to be mired in a world dominated by iOS and Android when other excellent systems exist?
Sure but you will have to emigrate from litigation happy US. [JOKE not TROLL]
Seriously, consumer safety and potential litigation issues should always be part of an assessment before product release. It is part of what makes it costly to bring new products to market.
In the best case lawsuits are a form of extreme market feedback that the product was not a good idea/implementation.
_FLUBBER_ !
sorry . . . just watched the movie with my kids
Yeah, at least the screen is away from the fingers and hands, not like the touchpad which caused many problems prior to the auto enable/disable feature. Minor gripe but still it has been a long standing low-grade headache.
Also not as bad as reflective screens. Almost impossible to get an anti-glare laptop since the reflective ones sell well in the store despite clear user preferences for anti-glare over the long term.
You are correct: hopefully we can just use it / not use it as appropriate without any usability or cost penalty.
Also, hopefully ubiquitous touch screens do not cause presentation layers to ignore the mouse as a HID.
I was just talking to my boss about this subject today. The merging of mechanical and network engineering is still considered a "new" development, often times the engineers designing the system for a building doesn't fully understand the IT that it rides on. It's a problem, and it's being addressed, but as the submission states there's a huge lag time with huge companies, so it'll continue to be a problem for a while.
Very insightful but the problem is worse than just the merging of mech/network engineering within a single company. There is a sea of dysfunction washing over the different companies, systems, processes, players and roles. There is a big mess to clean up and although it galls me to say so, I think some sort of legislation may be required both in terms of setting standards and of assigning accountability for poor systems. I won't hold my breath waiting for help on this side.
Some stuff I know to be true:
- CEOs & CFOs are motivated by share price and stock performance issues; they consider IT infrastructure to be an expense item to be minimized. Security devices are cheap but no in house expertise is fostered, and external advice may be poor or ignored if it leads to inconvenient costs. Truck drivers and drag-line operators are valued positions at a mining company because what they do generates income and income to cost is readily calculated; network designers and IT security admins are just an expense item to be minimized. They generate no obvious positive monetary benefit. More trucks/draglines/drivers/operaters = more income and more profit. More IT people = less profit.
- Equipment vendors may be experts at their specific technology but the control programs are not part of their core knowledge. An example I have seen: although the vendor uses some robust logic controllers in the system, they all tie back to a custom control layer built originally by a summer co-op student for a lab demo. The control program does have login security but has never been through any sort of security audit. All system functionality funnels through this layer. It does have a beautiful presentation layer built by a contract software house. BTW, although the login has some protection, by default there is a network API that is always wide open and can not be shut off or everything crashes. No one knows why. If Production Company A buys production equipment from Vendor Company B, the security vulnerabilities are provided at no extra charge. None of the security issues are documented by B (they largely don't know they exist) and B has no good advice to offer on security issues in any case. The sales droids typically say security is not an issue and their track record speaks for itself. No serious events must mean the product is great.
- Even if production security is seen to be an area of need, corp culture and politics keep anything meaningful from happening. The IT expertise that a company does have is usually focused on internal desktop and financial/HR security issues. They know nothing of the SCADA world which marries physical devices to the abstract world of networks and computing. Worse, the IT division (complete with VP or EVP) views any use of computers and networks outside of the corporate LAN to be a threat to the corporate well being. The IT division sees the production network as a threat to the corporate LAN (usually the threat is worse in the other direction!) so production must run outside the corporate firewalls. This is ok, but IT management actively undermines development of a production side IT division as that is a threat to the corp. power structure. Production networks are built and run by engineers who are smart and have a side interest in computing but whose areas of expertise are power control or chemical production or mechanical systems.
- There is no widely accepted set of standards for production network design and deployment. Production network implementers invent the wheel again and a