DC1/DC2, handles SMB shares for users and general data storage for the engineering staff DB1/DB2/DB3, has 50+ services running that handles everything from antivirus updates to OPC data OPC1/OPC2/OPC3/OPC../OPC12, handles routing for MMS traffic between database servers and equipment/controllers History logger, runs an oracle DB for logging every single action in the plant, required by law in this field. BACKUP1/2, SMB shares on raid for backups of all servers and clients.
How exactly are you going to do what you propose without firewalling or air-gapping this from the rest of the networks?
In a perfect world you can limit everything to just the secure messages... in the real world you end up with DCOM communication set up to allow anything on the network to start and stop processes on anything on the domain.. *cringe*
Oh... and this is the top level of an oil rig control system, fancy that *wimper*
I run such a 5760x1080 gaming machine and it can be a pain.
Especially since the 'automatic' settings of so many games assume I am using 1920x1080 and set the settings accordingly.. giving me 3fps *grump*
Worse still, adding another card in crossfire has a bad solution due to the bottlenecks in the architecture. You get maybe 25-30% increased performance from adding a second card in games like BF3.. that was a huge disappointment.
Games with less activity on screen (GW2, WoW) seem to handle the resolution well. I still want more power... hoping to snag a new card soon...
Pretty much every control system in the world relies on 'backups' for safety. Building a system where the regular "process control" wont fail if equipment breaks is prohibitively expensive and is rarely done.
You build a system that works unless something breaks, then you add a second "Process Shutdown" or "Emergency Shutdown" system on top of that to handle all the safety functions.
For instance, at most oil rigs you have emergency shutdown solenoids on valves to the flare boom. If an emergency shutdown is triggered these solenoids open the valves and normalize the pressurized systems. This ESD system logic is usually completely separate in function from the process control system. In essence it is what you could call a "backup" system.
The simplicity of shutting down the pumps would have no safety-issue in a properly design system.
Many process control systems designers do levels of protection:
Level 3: Process Control This level handles the normal operation of the plan. Regulates coolant flow to the pools and announces alarms if you get into a "high temp" state. Most of the time Offshore in the oil business this level does not take any actions other than notifying the operator.
Level 2: Process Shutdown (PSD) This level WILL take action on a "high high" event by starting redundant coolant pumps or other actions to cool down the material. This is automatic but usually take into account the speed of which the system could be normalized after a shutdown. This is primarily to protect equipment and not really the process.
Level 1: Emergency Shutdown (ESD) Offshore this usually means a blow-down of pressurized systems and closing off wellheads. This is a hugely expensive thing... To be avoided! This level ignores completely the cost of operation a trip will cause and is entirely about securing the systems and avoiding damage to people, environment and plant.
Thing is... Most people would refer to both PSD and ESD levels as 'backup systems' when in fact they are integral parts of the system design. PSD is something that happens routinely in most plants due to anything from equipment failure to network outages. It is what is supposed to happen when the normal operation is not stable. NOT NEWS....
ESD on the other hand usually makes the news over here due to the ramifications of a rig shutting down in an emergency.
So the fact that you can push a button and shut down a pump isnt really the issue. It should cause audible alarms of course, but you WANT to be able to kill off a pump rapidly if something unexpected happens.
The terminology here is confusing to say the least. I highly doubt it was a "backup system" that did this. More likely process safety functions took over for process control functions...
Unless you're impersonating user A to get users B, C and D to do something stupid, or share something important.
And of course you do not want to leave anything in audit logs to prove that you did, because the only legal protection you have impersonating user A is that nobody knows how your agency is interpreting the law. Until they do, you act in good faith that what you are doing is legal...
Or some bullshit reason like that.... I do not agree, but I see how it tends to be explained away these days *sigh*
Most know, some fight to get security put in place...
But management in-house and managers at the customer tend to view security as a needless expense. Mostly because they have 'a firewall' (non specific...) and believe that one layer of security is plenty. Especially since 'the vendor promised it was 100% secure'.... sigh
Since the firewalls 'are secure' the management think there is no even theoretical way for anyone to get in...
Then there is the issue of using default login/pw and no filtering of the management interfaces.... sigh.... if only we were ALLOWED to fix these issues... but alas we are not:(
Especially since they seem to have no tailoring to my interest so I get tons of ads for cruises, crappy insurance and other completely uninteresting things. It has gotten annoying enough in some cases to make me download the clips in bulk via scripting instead of using the website... sigh
Well, it doesnt stick "its" people in prison camp, only the people in the country that are undesirable.
It is horribly ironic and sad that some of the views held by the most extreme israeli political players mirror so many of the fascists ideas of nazi germany...
Because the perjury part of the DMCA only refers to the tiny bit of it where the submitter of the takedown notice states who they are acting on behalf of. The rest can be full of lies and there is essentially no risk as long as the company name is spelled right in the header.. silly and derpy
We do a full image backup of the server. Then we shut it down (they're all redundant) and remove one set of drives from the mirrored raid. Start back up. Run the update. Verify that the update went ok Perform new image backups. When everyone is satisfied shove the mirrored drives back in.
Then again, we're "offshore" as in an oil rig and patching control system HMI servers... so I guess having a contingency plan would be required. This rig (where I am at now:p) makes 50 million USD a day in natural gas.. so uptime is paramount!
And really.. if your code is THAT important, you should use a security-based chip to begin with. There are tamper-resistant packages and a variety of defenses against this, but they all cost money.
Slashdot Mirror
If a full copy of the environment would cost tens of millions of dollars, it is hard to justify it.. sadly.
Now look at this system:
DC1/DC2, handles SMB shares for users and general data storage for the engineering staff /OPC12, handles routing for MMS traffic between database servers and equipment/controllers
DB1/DB2/DB3, has 50+ services running that handles everything from antivirus updates to OPC data
OPC1/OPC2/OPC3/OPC..
History logger, runs an oracle DB for logging every single action in the plant, required by law in this field.
BACKUP1/2, SMB shares on raid for backups of all servers and clients.
How exactly are you going to do what you propose without firewalling or air-gapping this from the rest of the networks?
In a perfect world you can limit everything to just the secure messages... in the real world you end up with DCOM communication set up to allow anything on the network to start and stop processes on anything on the domain.. *cringe*
Oh... and this is the top level of an oil rig control system, fancy that *wimper*
Except BB gives access to governments if required to do so ;)
I run such a 5760x1080 gaming machine and it can be a pain.
Especially since the 'automatic' settings of so many games assume I am using 1920x1080 and set the settings accordingly.. giving me 3fps *grump*
Worse still, adding another card in crossfire has a bad solution due to the bottlenecks in the architecture. You get maybe 25-30% increased performance from adding a second card in games like BF3.. that was a huge disappointment.
Games with less activity on screen (GW2, WoW) seem to handle the resolution well. I still want more power... hoping to snag a new card soon...
The problem here is not the resolution but the stupidity of software not being able to scale on a high resolution display.
I also have excellent eye-sight but reach for the browser 'zoom' functionality more often than I would like on my high res work display. *sigh*
Passively cooled means that there are no "active" elements in the cooling. There would be no fans or water blocks on the card.
Just a heat sink relying on ambient air.
Pretty much every control system in the world relies on 'backups' for safety.
Building a system where the regular "process control" wont fail if equipment breaks is prohibitively expensive and is rarely done.
You build a system that works unless something breaks, then you add a second "Process Shutdown" or "Emergency Shutdown" system on top of that to handle all the safety functions.
For instance, at most oil rigs you have emergency shutdown solenoids on valves to the flare boom. If an emergency shutdown is triggered these solenoids open the valves and normalize the pressurized systems. This ESD system logic is usually completely separate in function from the process control system.
In essence it is what you could call a "backup" system.
The simplicity of shutting down the pumps would have no safety-issue in a properly design system.
Many process control systems designers do levels of protection:
Level 3: Process Control
This level handles the normal operation of the plan. Regulates coolant flow to the pools and announces alarms if you get into a "high temp" state.
Most of the time Offshore in the oil business this level does not take any actions other than notifying the operator.
Level 2: Process Shutdown (PSD)
This level WILL take action on a "high high" event by starting redundant coolant pumps or other actions to cool down the material. This is automatic but usually take into account the speed of which the system could be normalized after a shutdown. This is primarily to protect equipment and not really the process.
Level 1: Emergency Shutdown (ESD)
Offshore this usually means a blow-down of pressurized systems and closing off wellheads. This is a hugely expensive thing... To be avoided!
This level ignores completely the cost of operation a trip will cause and is entirely about securing the systems and avoiding damage to people, environment and plant.
Thing is... Most people would refer to both PSD and ESD levels as 'backup systems' when in fact they are integral parts of the system design. PSD is something that happens routinely in most plants due to anything from equipment failure to network outages. It is what is supposed to happen when the normal operation is not stable. NOT NEWS....
ESD on the other hand usually makes the news over here due to the ramifications of a rig shutting down in an emergency.
So the fact that you can push a button and shut down a pump isnt really the issue. It should cause audible alarms of course, but you WANT to be able to kill off a pump rapidly if something unexpected happens.
The terminology here is confusing to say the least. I highly doubt it was a "backup system" that did this. More likely process safety functions took over for process control functions...
And sadly most of the time the only people who profit from class-action suits are the lawyers involved...
Unless you're impersonating user A to get users B, C and D to do something stupid, or share something important.
And of course you do not want to leave anything in audit logs to prove that you did, because the only legal protection you have impersonating user A is that nobody knows how your agency is interpreting the law. Until they do, you act in good faith that what you are doing is legal...
Or some bullshit reason like that.... I do not agree, but I see how it tends to be explained away these days *sigh*
They're not getting the revenue would be my guess...
Most know, some fight to get security put in place...
But management in-house and managers at the customer tend to view security as a needless expense. Mostly because they have 'a firewall' (non specific...) and believe that one layer of security is plenty. Especially since 'the vendor promised it was 100% secure'.... sigh
Oil rig PCS network 'secure plant network' that goes onshore office network internet.
Since the firewalls 'are secure' the management think there is no even theoretical way for anyone to get in...
Then there is the issue of using default login/pw and no filtering of the management interfaces.... sigh.... if only we were ALLOWED to fix these issues... but alas we are not :(
http://www.uib.no/news/nyheter/2013/05/the-drones-of-oil
There you go :)
Photo ID is mostly useless due to the quality of the photos... Most of my IDs (even my passport...) go under the category "That is probably him" :p
They are in Norway.
In an evening of watching VOD starcraft matches I would get the same 2-3 video ads on every video change.
It is not that the ads are THAT annoying, it is that you've already seen em 8-10 times already in a single day...
in-fucking-deed....
Especially since they seem to have no tailoring to my interest so I get tons of ads for cruises, crappy insurance and other completely uninteresting things.
It has gotten annoying enough in some cases to make me download the clips in bulk via scripting instead of using the website... sigh
Well, it doesnt stick "its" people in prison camp, only the people in the country that are undesirable.
It is horribly ironic and sad that some of the views held by the most extreme israeli political players mirror so many of the fascists ideas of nazi germany...
That isnt really the argument though as I read it.
If a government program run by a public entity does X amount of work at the cost of 1 million dollars...
And a private entity can do the exact same amount of X for 0.9 million dollars.. The argument is to let the private entity handle the work.
This also goes the other way though and sometimes it is much less costly to have a public entity handle something compared to having it privatized.
Fire protection services, various welfare programs and the likes.
Seems they released firmware and perhaps some patches to modules to allow their use...
Quite far from open-source UVD engine source code.... sigh
Because the perjury part of the DMCA only refers to the tiny bit of it where the submitter of the takedown notice states who they are acting on behalf of. The rest can be full of lies and there is essentially no risk as long as the company name is spelled right in the header.. silly and derpy
When you're handling 15000 dollar circuit boards using a wrist-strap is always a good idea..
Not much protection of the circuitry here: http://i01.i.aliimg.com/img/pb/349/310/467/467310349_361.jpg
Some of the input slave cards are highly sensitive to ESD, and we've had some fry.
Damn reliable if properly handled though. Do not think I have ever seen one fail in use.
The Troll A platform can produce 122 million standard cubic meters of gas in a 24 hour period.
That is 4.3 billion cubic feet of gas per day.
We do a full image backup of the server.
Then we shut it down (they're all redundant) and remove one set of drives from the mirrored raid.
Start back up.
Run the update.
Verify that the update went ok
Perform new image backups.
When everyone is satisfied shove the mirrored drives back in.
Then again, we're "offshore" as in an oil rig and patching control system HMI servers... so I guess having a contingency plan would be required. This rig (where I am at now :p) makes 50 million USD a day in natural gas.. so uptime is paramount!
And really.. if your code is THAT important, you should use a security-based chip to begin with.
There are tamper-resistant packages and a variety of defenses against this, but they all cost money.