Vulnerabilities in infrastructure software concern cybersecurity experts

User avatar
SuburbanFarmer
Posts: 25279
Joined: Wed Nov 30, 2016 6:50 am
Location: Ohio

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by SuburbanFarmer » Mon Jun 12, 2017 1:56 pm

The Conservative wrote:
GrumpyCatFace wrote:
The Conservative wrote:
The OS is the least secure portion of the connection next to the end user.

That being said, hard security means everything is hard wired, no wireless, no open ports, nothing to allow vulnerabilities.
Right, this would be an 'air-gapped' option - obviously secure, but ludicrously expensive, at any kind of scale.
Actually not really, it's only expensive if you have to lay wires down multiple times for multiple services.
Well, I guess you could have a single network for all PLCs - traffic lights, water management, whatever else.. But that makes the entire thing vulnerable unless you have some pretty kickass firewalls and routers. It's a huge problem, no matter what. We need some (gasp) planning done to make it all work.
SJWs are a natural consequence of corporatism.

Formerly GrumpyCatFace

https://youtu.be/CYbT8-rSqo0

User avatar
jbird4049
Posts: 1117
Joined: Wed Nov 30, 2016 8:56 pm

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by jbird4049 » Mon Jun 12, 2017 10:32 pm

GrumpyCatFace wrote:
The Conservative wrote:
GrumpyCatFace wrote:
Right, this would be an 'air-gapped' option - obviously secure, but ludicrously expensive, at any kind of scale.
Actually not really, it's only expensive if you have to lay wires down multiple times for multiple services.
Well, I guess you could have a single network for all PLCs - traffic lights, water management, whatever else.. But that makes the entire thing vulnerable unless you have some pretty kickass firewalls and routers. It's a huge problem, no matter what. We need some (gasp) planning done to make it all work.
But it is not immediately profitable and/or requires taxes, plus it is a hidden not sexy problem. Nah much easier to yell Teh Terrorisms are gonna get us. And then add yet another restriction, rule, regulation, law, tactic, invasion, spying, and lying with even more assassinations and wars to "protect" us.

Yet, I have been hearing about vulnerabilities to our infrastructure for decades, but nothing ever really happens. I am surprised that some smart terrorists have not done so.
The blood-dimmed tide is loosed, and everywhere
The ceremony of innocence is drowned;
The best lack all conviction, while the worst
Are full of passionate intensity.

User avatar
SuburbanFarmer
Posts: 25279
Joined: Wed Nov 30, 2016 6:50 am
Location: Ohio

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by SuburbanFarmer » Mon Jun 12, 2017 11:40 pm

Yeah, it's funny how our "greatest vulnerabilities" are all over the news, but we can't even see how they spy on us, lest the super-villains figure it out.
SJWs are a natural consequence of corporatism.

Formerly GrumpyCatFace

https://youtu.be/CYbT8-rSqo0

User avatar
The Conservative
Posts: 14791
Joined: Wed Nov 30, 2016 9:43 am

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by The Conservative » Tue Jun 13, 2017 3:55 am

GrumpyCatFace wrote:Yeah, it's funny how our "greatest vulnerabilities" are all over the news, but we can't even see how they spy on us, lest the super-villains figure it out.
It's easy to fix, I had to do the same thing for my work. I'm the Director of Infrastructure and IT. To do what is required cost $5000. It basically came down to $1 a person cost wise. It was a cheap fix.

The problem is as it's been stated before, it's not sexy... so it's something that is normally overlooked till it's too late.

This entire problem can be a simple solution, people just don't think it through and say it's impossible.
#NotOneRedCent

User avatar
SuburbanFarmer
Posts: 25279
Joined: Wed Nov 30, 2016 6:50 am
Location: Ohio

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by SuburbanFarmer » Tue Jun 13, 2017 10:00 am

The Conservative wrote:
GrumpyCatFace wrote:Yeah, it's funny how our "greatest vulnerabilities" are all over the news, but we can't even see how they spy on us, lest the super-villains figure it out.
It's easy to fix, I had to do the same thing for my work. I'm the Director of Infrastructure and IT. To do what is required cost $5000. It basically came down to $1 a person cost wise. It was a cheap fix.

The problem is as it's been stated before, it's not sexy... so it's something that is normally overlooked till it's too late.

This entire problem can be a simple solution, people just don't think it through and say it's impossible.
Enlighten us, then.
SJWs are a natural consequence of corporatism.

Formerly GrumpyCatFace

https://youtu.be/CYbT8-rSqo0

User avatar
The Conservative
Posts: 14791
Joined: Wed Nov 30, 2016 9:43 am

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by The Conservative » Tue Jun 13, 2017 10:45 am

GrumpyCatFace wrote:
The Conservative wrote:
GrumpyCatFace wrote:Yeah, it's funny how our "greatest vulnerabilities" are all over the news, but we can't even see how they spy on us, lest the super-villains figure it out.
It's easy to fix, I had to do the same thing for my work. I'm the Director of Infrastructure and IT. To do what is required cost $5000. It basically came down to $1 a person cost wise. It was a cheap fix.

The problem is as it's been stated before, it's not sexy... so it's something that is normally overlooked till it's too late.

This entire problem can be a simple solution, people just don't think it through and say it's impossible.
Enlighten us, then.
Keep all things that are necessary off grid, in other words make it so that hackers can get to the point right before the service, but not access the service itself. There would actually be a human element or an element of sort to keep the two systems separate but at the same time communicate with each other.

Its what I do here at work, we have a share at work that is only accessible via the network, but no one outside of the network can access it. If they want access to something, they need to ask permission, and when given the file or share itself is shared on a different system that only people with the right credentials can see.

Does it slow things down, perhaps a little, but are things secure, yes... because I can then be the firewall and a real time stopgap. No technology up to date can do that with 100% effectiveness.

Because if someone wants to share something that shouldn't I don't give authorization, while an automated system could, and in many cases would.
#NotOneRedCent

Zlaxer
Posts: 5377
Joined: Fri Dec 02, 2016 5:04 am

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by Zlaxer » Tue Jun 13, 2017 10:46 am

Seems like the government is trying to make the case to go increase funding for cyber defense - be afraid, be very afraid.....and don't question the spending....

In all honesty though - the problem usually lies in the people who maintain these systems......Boomers are fuckin stupid when it comes to security - they will plug anything they find into a USB port.

User avatar
DBTrek
Posts: 12241
Joined: Wed Jan 25, 2017 7:04 pm

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by DBTrek » Tue Jun 13, 2017 10:47 am

1) There would actually be a human element or an element of sort to keep the two systems separate but at the same time communicate with each other.

2) Its what I do here at work, we have a share at work that is only accessible via the network, but no one outside of the network can access it.
Truly baffling.
"Hey varmints, don't mess with a guy that's riding a buffalo"

User avatar
The Conservative
Posts: 14791
Joined: Wed Nov 30, 2016 9:43 am

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by The Conservative » Tue Jun 13, 2017 11:00 am

DBTrek wrote:
1) There would actually be a human element or an element of sort to keep the two systems separate but at the same time communicate with each other.

2) Its what I do here at work, we have a share at work that is only accessible via the network, but no one outside of the network can access it.
Truly baffling.
No, the share is locked down, it doesn't send out notifications or allow access from the outside. So if you type in the IP address, and then share IP you won't have access to it... because you don't have the right permissions, or key...
#NotOneRedCent

User avatar
SuburbanFarmer
Posts: 25279
Joined: Wed Nov 30, 2016 6:50 am
Location: Ohio

Re: Vulnerabilities in infrastructure software concern cybersecurity experts

Post by SuburbanFarmer » Tue Jun 13, 2017 11:20 am

The Conservative wrote:
GrumpyCatFace wrote:
The Conservative wrote:
It's easy to fix, I had to do the same thing for my work. I'm the Director of Infrastructure and IT. To do what is required cost $5000. It basically came down to $1 a person cost wise. It was a cheap fix.

The problem is as it's been stated before, it's not sexy... so it's something that is normally overlooked till it's too late.

This entire problem can be a simple solution, people just don't think it through and say it's impossible.
Enlighten us, then.
Keep all things that are necessary off grid, in other words make it so that hackers can get to the point right before the service, but not access the service itself. There would actually be a human element or an element of sort to keep the two systems separate but at the same time communicate with each other.

Its what I do here at work, we have a share at work that is only accessible via the network, but no one outside of the network can access it. If they want access to something, they need to ask permission, and when given the file or share itself is shared on a different system that only people with the right credentials can see.

Does it slow things down, perhaps a little, but are things secure, yes... because I can then be the firewall and a real time stopgap. No technology up to date can do that with 100% effectiveness.

Because if someone wants to share something that shouldn't I don't give authorization, while an automated system could, and in many cases would.
So your security idea boils down to "put a password on it". :face palm:
SJWs are a natural consequence of corporatism.

Formerly GrumpyCatFace

https://youtu.be/CYbT8-rSqo0