News reports (http://news.yahoo.com/s/csm/327178) identify a new type of malware, designed to attack factory control systems. Gotta be careful with those USB sticks, I guess.

Respectfully,

Brian P.

note to self: when building a device to take over the world, do not include USB ports...

note to self: when building a device to take over the world, do not include USB ports...

Don't include autorun.



Also, from Wikipedia: "Siemens however advises against changing the default passwords because it “could impact plant operations”." Well done, Siemens, well done. :smallamused:

Yea, I had a virus not long ago that got on my USB stick. Then I went around sticking my USB stick in a bunch of other computers without using protection and they too got sick. The worst thing was that one of those computers was a poor, inexperienced, non-networked computer with some proprietary software on it. Luckily, the IT department was able to issue me a CD to fix the problem and after reformatting the drive I didn't have a problem anymore. Still, it was kinda scary.

Moral of the story...think before you go sticking your USB stick into anything it fits in. :smallcool:

In other words, practice safe hex(adecimal).

Respectfully,

Brian P.

. . .and the authors (for code that sprawling and large would almost certainly have required many authors) have to remain anonymous about their ground-breaking hack. That must chafe.

. . .kinda interesting that the article considered it as the work of a nation-state and not the work of a corporation. Corporations are now certainly large enough to handle the duties formerly relegated to governments. Of course, business being business, they probably wouldn't have done it if it weren't profitable. So--is this malware profitable? Could it become so?

Hmm... doesn't Firewire still have a security hole like this already?


In other words, practice safe hex(adecimal).

I'm sorry, that was just too punful to let slide. We're going to have to revoke your computing license.

. . .kinda interesting that the article considered it as the work of a nation-state and not the work of a corporation. Corporations are now certainly large enough to handle the duties formerly relegated to governments.

The world being the way it is, 'work of a nation state' probably means 'work done by several large multinational corporations with a government person as project overseer/clueless PHB the programmers all ignore'.

That's assuming a large capitalist government with many multinational corporations at their beck and call. If the work of a small government, 'hiring talent' may mean no more than 'find the appropriate people and activate their reserve status' -- if it's a country where everyone is either active military or in the reserves.

Incidentally, I've done my share of contracting work here in Washington DC, and I'm prepared to say that the small companies tend to do better work than the large multinationals. Small companies often pay more (because the management layer is minimal), and therefore attract better talent. Multinationals also come with layer after layer of useless vice presidents and worthless quality initiatives that tend to make them less effective. I once worked with a small company. Their IT guy I knew by name. I once worked with a famous Acronym. Their IT was a phone number in Tennessee. And in this entire worldwide organization, they could not find one -- ONE! -- person conversant with Linux. I had to do my own IT on that project completely off the books and separate from the official 'process' IT.



I'm sorry, that was just too punful to let slide. We're going to have to revoke your computing license.


*Stomps on the accelerator*

Catch me if you can, copper!

Respectfully,

Brian P.