Mailinglist Archive: opensuse (3605 mails)
| < Previous | Next > |
Re: [SLE] laptop security -- physical security
- From: Jerry Westrick <jerry@xxxxxxxxxxxx>
- Date: Fri, 16 Jun 2006 23:55:23 +0200
- Message-id: <200606162355.23719.jerry@xxxxxxxxxxxx>
On Saturday 17 June 2006 00:27, Bryan J. Smith wrote:
> On Fri, 2006-06-16 at 14:51 -0700, kai wrote:
> > I'd highly suggest bolting it down to the desk. That usually works fine.
> > At least you won't get in the news like the US Department of Defense.
>
> I 100% agree! Physical, physical, physical!
>
> It takes no less than a dozen meetings, arguments and, sometimes, even
> threats, but anytime someone talks about not having separate, physical
> networks, wants portable computers or "remote administration" I take the
> keyboard to them.
>
> - You will put that financial back-end on a dedicated, non-Internet
> connected network.
>
> - You will not put any classified information on the non-classified
> network
>
> - You will go into a secured room with sign-in/out to administer it and
> I will _not_ allow you to remotely administer from a non-secured area
>
>
> I have spent my career working on US DoD classified programs and in
> major, major US financial institutions that handle a significant number
> of our nation's transactions. Management will argue cost, support
> issues, etc... and you have to tell them they are wrong, wrong, wrong
> repeatedly. And I am not afraid to say it to their face -- "You might
> get a bonus now for saving money, but someone else will be cleaning up
> the mess a few years from now after you've been promoted."
>
> Now I can't talk about their stupidity, collectively or otherwise,
> because of various agreements I have signed. ;->
>
> But more publicly, Ohio's First Energy is a perfect example of a chronic
> screw-up.
>
> Their IT -- despite complaints of plant engineers -- allowed their
> control systems networks to be tied into their general networks for
> "support purposes." So when a worm came through it overloaded First
> Energy's control systems and they couldn't provide necessary standby
> power to the grid. It significantly contributed to the NE US / southern
> Canadian black-out a few years ago.
>
> And what's worse is that the same issue took down a First Energy's
> nuclear power plant control system just 6 months earlier (luckily it
> wasn't producing power, but was in test).
>
> Physical, physical, physical security.
>
>
Nuclear Power plants running on Microsoft Windows platform?
Gives a whole new meaning to "Blue Screen of Death"!
Damn, that is scary!
Jerry
> --
> Bryan J. Smith Professional, technical annoyance
> mailto:b.j.smith@xxxxxxxx http://thebs413.blogspot.com
> ----------------------------------------------------------
> The existence of Linux has far more to do with the breakup
> of AT&T's monopoly than anything Microsoft has ever done.
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx
> On Fri, 2006-06-16 at 14:51 -0700, kai wrote:
> > I'd highly suggest bolting it down to the desk. That usually works fine.
> > At least you won't get in the news like the US Department of Defense.
>
> I 100% agree! Physical, physical, physical!
>
> It takes no less than a dozen meetings, arguments and, sometimes, even
> threats, but anytime someone talks about not having separate, physical
> networks, wants portable computers or "remote administration" I take the
> keyboard to them.
>
> - You will put that financial back-end on a dedicated, non-Internet
> connected network.
>
> - You will not put any classified information on the non-classified
> network
>
> - You will go into a secured room with sign-in/out to administer it and
> I will _not_ allow you to remotely administer from a non-secured area
>
>
> I have spent my career working on US DoD classified programs and in
> major, major US financial institutions that handle a significant number
> of our nation's transactions. Management will argue cost, support
> issues, etc... and you have to tell them they are wrong, wrong, wrong
> repeatedly. And I am not afraid to say it to their face -- "You might
> get a bonus now for saving money, but someone else will be cleaning up
> the mess a few years from now after you've been promoted."
>
> Now I can't talk about their stupidity, collectively or otherwise,
> because of various agreements I have signed. ;->
>
> But more publicly, Ohio's First Energy is a perfect example of a chronic
> screw-up.
>
> Their IT -- despite complaints of plant engineers -- allowed their
> control systems networks to be tied into their general networks for
> "support purposes." So when a worm came through it overloaded First
> Energy's control systems and they couldn't provide necessary standby
> power to the grid. It significantly contributed to the NE US / southern
> Canadian black-out a few years ago.
>
> And what's worse is that the same issue took down a First Energy's
> nuclear power plant control system just 6 months earlier (luckily it
> wasn't producing power, but was in test).
>
> Physical, physical, physical security.
>
>
Nuclear Power plants running on Microsoft Windows platform?
Gives a whole new meaning to "Blue Screen of Death"!
Damn, that is scary!
Jerry
> --
> Bryan J. Smith Professional, technical annoyance
> mailto:b.j.smith@xxxxxxxx http://thebs413.blogspot.com
> ----------------------------------------------------------
> The existence of Linux has far more to do with the breakup
> of AT&T's monopoly than anything Microsoft has ever done.
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx
| < Previous | Next > |