![](https://seccdn.libravatar.org/avatar/7ac4cfbacd19cf051c0b97f81a5ca11a.jpg?s=120&d=mm&r=g)
On Saturday 17 June 2006 00:27, Bryan J. Smith wrote:
On Fri, 2006-06-16 at 14:51 -0700, kai wrote:
I'd highly suggest bolting it down to the desk. That usually works fine. At least you won't get in the news like the US Department of Defense.
I 100% agree! Physical, physical, physical!
It takes no less than a dozen meetings, arguments and, sometimes, even threats, but anytime someone talks about not having separate, physical networks, wants portable computers or "remote administration" I take the keyboard to them.
- You will put that financial back-end on a dedicated, non-Internet connected network.
- You will not put any classified information on the non-classified network
- You will go into a secured room with sign-in/out to administer it and I will _not_ allow you to remotely administer from a non-secured area
I have spent my career working on US DoD classified programs and in major, major US financial institutions that handle a significant number of our nation's transactions. Management will argue cost, support issues, etc... and you have to tell them they are wrong, wrong, wrong repeatedly. And I am not afraid to say it to their face -- "You might get a bonus now for saving money, but someone else will be cleaning up the mess a few years from now after you've been promoted."
Now I can't talk about their stupidity, collectively or otherwise, because of various agreements I have signed. ;->
But more publicly, Ohio's First Energy is a perfect example of a chronic screw-up.
Their IT -- despite complaints of plant engineers -- allowed their control systems networks to be tied into their general networks for "support purposes." So when a worm came through it overloaded First Energy's control systems and they couldn't provide necessary standby power to the grid. It significantly contributed to the NE US / southern Canadian black-out a few years ago.
And what's worse is that the same issue took down a First Energy's nuclear power plant control system just 6 months earlier (luckily it wasn't producing power, but was in test).
Physical, physical, physical security.
Nuclear Power plants running on Microsoft Windows platform? Gives a whole new meaning to "Blue Screen of Death"! Damn, that is scary! Jerry
-- Bryan J. Smith Professional, technical annoyance mailto:b.j.smith@ieee.org http://thebs413.blogspot.com ---------------------------------------------------------- The existence of Linux has far more to do with the breakup of AT&T's monopoly than anything Microsoft has ever done.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com