mailing list archives
Re: The Backhoe: A Real Cyberthreat?
From: Robert E.Seastrom <rs () seastrom com>
Date: Thu, 19 Jan 2006 16:42:57 -0500
Jim Popovitch <jimpop () yahoo com> writes:
Jerry Pasker wrote:
The point is: What's more damaging? Being open with the maps to
EVERYONE can see where the problem areas are so they can design
around them? (or chose not to) or pulling the maps, and reports, and
sticking our heads in the sand, and hoping that security through
Let's look at this from another point of view: Should we remove all
keylocks from backhoes so that everyone can have access to them? :-)
This analogy is faulty, but illuminating insofar as it illustrates the
fallacy of putting up low bars to access that don't actually stop
people who're willing to put a little bit of effort into beating it.
Keylocks only work when your threat model is drunk fratboys or bored
teenagers (which is not necessary a disjoint set). They aren't a
significant part of the threat model for intentional fiber cuts.
Any John Deere dealer will be able to supply you with a key that
operates the vast majority of John Deere equipment of a certain type.
Anyone who can plan ahead enough to order from eBay is in like Flynn.
I'm all for openness, but sometimes some things only need to be accessed
and used by the professionals that need those things. I fully trust
that the big network operators, the ones that really really do need
this data, have all the info they need to plan their network
expansions, etc. I don't need to see this data, even though I might
Then don't look at it. :)
Re: The Backhoe: A Real Cyberthreat? Frank Coluccio (Jan 20)
RE: The Backhoe: A Real Cyberthreat? Wallace Keith (Jan 21)