funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Foul

From: Michael Collins <mcollins () aleae com>
Date: Mon, 9 Nov 2009 08:35:26 -0500
Agreed.  We'd be well-served when talking about infosec to remember  
that we can't quantify terms like 'good' or 'evil' or even 'harmful'  
very well.  Something to consider when people cry out for universal  
remote access to everything.

I used to joke that one of our major headaches is that we don't have  
the ability to cast detect evil...

On Nov 9, 2009, at 8:13 AM, der Mouse wrote:


Bottom line: If a digital control (SCADA, DCS, PLC, etc.) can be
manipulated to cause a system failure, then the control system is
badly designed and lacks the appropriate safety systems dictated by
standard control system design practices.


Disagree.  There are too many cases where the difference between
"failure" and "correct operation" lies only in human-layer intent.

As a simple example, if it is possible to shut something down through
digital control (for maintenance, say), then it is possible to shut it
down maliciously as well.

/~\ The ASCII                           Mouse
\ / Ribbon Campaign
X  Against HTML               mouse () rodents-montreal org
/ \ Email!         7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


Mike Collins
mcollins () aleae com



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: