Supervisory Control and Data Acquisition systems are the technology connection between control systems and the switches, pumps, and motors that run our automated physical world. SCADA is the basis of everything from power plants to train systems. It’s also one heck of a security risk.
Remember the good old days when vulnerabilities would just affect one platform? Back when there was NO WAY my Commodore 64 could be infected by your TRS-80?
Security professionals seem to have a strained relationship with Apple these days. Any trip to a security conference shows that more and more security professionals are using Macs on a regular basis. A not-insignificant percentage of the high-end industry types I know shows they all use Macs and iPhones; at home if not at work, often against corporate policy.
Just a quick note-
Yesterday, Apple released a QuickTime patch to cover a couple of vulnerabilities, but this does not patch the new RTSP flaw revealed last week.
Just finished up attending the Steve Jobs keynote for the first time. From a security perspective, as expected there wasn’t anything worth noting. Being a product-launch event we really weren’t planning on seeing any discussion of security, and the other updates don’t seem to have many obvious security ramifications.
From the Breach Blog:
Victims: “wealthy investors” Number Affected: 200 Types of Data: Financial details Breach Description: A box containing sensitive paperwork related to 200 wealthy investors was found on the side of the road near Reading in Berkshire (UK). The box was in transit from a Prudential building in Reading to a secure storage facility in Essex when it apparently fell out of the DHL courier van. Among the 200 wealthy investors that were affected were three UK national lottery…
This morning, database security company Sentrigo released some results from in informal survey they performed at a series of Oracle User Group meetings.
Okay, it was only a half-marathon, but considering I hurt my knee and wasn’t able to train for a month I feel pretty darn good about finishing. In my head that is; legs aren’t quite as pleased.
(Thanks to Marcin)
Thanks to some good old hardware hacking, a Polish teen built an infrared device that let him switch around the tracks.
Our question this week comes from Lee:
Say you”re doing security research, what machines and OSes do you recommend for a home lab and why?