On Thu, 14 Nov 2013, Cathal Garvey (Phone) wrote:
But what if they use BadBIOS to beam into space on a microwave carrier by modulating the PSU of all infected laptops at once?!
I understand your point, however, we aren't talking about just any old system, we are discussing the most critical parts of electronic infrastructure here. When you've got a computer controlling fission, or power distribution {$your critical infrastructure of choice}, this is simply a Best Practice. Hell, if we can do this for crap like public Internet carriers[1], why is it unreasonable to do this for actual critical systems? //Alif [1] I have worked for or with several internet carriers who enforced this kind of security around their core systems: the smallest was a very small regional carrier, while the largest was a multinational NSP. The only potential losses were dollars - painful but not necessarily fatal, or with any national security interest. If a dipshit regional carrier can do this, a power company failing to do so is simply negligent. And yes, I know that power companies are notoriously casual with their SCADA systems: it makes me crazy to think about it. -- Those who make peaceful change impossible, make violent revolution inevitable. An American Spring is coming: one way or another.