(Times of Israel) Stuxnet, gone rogue, hit Russian nuke plant, space station (fwd)

J.A. Terranson measl at mfn.org
Thu Nov 14 04:03:30 PST 2013

On Tue, 12 Nov 2013, Lodewijk andré de la porte wrote:

> Regardless, the protip is: don't windows for critical systems.

Wrong lesson.  Windows was used, but was not necessary.  The lesson here 
is to reinforce the airgap with restrictions on who and how software and 
hardware is connected to critical systems.  No critical system should be 
connected to anything other than it's own closed system unless there is an 
absolutely unavoidable reason (such as code repair).  Where the system 
must be disturbed, nothing that connects to the protected system should be 
unexamined prior to connection, and the examination should be meticulously 
performed, by qualified personnel (and there should always be a 
lab-duplicate upon which all such events are dry-runned).


Those who make peaceful change impossible,
make violent revolution inevitable.

An American Spring is coming:
   one way or another.

More information about the Testlist mailing list