Agreed. We'd be well-served when talking about infosec to remember that we can't quantify terms like 'good' or 'evil' or even 'harmful' very well. Something to consider when people cry out for universal remote access to everything.
I used to joke that one of our major headaches is that we don't have the ability to cast detect evil... On Nov 9, 2009, at 8:13 AM, der Mouse wrote: >> Bottom line: If a digital control (SCADA, DCS, PLC, etc.) can be >> manipulated to cause a system failure, then the control system is >> badly designed and lacks the appropriate safety systems dictated by >> standard control system design practices. > > Disagree. There are too many cases where the difference between > "failure" and "correct operation" lies only in human-layer intent. > > As a simple example, if it is possible to shut something down through > digital control (for maintenance, say), then it is possible to shut it > down maliciously as well. > > /~\ The ASCII Mouse > \ / Ribbon Campaign > X Against HTML mo...@rodents-montreal.org > / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. Mike Collins mcoll...@aleae.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
