On Fri, 4 Aug 2000, Mahadevan Iyer wrote:
> At first glance, it seems sheer idiocy to use an open network like the
> Internet to control critical matter-of-life-and-death public
> infrastructure like power systems. What do you think?
>
I believe:
* Engineers will build any possible feature into a
product, install back doors, and not adequately
test their code. Of course complexity (IPsec,
policies, etc.) will probably not make adequate
testing possible.
* Marketing to demand all kinds of crazy features
and convince the public at large they need them.
* Lawyers to write liability limitations and
unintelligible wording into warrantee and
purchase contracts.
* Consumers and providers to not properly configure
devices and maintain them.
* Congress (USA) to pass liability limiting laws.
* Crackers to find holes and post cracking scripts.
Today we have remote control (not over the Internet, AFAIK) of alarm
systems and HVAC systems. The Internet provides a far greater reach and a
more cost effective model of managing these and other systems. So, I
believe these and many other systems will eventually find themselves
connected to the Internet. Additionally, there have been several articles
in the popular press in the past few years of the advertising community
salivating at the idea of displaying advertisements on home appliances
via the Internet -- imagine the "free Internet" equivalent of a "free
dishwasher."
> Or do you think, it is possible to build ultra-reliable secure
> real-time communication channels in the Internet? Maybe..
>
No I do not believe so, but not so much for technological reasons; rather
for the reasons I previously listed.
>
>
> On Thu, 3 Aug 2000, Dennis Glatting wrote:
>
> >
> >
> > On Thu, 3 Aug 2000, Keith Moore wrote:
> >
> > [snip]
> >
> > > burning IP addresses into devices is a good way to give vendors the
> > > ability to control those devices, monitor their usage, and to lock
> > > their customers in to particular services. not my idea of a desirable
> > > state.
> > >
> >
> > It might also be a good way for script kiddies to efficiently scan the
> > Internet looking for a particular manufacturer's device to exploit a
> > discovered security flaw, such as turning off a stove's gas pilot and
> > turning on all burners. If that doesn't sound realistic, how about a
> > cracker inside a manufacturer's systems doing the same; or how about a
> > terrorist?
> >
> > It is reasonable to assume that HVAC systems will someday soon be
> > controlled over the Internet by a maintenance firm (video surveillance
> > systems already are controlled and monitored over the Internet). It may
> > become possible, for example, to raise building temperatures across the
> > lower Manhattan area and shut down most financial centers, at least for a
> > short while.
>
>
>
>
>
>
>
