The Iranians lost control of their centrifuges, and they were not on the internet. The infection came in on a memory stick.
On Tue, Dec 9, 2014 at 4:08 PM, David Roberson <[email protected]> wrote: > You assume that these ECAT systems must be connected to the Internet. If > that connection is too dangerous then it should not be standard until the > vulnerabilities are resolved. Of course it is *modern* to monitor and > control things by connection to the internet, but that is not the only > choice. > > Dave > > > > -----Original Message----- > From: Axil Axil <[email protected]> > To: vortex-l <[email protected]> > Sent: Tue, Dec 9, 2014 3:35 pm > Subject: Re: [Vo]:more energy in disputes than from cells > > How will Russia kept their oil and gas products running in the face of > Rossi's E-Cat challenge? Here's how. > > SCADA Strangelove: Zero-days & hacking for full remote control > > Speaking of critical SCADA systems online and the risks to them…after > finding more than 60,000 exposed control systems online, two Russian > security researchers found vulnerabilities that could be exploited to take > “full control of systems running energy, chemical and transportation > systems.” > > At the Chaos Communication Congress, 30C3, Positive Research chief > technology officer Sergey Gordeychik and consultant Gleb Gritsai said they > demonstrated “how to get full control of industrial infrastructure” to the > energy, oil and gas, chemical and transportation sectors. “The > vulnerabilities,” according to the Australian IT News, “existed in the way > passwords were encrypted and stored in the software's Project database and > allowed attackers to gain full access to Programmable Logic Controllers > (PLCs) using attacks described as dangerous and easy to launch.” > > They probed and found holes in “popular and high-end ICS and supervisory > control and data acquisition (SCADA) systems used to control everything > from home solar panel installations to critical national infrastructure.” > There are also numerous vulnerabilities in “home systems -- exposed to the > public internet and at risk of attack.” > > In one case, the researchers responsibly disclosed a “vulnerability in the > cloud SCADA platform Daq Connect which allowed attackers running a > demonstration kiosk to access other customer installations." The vendor's > totally unhelpful response was to tell the researchers “to simply 'not do' > the attacks.” > > The SCADA Strangelove project has identified more than 150 zero-day > vulnerabilities in SCADA, ICS and PLCs, with five percent of those being > “dangerous remote code execution holes.” At 30C3, they released an updated > version of THC-Hydra, “a password-cracking tool that targeted the > vulnerability in Siemens PLC S-300 devices,” and a “Pretty Shiny Sparkly > ICS/SCADA/PLC Cheat Sheet,” identifying almost 600 ICS, PLC and SCADA > systems, so you too can “become a real SCADA Hacker.” > > On Tue, Dec 9, 2014 at 3:05 PM, Axil Axil <[email protected]> wrote: > >> Rossi has publicly stated that he is using over 100 computers to >> implement his latest control stratagem. From this meager bit of information >> we can deduce fairly much what is going on with the 1 megawatt cluster >> E-Cat reactor. That number of computers means he is using a SCADA system to >> do the command and control function to keep his creation in line. >> The term SCADA (supervisory control and data acquisition) usually refers >> to a centralized system which monitors and controls the industrial >> infrastructure of entire sites, or complexes of systems spread out over >> large areas (anything from an industrial plant to a nation). Most localized >> control actions are performed automatically by Remote Terminal Unit (RTU)s >> or by Programmable Logic Controller (PLC)s. These are computer boards which >> are controlled by a low level microcomputer usually housed in a rack >> mounted enclosure using a full duplex bus structure to communicate with a >> master control station(MCS). The MCS is a custom coded PC that hosts the >> bus network and provides a graphical user interface to depict the >> operational parameters and status of all the E-Cats. In a high availability >> application, the MCD runs in a ghosted mode with a hot backup PC. >> >> The cost of such a system(a high quality implementation) is >> substantial. This digital Command and Control(C&C) will comprise a large >> fraction of the cost of Rossi's 1 megawatt plant. Even the best of such >> systems is prone to bugs, out of profile behavior and hacking attacks. >> Usually industrial customers will want to integrate the E-Cat cluster >> reactor into their factory wide SCADA C&C system. >> >> In my opinion, Rossi and Industrial heat have made a mistake in >> judgment on this reactor design decision. A simplified fail safe (as in a >> nuclear reactor) analog based control system is best suited to the 1 MW >> E-Cat cluster reactor. >> >> >> >> On Tue, Dec 9, 2014 at 12:36 PM, Peter Gluck <[email protected]> >> wrote: >> >>> Dear Friends, >>> >>> when the New Paradigm of LENR will >>> arrive, remember me for this too: >>> >>> >>> http://egooutpeters.blogspot.ro/2014/12/daily-shared-lenr-discoveries-december_9.html >>> >>> It is the daily info here...more daily than info this time. >>> Peter >>> >>> -- >>> Dr. Peter Gluck >>> Cluj, Romania >>> http://egooutpeters.blogspot.com >>> >> >> >
