Posted on 06/05/2012 10:06:32 PM PDT by ex-Texan
The saying here in Silicon Valley is:
Half the Chinese here are spying on us.
The other half are spying on them!
From the typical trash that is a utilities power line waveform, computer power supplies are already expected to produce a silky smooth DC at various levels and currents. Switching supplies are all the rage today. Now if a switching supply producer were in cahoots with a CPU producer and spyware designer, so as to selectively let “noise” in and out, there could be an interesting interaction. The switching supply would need a few smarts to be able to know when and what to pass through. It would take more than the dumb discrete designs of the present.
Apple, Acer, and others do.
Perhaps you should whine at them then, instead of at me?
Or do you know crap about manufacturing?
Whiner says what?
I can only speak for me - Yes, and assume others care based on what I read in comments on FR, like this from "null and void":
The rules of threat assessment call for identifying what an enemy is capable of doing, not necessarily what they are actually doing.
I like that quote a lot - given almost 30 years of high-end global industry experience (see note 1 below).
Based on your comments, I believe we're in agreement on the risk assessment facts from known design and engineering practices. We don't need to invent complicated engineering scenarios in order to be concerned about what's already installed across America and the globe that controls core elements of every day life.
The WashedUp Times pointed out some of the recently published studies on PLC vulnerabilities:
"Project Basecamp had six great researchers looking for vulnerabilities in six different PLCs / field devices, and the PLCs took a beating. There were backdoors, weak credential storage, ability to change ladder logic and firmware, command line interface, overflows galore, TFTP for important files and so much more."
Cyber search engine Shodan exposes industrial control systems to new risks
In a statement to The Washington Post, General Electric said: The D-20 was designed for deployment in a layered security environment, in which asset owners and operators employ a range of measures to prevent, detect and respond to intrusions. GE actively works with our customers to design and support those security measures. The company added that the software for the machine is designed to be secure and includes a layer of password-protection, which can be activated if the customer chooses to do so. Other machines had flaws that enabled the researchers to take control through electronic back doors. In January, Digital Bond said the results were a bloodbath, mostly. Most of the guys were able to hack their controllers in a single day, said K. Reid Wightman, a Digital Bond security researcher and former Pentagon cyberwarrior. Its just too easy. If we can do it, imagine what a well-funded foreign power could do.
Researchers found that one machine made by General Electric, the D-20, uses the same microprocessor installed in Apple computers two decades ago. The company that made its operating software stopped updating it in 1999. It is often shipped to customers with no meaningful security.Security is disabled by default, the manual says. To log in, enter any name; you do not need a password.
(1) My first professional job was in semiconductor manufacturing, not as an EE, but I designed their first distributed systems with desktops and "file servers" delivering integrated data from big iron global systems. And I pioneered some of the first commercial Software as a Service products. This was way before there were any books available on how to build, sell, run, scale, and support such products.
Clinton, the reason W Bush was the best President since Reagan even though W Bush stunk.
Is the Russian mob still after you?
You should be ashamed.
Amen to that!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.