Applause For Obama

You don't get that much around here. But when he does something right he should be encouraged. This is from the 16th of June so I'm a little late.

WASHINGTON (Reuters) - The U.S. State Department said on Tuesday it had contacted the social networking service Twitter to urge it to delay a planned upgrade that would have cut daytime service to Iranians who are disputing their election.

Confirmation that the U.S. government had contacted Twitter came as the Obama administration sought to avoid suggestions it was meddling in Iran's internal affairs as the Islamic Republic battled to control deadly street protests over the election result.

Twitter and Facebook have been used as a tool by many young people to coordinate protests over the election's outcome.

President Barack Obama said earlier on Tuesday he believed "people's voices should be heard and not suppressed" in Iran.

Good on ya Barack.

Judith Weiss asked on Facebook on June 20th:

OK everybody let's help BHO out. What should the US do SPECIFICALLY to help the Iranian people right now? He (finally!) made a "statement" - now what?

My answer:

Keep the 'net open to them. Add proxy servers. Deliver Sat Phones with unlimited minutes (for the duration). And blog it every day, all the time.

Well it seems Barry is keeping the 'net open. Good for him. And let us hope he is doing more of that sort of thing behind the scenes: like set up proxy servers.

Now if the proxy servers had monitors on them a pretty good picture of what is going on in Iran could be built. Would Barry do that? Why wouldn't he?

Cross Posted at Classical Values

Keeping Score

My Pet Jawa has a report up on the cyber war between the Taliban and the Jawas.

To: Taliban Shura Council
CC: Propaganda Dept.; Cyberwarfare; Planning;
BCC: Adil 'Murchal' Watanmal; Qari Muhammad 'Ahmadi' Yussuf; Zabihullah Mujahid

From: Rusty Shackleford, The Jawa Report, & Sandcrawler Crew
Date: 01/25/2008
Subject: Cyberattack Failure

Nice try. Your cyberattacks are even more pathetic than your actual attacks on NATO forces, all of which are easily repelled. Next time you should probably hire someone who is not a total retard to manage your webspace and cyberattacks.

Let's tally the score Adil:

Taliban websites successfully attacked by Jawas over past week: 41
Jawa websites successfully attacked by Taliban in the past week: 0

I hope Rusty will forgive me for putting the whole thing up. It was just too delicious. Visit The Jawa Report if you feel guilty. I did.

This may not be exactly the private war A. Jacksonian had in mind, but it will have to do until something better comes along.

HT linearthinker via e-mail

Cross Posted at Classical Values

Cyber Attacks On Power Generation

Back when this blog was new (Dec '004) I put up a post called Internet Security, where I discussed the problems of controlling critical infrastructure with the Internet, wireless, or worse yet wireless Internet. George Tenent then head of the CIA said we had a problem. Let me quote a bit to give you the flavor:

What George is saying is that the Inherent Design of the internet is not compatible with infrastructure security. Duh.

What we actually need is less stupidity.

What we need to do is to provide more security for our networked systems. The Internent is not the answer to infrastructure control problems. It is inherently insecure. As a controls engineer I have been arguing this point for at least five years. Well before 9/11.

Wiring up a factory to use the Internet Protocol (IP) for in factory and inter factory control is a stupid idea. Since the IP is well understood using it to destroy a facility would be rather easy. Nothing new to learn except the control settings of the individual factory or company.

Worse is controlling a factory with wireless internet. With that kind of setup you don't have any fire wall between your operations and the outside world. In fact you don't even need to know IP or wireless protocols to cause trouble. All you need is a jammer to bring a factory to its knees. And the jammer need not be on continuously. An intermittent jammer could wreak havoc with sensitive factory processes.

Well it has started. According to the CIA

The CIA on Friday admitted that cyberattacks have caused at least one power outage affecting multiple cities outside the United States.

Alan Paller, director of research at the SANS Institute, said that CIA senior analyst Tom Donahue confirmed that online attackers had caused at least one blackout. The disclosure was made at a New Orleans security conference Friday attended by international government officials, engineers, and security managers from North American energy companies and utilities.

Paller said that Donahue presented him with a written statement that read, "We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyberattacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

Let me tell you that as long as I am designing plants no controls or critical infrastructure will use the Internet protocols or the Internet. Ever. As long as I am designing plants no controls or critical infrastructure will use wireless. Ever. To do is inviting trouble. I will use wires. Coax. Shielded twisted pairs. Fiber. Preferably in conduit except for nodes. All with custom protocols. No easy access, except locally. There is nothing wrong with using encoded data over the internet to report plant operation. There will be no possibility of plant control remotely. Ever.

To do so would be stupid. I wasn't born yesterday.

Yes. It raises the capital costs and the time required to connect everything together. What is one plant outage worth? What is meeting one extortion demand worth? Once you pay the Danegeld, how do you get rid of the Dane?

H/T Instapundit

Cross Posted at Classical Values

Internet Security

Via Drudge.

George Tenet says that we need to tighten up Internet Security to blunt attacks on our infrastructure.

Former CIA Director George J. Tenet yesterday called for new security measures to guard against attacks on the United States that use the Internet, which he called "a potential Achilles' heel."

"I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability," he told an information-technology security conference in Washington, "but ultimately the Wild West must give way to governance and control."

I agree with George about our Internent vulnerability. I disagree that we need more "governance and control" to solve the problem.

The way the Internet was built might be part of the problem, he said. Its open architecture allows Web surfing, but that openness makes the system vulnerable, Mr. Tenet said.

Access to networks like the World Wide Web might need to be limited to those who can show they take security seriously, he said.

What George is saying is that the Inherent Design of the internet is not compatible with infrastructure security. Duh.

What we actually need is less stupidity.

What we need to do is to provide more security for our networked systems. The Internent is not the answer to infrastructure control problems. It is inherently insecure. As a controls engineer I have been arguing this point for at least five years. Well before 9/11.

Wiring up a factory to use the Internet Protocol (IP) for in factory and inter factory control is a stupid idea. Since the IP is well understood using it to destroy a facility would be rather easy. Nothing new to learn except the control settings of the individual factory or company.

Worse is controlling a factory with wireless internet. With that kind of setup you don't have any fire wall between your operations and the outside world. In fact you don't even need to know IP or wireless protocols to cause trouble. All you need is a jammer to bring a factory to its knees. And the jammer need not be on continuously. An intermittent jammer could wreak havoc with sensitive factory processes.

Some current and future aircraft designs are using IP as a communications protocol instead of a custom one. Aircraft. Stupid.

My prescription: all factory intercommunication ought to be done with custom protocols done over hard wires or better yet fiber optic cable. Control functions need to be separated from data collection. Fire walls are essential - several levels of fire wall in fact.

This does not need new Internet rules or governance. It just needs an end to stupidity.