Tragedy of The Commons [Was: Re: Windows-based cash machines 'easily hacked']

["Paul Ferguson" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- Valdis.Kletnieks () vt edu wrote:

> > Once you realize an ATM is not a corporate desktop, is not connected
> > to the Internet, performs a very specific function, and lives on an
> > isolated network
>
> Which is why, when Nachi was toasting the "public" network, a lot of
> bank's ATM networks also fell over...
>
> Quite obviously, your statement above is a "best wished-for practices",
> that in reality is nowhere near universally deployed.

Indeed.

In fact, the same accessibility issues (which might manifest
themselves as denial of services) are hiding in some SCADA
services as well -- those which foolishly use a VPN overlay
on "the internet".

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFH4ApNq1pz9mNUZTMRAlbUAJ0Q1Fl6YoWIaIwzLxXyi8Y8NBka5QCcD1g+
ngBhk5THDuUaTYHkSZOMtu8=
=IBS/
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/




_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.