funsec mailing list archives
Tragedy of The Commons [Was: Re: Windows-based cash machines 'easily hacked']
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Tue, 18 Mar 2008 18:30:54 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- Valdis.Kletnieks () vt edu wrote:
Once you realize an ATM is not a corporate desktop, is not connected to the Internet, performs a very specific function, and lives on an isolated networkWhich is why, when Nachi was toasting the "public" network, a lot of bank's ATM networks also fell over... Quite obviously, your statement above is a "best wished-for practices", that in reality is nowhere near universally deployed.
Indeed. In fact, the same accessibility issues (which might manifest themselves as denial of services) are hiding in some SCADA services as well -- those which foolishly use a VPN overlay on "the internet". - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFH4ApNq1pz9mNUZTMRAlbUAJ0Q1Fl6YoWIaIwzLxXyi8Y8NBka5QCcD1g+ ngBhk5THDuUaTYHkSZOMtu8= =IBS/ -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Tragedy of The Commons [Was: Re: Windows-based cash machines 'easily hacked'] Paul Ferguson (Mar 18)