funsec mailing list archives
Re: Foul
From: Paul Ferguson <fergdawgster () gmail com>
Date: Mon, 9 Nov 2009 00:13:23 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Nov 9, 2009 at 12:03 AM, security curmudgeon <jericho () attrition org> wrote:
: SCADA Security: Abuse of Objective Mailing List Abuse : http://fergdawg.blogspot.com/2009/11/scada-security-conscience-abuse-of.h tml : : Yes, I am pissed. Fight back, by posting your 'censored' content to your blog (or here).
The first post from me was: [snip] "Hackers are like witches in Salem in the 1600s. When crops failed, people blamed it on the witches, who were burned at the stake. These people believed they were acting intelligently. The witches were convicted in 'fair' trials, with 'proof beyond a reasonable doubt'. For example, victims would testify how the accused witch would curse them, or give them the Evil Eye. Why would they lie about being cursed?" "Now, when computers fail, people are immediately suspicious of hackers." - - - Robert Graham, Errata Security. http://erratasec.blogspot.com/2009/11/brazil-outage-not-caused-by-hackers.h tml Enjoy, - - ferg [snip] Which probably set the prejudice in motion. The second one: [snip] On Sun, Nov 8, 2009 at 7:19 PM, Paul Ferguson <fergdawgster () gmail com> wrote:
"Hackers are like witches in Salem in the 1600s. When crops failed, people blamed it on the witches, who were burned at the stake. These people believed they were acting intelligently. The witches were convicted in 'fair' trials, with 'proof beyond a reasonable doubt'. For example, victims would testify how the accused witch would curse them, or give them the Evil Eye. Why would they lie about being cursed?" "Now, when computers fail, people are immediately suspicious of hackers." - - Robert Graham, Errata Security. http://erratasec.blogspot.com/2009/11/brazil-outage-not-caused-by-hackers .h tml
No that I have watched the 60 Minutes episode in question, I can't speak to the Energy Grid issues -- but I can speak to all of the other cyber crime issue mentioned. They are all true, even minimized. If you think that they these sophisticated criminals cannot use the same techniques against ICS/SCADA infrstructire, you are deluding yourself. - - - ferg [snip] Neither of which have shown up on the SCADAsec archives, I suppose because they were unilaterally rejected. I reject this in, and of , itself. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFK988cq1pz9mNUZTMRAvjCAKD3QVfC1qlnj/UzFjf3PlnWypFk0gCdEZxF 2DUoEr8IG4tVvUvhTCB3UJI= =kVoP -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.