Исходное сообщение
"Продемонстрирована техника атаки, позволяющая получить контр..." Отправлено Michael Shigorin, 13-Апр-13 15:57
> Или ты это всерьез? Тогда ты еще глупее, чем я думал. Я очень глуп, а иранцы так вообще дроны сплошные.  И ещё совсем-совсем ничего не читал о проломе систем управления серийного ширпотребного автомобиля недавнего выпуска вплоть до блокирования дверей и управления двигателем. По технической части может иметь смысл спросить в рассылке пользователей FlightGear, а текущий линкдамп, пожалуй, у Брюса: http://www.schneier.com/blog/archives/2013/04/remotely_hijac... -- приведу и пару соображений, приведённых обсуждающими: --- Of course, older airliners might not have great certified products. I also knew a guy a few years ago who worked for Boeing and said one of their "resilience" strategies was running the same software on a Windows PC and Linux PC. Unfortunatly, he wouldn't name the airliners involved so that I could avoid flying in them. --- --- I've seen the same thing happen with GPS. I forwarded some open research on vulnerabilities in GPS software to some govt types I know and they said "this isn't a big deal, we've known about this for years in the classified world". Well maybe, but the vuln still exits. --- По ссылке оттуда же: --- For those who do not know, 747's are big flying Unix hosts. At the time, the engine management system on this particular airline was Solaris based. The patching was well behind and they used telnet as SSH broke the menus and the budget did not extend to fixing this. The engineers could actually access the engine management system of a 747 in route. If issues are noted, they can re-tune the engine in air. --- http://www.infosecisland.com/blogview/16696-FACT-CHECK-SCADA... Ну и напомню: --- A lot of devices and services we have seen during our research should never be connected to the public Internet at all. As a rule of thumb, if you believe that "nobody would connect that to the Internet, really nobody", there are at least 1000 people who did. Whenever you think "that shouldn't be on the Internet but will probably be found a few times" it's there a few hundred thousand times. Like half a million printers, or a Million Webcams, or devices that have root as a root password. --- http://census2012.sourceforge.net/paper.html Понятно, что и эту информацию стоит воспринимать с прищуром, но ещё более глупому мне среди этих новостей не нашлось чему удивиться.  А вот Вам, надеюсь, предложил пищу для размышления.

Ваше сообщение
Имя*:
EMail:	Для отправки ответов на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:	>> Или ты это всерьез? Тогда ты еще глупее, чем я думал. > Я очень глуп, а иранцы так вообще дроны сплошные. И ещё > совсем-совсем ничего не читал о проломе систем управления серийного ширпотребного автомобиля > недавнего выпуска вплоть до блокирования дверей и управления двигателем. > По технической части может иметь смысл спросить в рассылке пользователей FlightGear, а > текущий линкдамп, пожалуй, у Брюса: http://www.schneier.com/blog/archives/2013/04/remotely_hijack.html > -- приведу и пару соображений, приведённых обсуждающими: > --- > Of course, older airliners might not have great certified products. I also > knew a guy a few years ago who worked for Boeing > and said one of their "resilience" strategies was running the same > software on a Windows PC and Linux PC. Unfortunatly, he wouldn't > name the airliners involved so that I could avoid flying in > them. > --- > --- > I've seen the same thing happen with GPS. I forwarded some open > research on vulnerabilities in GPS software to some govt types I > know and they said "this isn't a big deal, we've known > about this for years in the classified world". Well maybe, but > the vuln still exits. > --- > По ссылке оттуда же: > --- > For those who do not know, 747's are big flying Unix hosts. > At the time, the engine management system on this particular airline > was Solaris based. The patching was well behind and they used > telnet as SSH broke the menus and the budget did not > extend to fixing this. The engineers could actually access the engine > management system of a 747 in route. If issues are noted, > they can re-tune the engine in air. > --- http://www.infosecisland.com/blogview/16696-FACT-CHECK-SCADA-Systems-Are-Online-Now.html > Ну и напомню: > --- > A lot of devices and services we have seen during our research > should never be connected to the public Internet at all. As > a rule of thumb, if you believe that "nobody would connect > that to the Internet, really nobody", there are at least 1000 > people who did. Whenever you think "that shouldn't be on the > Internet but will probably be found a few times" it's there > a few hundred thousand times. Like half a million printers, or > a Million Webcams, or devices that have root as a root > password. > --- http://census2012.sourceforge.net/paper.html > Понятно, что и эту информацию стоит воспринимать с прищуром, но ещё более > глупому мне среди этих новостей не нашлось чему удивиться. А > вот Вам, надеюсь, предложил пищу для размышления.
	Введите код, изображенный на картинке: