3rd December 2010, 12:08 PM
I'm surprised security at this facility was so low. Taking it off the internet is meaningless if employees are allowed and capable of moving their own data from home to and from these work machines.
Their other mistakes include using a popular operating system instead of a custom constructed OS, and making the control systems run off of something writable instead of one-time writable memory (with built in safeties to prevent hardware from being pushed to the breaking point).
Future security is likely to change these things. Their nuclear plans have been derailed, possibly for years, but eventually they'll be back on track and now know exactly what to fix. On the up side, we know what to fix now too.
Their other mistakes include using a popular operating system instead of a custom constructed OS, and making the control systems run off of something writable instead of one-time writable memory (with built in safeties to prevent hardware from being pushed to the breaking point).
Future security is likely to change these things. Their nuclear plans have been derailed, possibly for years, but eventually they'll be back on track and now know exactly what to fix. On the up side, we know what to fix now too.
"On two occasions, I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able to rightly apprehend the kind of confusion of ideas that could provoke such a question." ~ Charles Babbage (1791-1871)