[Info-vax] OpenVMS versus Windows/GE Telemetry Control Systems.
Bill Gunshannon
billg999 at cs.uofs.edu
Tue Jan 15 22:20:20 EST 2013
In article <kd52bk$as$1 at dont-email.me>,
David Froble <davef at tsoft-inc.com> writes:
> Stephen Hoffman wrote:
>> On 2013-01-15 20:27:19 +0000, Stephen Hoffman said:
>>
>>> On 2013-01-15 20:10:04 +0000, Bob Gezelter said:
>>>
>>>> I note that my published recommendation for nearly twenty years has
>>>> been to "air-gap" process control systems from the general corporate
>>>> network as well as the public Internet [citation: Computer Security
>>>> Handbook, 3rd Edition].
>>>
>>> That approach is great. In theory. But the air gap is not always
>>> practical. As Stuxnet showed, there are ways to jump the air gap, too.
>>
>> And not three minutes after posting that:
>>
>> http://arstechnica.com/security/2013/01/two-us-power-plants-infected-with-malware-spread-via-usb-drive/
>>
>>
>>
>
> I seem to recall that the USB ports on Alphas were not functional under
> VMS. If that's correct, then another security notch for VMS ...
>
>:-)
So, in order to be safe you have to give up some convenience.
And the same is true of any system. Security people always walk a thin
line between convenience and safety.
And one simple, well published parameter and it is a non-threat to
Windows systems as well. Without completely giving up the USB port.
bill
--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999 at cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include <std.disclaimer.h>
More information about the Info-vax
mailing list