Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

An email from an AlphaGeek.

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Archives » General Discussion (Through 2005) Donate to DU
 
Tandalayo_Scheisskopf Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Aug-17-03 08:39 AM
Original message
An email from an AlphaGeek.
I have this friend who is an AlphaGeek. One of the smartest persons I know, he is a computer hardware engineer with few peers and a Network Engineer cut from the same type of cloth. There is little he does not know, of can discuss with a rare eloquence, regarding all things technical. Even things like nuclear weapons, as his dad used to work in that field. Any technical subject, he evinces a rare understanding of detail and nuance.

Here is what he said. This is a paraphrase, but I strive for accuracy in relating his ideas:

" It is no secret that the blaster.worm attacked Windows NT varients. What is less known is that the blackout took place within a few short hours of the advertised activation time of the blaster.worm. What is even less known is that the control network for the power grid was run on primarily WindowsNT variants, with a few Linuces thrown in to the mix. Very few, indeed."

"Now, if you were Microsoft, with $40 Billion in the bank, how hard would you work and how much would you spend, to see that the fact that the blackout was caused by the blaster.worm and your sloppy, sloppy programming, never sees the light of day?"

Knowing this gentleman as I do, I consider these words of his well worth serious consideration. He is the sort of person that only uses tinfoil as a faraday shield, or to cover his Tuna Hot Dish, before it goes in the oven.
Printer Friendly | Permalink |  | Top
Kellanved Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Aug-17-03 08:47 AM
Response to Original message
1. even more
Edited on Sun Aug-17-03 08:50 AM by Kellanved
Although it is very unlikely that the worm caused the blackout, there is an intersting fact:
National Grid USA is mentioned as a customer of Northern Dynamics.
Northern Dynamics calls itself the "Home of the OPC Experts" and sells control systems using OPC.
OPC stands for "OLE for Process Control" and is based on COM/DCOM - the very component/interface containing the vulnerability attacked by blaster.

One link to back this up (German, I have found no English article, but I didn't look that hard)

http://www.heise.de/newsticker/data/ju-15.08.03-001/
Printer Friendly | Permalink |  | Top
 
Kellanved Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Aug-18-03 03:26 AM
Response to Reply #1
7. and more
I'm not 100% positive about this, but maybe you can tell me more (is this NERC a real institution? why not a .gov URL? ).

A paper by the North American Electric Reliability Council warned that a worm might have an influence on the grid

http://www.nerc.com/~filez/standards-cyber.html"> "Urgent Action - Cyber Security"

A letter by Charles E. Noble (CISSP Information Security, ISO New England) :
--snip
On January 25, 2003 the SQL Slammer Worm was released by an unknown source. The worm significantly disrupted many Internet services for several hours. It also adversely affected the bulk electric system controls of two entities for several hours. These events have been studied in detail. No unintentional control actions and nor service interruptions occured due to these events; however, both entities lost their ability to execute bulk electric system control from their primary control centers for several hours. Those who have studied these incidents believe that at least one would have been prevented had these actions set forth in the proposed standard been taken.
--snap
ftp://ftp.nerc.com/pub/sys/all_updl/standards/Chuck-Noble-RBB-Letter.pdf

Printer Friendly | Permalink |  | Top
 
Nlighten1 Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Aug-17-03 09:07 AM
Response to Original message
2. very interesting
I haven't really been following this but is the MS Blaster worm a suspect in the power outage? If so has anyone stated "how" it could have accomplished the shutdown?
Printer Friendly | Permalink |  | Top
 
TahitiNut Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Aug-17-03 09:51 AM
Response to Original message
3. While I'd doubt that the 'blaster.worm' itself caused the grid to fall,
Edited on Sun Aug-17-03 09:56 AM by TahitiNut
... it's conceivable that the same COM/DCOM vulnerability exposed those systems to a different worm -- one which may have emulated events triggering the cascading shutdowns. Any investigation that fails to correlate control system software upgrades with generation shutdowns would be predisposed to blindness in that direction.

The vulnerability of the national electrical generation/transmission infrastructure has been known for some time. Indeed, it was a major area in which "Y2K" efforts were focused. As a result of increased Internet viability in the 90's and feverish Y2K project funding in the late 90's, control systems were migrated far too sloppily to NT-based systems and segregated interconnections were abdicated in favor of Internet connectivity. While there are design methods whereby critical systems employing Internet connectivity can be effectively isolated, those methods were not employed, favoring instead a commercialized approach wherein the investment in "smoke and mirrors" (e.g. the OTS cost/benefit cult) for the sake of contractor profits outweighed investments in technical acumen.
Printer Friendly | Permalink |  | Top
 
Jacobin Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Aug-17-03 09:51 AM
Response to Original message
4. A good friend of mine who is a software guru
said the same thing to me.

Very interesting.
Printer Friendly | Permalink |  | Top
 
StClone Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Aug-17-03 10:21 AM
Response to Reply #4
6. Concur
My non-techno friend and I wondered if reboots occurring repeatedly throughout a vulnerable system could slow control response times, while the energy flowed, thus inducing a cascade of failures.

Printer Friendly | Permalink |  | Top
 
Atlant Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Aug-17-03 10:03 AM
Response to Original message
5. Here's Iliad's ("User Friendly's") take on the blackout...
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Fri Dec 27th 2024, 06:21 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (Through 2005) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC