Get SOPA’d
The opposition to SOPA via the internet was so wide spread that politicians have added SOPA to the pool of English language nouns, like Google, that are used as verbs. To “get SOPA’d” is to back legislation that ignites a major Internet backlash. In spite of all that conversations about SOPA-style legislation continues according to Christopher Dodd, the head of the Motion Picture Association of America, one of the major backers of the original SOPA legislation. Brief update on ArsTechnica.
STUXNET: It’s not just for Iran anymore
The STUXNET virus used to attack Iranian nuclear facilities succeeded, in part, because modern industrial facilities are run moment-to-moment largely by computers, controllers, have no real security: it’s as if you all you needed to login to someone’s back account was their username (no password). Oh… and there are standard hard-coded accounts. In other words, with a little knowledge, if you’re on the network in the facility you can connect to the controllers and reprogram them. It was a known problem before STUXNET became international news. Security Researchers have been pushing the manufacturers (GE, Rockwell Automation, Schneider Modicon, Koyo/Direct LOGIC, etc.) of the PLC controllers to add proper security to them with no luck. Earlier this year, they started releasing the specifics of how to attack these systems and those specifics have now been rolled into a standard security testingĀ tool (called Metasploit). Metasploit is a well known, easy to use tool and, unfortunately, there’s nothing to stop people for using it as a tool to attack systems. Of course, that’s the point. PLCs control critical infrastructure, including power plants, pipelines, chemical manufacturing and water treatment plants. And, even without this knowledge being public, history shows that eventually these exploits will be found (STUXNET is just a recent proof). What’s different in this case, is that now the public, insurers and stockholders can realize there’s a big problem and that there’s a way to solve it.