[PLUG] DOE Releases Blackout Report
Steve Bonds
1s7k8uhcd001 at sneakemail.com
Fri Nov 21 10:55:03 UTC 2003
On Wed, 19 Nov 2003, Mike De La Mater mikedela-at-theplatinumrule.com |PDX Linux| wrote:
> Cooper Stevenson wrote:
> > This is an outrage. What are the officials operating the power grid
> > doing running mission-critical alarm control systems on a platform known
> > for serious security issues?
>
> Since it's such a common mistake to use that OS, I'm more outraged that
> they chose to use unpatched systems for such critical infrastructure.
> I'm only an okay sysadmin, and none of my systems are that unpatched,
> and I'm only dealing with businesses in the millions.
This is closer to the root of the problem. I've personally witnessed
UNIX-based power control computers at an unnamed large western utility
that were subject to trivial remote root exploits. You didn't even need
to download special software for it and the patches to fix it were several
years old.
In my opinion, most utilities simply don't have the profit margins (or
profit-motivation) to justify paying market-rate sarlaries. This leads to
some unfortunate situations where the well-qualified workers get snatched
up by other companies.
-- Steve
More information about the PLUG
mailing list