lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: steve at stevesworld.hopto.org (Stephen Clowater)
Subject: east coast powergrid / SCADA [OT?]

Its highly unlikely that msblast had anything to do with the power outage.
For one, the internal rpc network that is used to monitor actual power
spikes, and to move current from one circut to the next in a grid is a
closed network. And in the areas were it cant be closed (between major
utilities) it is tunnled via a VPN. Yes it runs a bit of NT4 and a bit of
Windows 2000, In the next few years there has been a plan proposed to make
freeBSD a standard.

MSblast did not cause this, there have been warnings for the last 10 years
that the grid was overloaded in the particular ring were the overload
started. For years people have been warning that if a major transmitton line
went during a high demand period of time, then you could be looking at a
surge larger than can be midigated coming out of that ring. And then when it
happens people come up with this theory that its msblast? Please, if that
were the case, why have none of hte other billons of windows vunerabilities
ever affected the grid? more specifically, why havent any of the thousands
of rpc vunerabilites ever effected the grid?

And sure enough, this morning on CNN, officals said they have a working
theory that a major transmition line inside the ring went, wich created a
back wave in the grid until it finaly came around in the form of a hudge
surge. Niagra somehow saw this coming and shut down all generators in time
to stay on the grid, and as the failure expanded more failsafes kicked in to
contain it.

This is far from a complete explanation. But it fits the avialable facts, it
fits the timetable of what happened, and it makes logical sense in relation
to the recent history of the power grid.

Now can we give msblast a rest? :)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ