Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Kaspersky To Build Secure OS For SCADA Systems

Soulskill posted about 2 years ago | from the flatten-and-rebuild dept.

Operating Systems 165

Trailrunner7 writes "Attacks against SCADA and industrial-control systems have become a major concern for private companies as well as government agencies, with executives and officials worried about the potential effects of a major compromise. Security experts in some circles have been warning about the possible ramifications of such an attack for some time now, and researchers have found scores of vulnerabilities in SCADA and ICS systems in the last couple of years. Now, engineers at Kaspersky Lab have begun work on new operating system designed to be a secure-by-design environment for the operation of SCADA and ICS systems. 'Well, re-designing ICS applications is not really an option. Again, too long, too pricey and no guarantees it will fit the process without any surprises. At the same time, the crux of the problem can be solved in a different way. OK, here is a vulnerable ICS but it does its job pretty well in controlling the process. We can leave the ICS as is but instead run it in a special environment developed with security in mind! Yes, I'm talking about a highly-tailored secure operating system dedicated to critical infrastructure,' Eugene Kaspersky said in an interview."

cancel ×

165 comments

Free with every purchase... (4, Funny)

Splat (9175) | about 2 years ago | (#41672043)

Monitoring and "remote support" by KGB included free with every purchase!

Re:Free with every purchase... (0)

Anonymous Coward | about 2 years ago | (#41672187)

Good point. I'll wait for the Chinese, or the Persians, to come out with their version.

Re:Free with every purchase... (0)

Anonymous Coward | about 2 years ago | (#41672213)

The Persians? Bah! Nothing but Sumerian operating systems for me!

Re:Free with every purchase... (0)

Anonymous Coward | about 2 years ago | (#41673831)

Sumerians? A bunch of amateurs! If you want a great OS, you have to with a Hittite OS.

Re:Free with every purchase... (2)

arglebargle_xiv (2212710) | about 2 years ago | (#41675253)

Sumerians? A bunch of amateurs! If you want a great OS, you have to with a Hittite OS.

I'm sorry, we're Medes and we're lost in this desert of a web board. Could you direct us to the exit? And sorry about the arrows.

Re:Free with every purchase... (1)

Anonymous Coward | about 2 years ago | (#41673827)

When you say "Monitoring and "remote support" by KGB included free with every purchase!", are you Putin us on?

Re:Free with every purchase... (2)

socceroos (1374367) | about 2 years ago | (#41675643)

I was russian to say the same thing but you beat me to it. I'm stalin to think that this whole thing is a hoax.

This is a good idea with countless benefits. (3, Insightful)

Revotron (1115029) | about 2 years ago | (#41672065)

They'll never go for it.

Re:This is a good idea with countless benefits. (1)

jythie (914043) | about 2 years ago | (#41672121)

Yeah.. secure systems tend to be ineffient to use or more work to maintain, so often people just switch off a lot of the security, esp when they are being used/maintained by people who just want to use them in order to complete other tasks.

Re:This is a good idea with countless benefits. (4, Informative)

bluefoxlucid (723572) | about 2 years ago | (#41672423)

I think a Linux system that used PaX would be easy. Actually I used to maintain the list of incompatible apps--mostly Java itself, a handful of other things that turned out to be broken (and occasionally have critical security holes, none of which I personally found)--for Gentoo Linux. Thing about PaX is when something is killed, it's logged, and you get a wealth of debug data--when your program misbehaves, it usually dies from it early and it's easier to find the problem. This means developers have an easier time getting their software more correct, and the system doesn't do odd unexpected things (by bad software or by being hacked and worm-infested), and so the more secure system becomes the more usable system and the more maintainable system.

Similarly, for Unix environments, you could work on building out Minix and bolt on services that supply security guarantees as PaX does, and that interface between the user space utilities and the OS (because the OS Syscall handler is itself a service, you run the program under a DIFFERENT SERVICE) to implement namespaces and act as functional jails--virtualization, semi-virtualization. Services supplied under full microkernels like GNU HURD, L4, or Minix are small and thus easily audited for correctness--and thus improve security.

It all requires policy, of course. The PaX stuff is policy: no write/execute and no !execute to execute. If that crashes the program, you need to fix the program or remove that policy restriction. Semi-virtualization is mainly a file access policy--hide (can't see it), read-through (can see it, writes are redirected a la UnionFS), read-write (can see and change it, object is shared)--and a resource policy--PIDs, network devices/addresses, etc are hidden or shared. It's on the developer to do that, although forced policy on deployment is possible (you can externally generate a policy). grsecurity has always supplied a learning mode that logs and then develops policy automatically, which you can then audit for monkey business.

Re:This is a good idea with countless benefits. (4, Insightful)

Chris Mattern (191822) | about 2 years ago | (#41673069)

It all requires policy, of course. The PaX stuff is policy: no write/execute and no !execute to execute. If that crashes the program, you need to fix the program or remove that policy restriction.

And right there you've put your finger precisely on the problem. Fixing the program is hard--if you got it from a vendor, it might well be impossible. Removing the policy, on the other hand, is easy.

Re:This is a good idea with countless benefits. (1)

jythie (914043) | about 2 years ago | (#41673203)

And that is the crux of the problem... while OSes have a wealth of security problems, generally when you drill down into break ins, one often finds that the hole was human (or institutional) in nature. Outside unintended consequences, making something secure and making something functional are mutually exclusive (or at least often conflicting) goals that humans will often just turn off security when it gets in the way of doing tasks they need done.

Re:This is a good idea with countless benefits. (1)

bluefoxlucid (723572) | about 2 years ago | (#41673673)

No, that's stupid. As I said, the stricter guarantees that you must follow under PaX-alikes tend to make programs easier to debug. ASLR and W^X policies cause hard failures to happen more often and earlier in the failure process, rather than letting the program off-by-one and get away with it or just hobble along half-dead until it sputters out and dies miles away from where the error actually occurred. Debugger intervention and proper core dumps (with library layouts and other memory mappings) can be used to reconstruct the program state at the time of the error.

That means security makes the system easier to develop correct programs for, in this case. Correct programs are easier to use because they don't fuck up so much. Incorrect programs that run until you do something you really normally wouldn't do will of course get exploited...resulting in a crash because the security system doesn't allow for the basic required functionality that allows those kinds of exploits. There's a log, and the programmer scratches his head and issues a patch ten minutes later, correcting some poor bounds checking.

Re:This is a good idea with countless benefits. (1)

bluefoxlucid (723572) | about 2 years ago | (#41673595)

This is actually not as much of a problem as you think. Programs don't last forever, and they get rewritten a lot. Upgrades. New features. Refactoring, replacement. Remember the shiny new thing is more attractive, so businesses throw out the old and make new just for the sake of being more up-to-date than the competition.

As such, a feature that says "Requires you to disable the security features of your OS for this particular program" and a big scary warning box that says "Program is requesting policy to disable anti-hacker security protections for itself, may be susceptible to viruses and hackers [X]Allow [ ]Deny" will become a blight next to the competitor's app that "Takes advantage of advanced security protections." Eventually everyone fixes the minor bugs that cause this shit, and then everything just 'works' and we simply expect it to.

Your vendor doesn't want people looking at him funny. Fixing the problem is usually easy--with dynamic compilation (Java, .NET, etc) it's fundamentally impossible, but otherwise it's a matter of not doing a certain thing like self-modifying hand-optimized assembly.

Re:This is a good idea with countless benefits. (1)

AK Marc (707885) | about 2 years ago | (#41672491)

It won't work. SCADA was built off the assumption of physical security. It would take firing everyone who ever worked in SCADA to design the next generation of applications to get anything with security in it. Why would anyone switch to this "secure" system, when it's already more secure (physically) than any "program" can make it?

Re:This is a good idea with countless benefits. (1)

Platinumrat (1166135) | about 2 years ago | (#41673735)

It won't work. SCADA was built off the assumption of physical security. It would take firing everyone who ever worked in SCADA to design the next generation of applications to get anything with security in it. Why would anyone switch to this "secure" system, when it's already more secure (physically) than any "program" can make it?

That's a bit of a stretch. I work in SCADA and it's not the developer's who are the problem. I, myself, harp on about security every other week. However, the marketing and development managers don't give a rats arse. If it's not a new "shiny" or something the competition has, then no money gets put into it.

Even when security is called out in the standards or client specifications, it's usually just security theater. The maintainers and end users don't want security and tend to bypass the token methods implemented anyway.

Re:This is a good idea with countless benefits. (1)

AK Marc (707885) | about 2 years ago | (#41674349)

I wasn't talking developers specifically, but usually SCADA is written by engineers and supported by IT, so you'd have to get rid of the engineers that made/designed it, as well as the managers that supported it. There's so much inertia around SCADA, and it started as an electrical spec for monitor, with an idea on someday using electricity to control. The "original" SCADA was electrically driven analogue gauges for monitor, with no control ability. Later, it evolved into a 2-way control, assuming you are in a locked room with the equipment and no external connectivity, so security was not even a passing thought, as if you were in the room alone, you has 100% control of the system in the first place, so securing the voltage on a few short wires was idiocy. I still use SCADA that is nothing other than analog voltage, which isn't securable in any form (increase voltage to increase opening, decrease to decrease opening, output gauge is a voltage, and +12V = 100%, and linerly decreases from there to 0V=0% or sometimes -12V = 0%).

Re:This is a good idea with countless benefits. (1)

grantspassalan (2531078) | about 2 years ago | (#41674589)

Why do critical control systems need to be connected to the Internet? Computerized control systems such as SCADA have existed far longer than the Internet. There is also a difference between allowing critical quantities to be controlled remotely and these same critical quantities being monitored remotely. It MAY be permissible to allow read only monitoring over the Internet, but certainly, critical controls should never, ever at any time under any circumstances, be accessible from the Internet, so that some hacker in Russia, China, Iran or elsewhere in the world can change the parameters of a critical process.

Re:This is a good idea with countless benefits. (1)

mikael (484) | about 2 years ago | (#41674839)

It's cheaper to run traffic over an Internet link that it is to buy a dedicated line. Knew one oil company who wanted to run an RGB composite video cable all the way underwater from an oil rig to the head office, just so the CEO's could see what was happening on the control system offshore. Fortunately, the consultants persuaded him that converting the video signal to digital and running that through the existing fibre-optic network would do just as well.

Internet passports (2)

EmperorOfCanada (1332175) | about 2 years ago | (#41672071)

Aren't Kaspersky Labs the bozos who supported Internet passports? That is such a dumb idea that my computer lost 100Mhz just browsing the article. These guys just have verisign envy and want to get between users and hardware in order to charge rent.

Re:Internet passports (0)

Anonymous Coward | about 2 years ago | (#41674355)

> That is such a dumb idea that my computer lost 100Mhz just browsing the article

If you didn't gain it back, on the bright side your system will run cooler!

Just take them off the internet (5, Insightful)

Billly Gates (198444) | about 2 years ago | (#41672091)

Make the client OS use DNS SEC and encrypted traffic for a secure network that is not physically connected to the internet or any network with a gateway to the internet. Why is this so hard?

This secure OS will eventually get compromised too if it has USB ports enabled, physically access to the machine, or be on a network.

Re:Just take them off the internet (4, Interesting)

Anonymous Coward | about 2 years ago | (#41672203)

All of the SCADA systems I have installed are wireless. A potential hacker doesn't need physical access, they just need to be in range.

True story: The largest wireless SCADA system I did was for an oilfield company. I originally set up passwords made of random letters and numbers, making them as secure as possible. But less than a week after the system was up and running, they complained the passwords were too difficult to remember. So I was forced to change them all to something similar to President Skroob's luggage combination or not get paid.

(The SCADA radios ran Linux, in case you're interested...)

Re:Just take them off the internet (0)

Anonymous Coward | about 2 years ago | (#41672247)

Holy crap! Was the network at least encrypted with a decent algorithm. Please do not say WEP or I will have to fly down and kick someone's ass in. Iran could come in easily and destroy all the equipment. There should be laws against this.

To me a wireless or public network to something so critical is like allowing public access to area 51 or the Pentagon. Security exists for a reason even if it costs convenience.

Re:Just take them off the internet (3, Funny)

Anonymous Coward | about 2 years ago | (#41672339)

No it wasn't WEP, and I'm in Canada. Iranians would never survive our winters.

Re:Just take them off the internet (1)

AK Marc (707885) | about 2 years ago | (#41672349)

Why encrypt the network if you encrypt and secure the application?

Re:Just take them off the internet (3, Interesting)

Billly Gates (198444) | about 2 years ago | (#41672431)

For one I can install a network sniffer on it to gain passwords. Then upload my own program to interact with the SCADA and destroy your equipment. With slashdot's earlier story of Iran planning a 9-11 like attack on American Infrastructure this is a very real concern.

Even Linux has security holes. They are not exploited on the net like Flash or Java ones but a rogue government or terrorists can use them to gain access.

Re:Just take them off the internet (2)

LordLimecat (1103839) | about 2 years ago | (#41673409)

For one I can install a network sniffer on it to gain passwords

Not if youre using a secure application like SSH, which was his point.

Re:Just take them off the internet (1)

Billly Gates (198444) | about 2 years ago | (#41674953)

Then someone will find another. The point is exploits do exist and the best solution is to focus on the problem. Not the symptoms. That is access. A more secure app or OS just reduces the symptoms that are totally preventable.

Power, telecommunications, water, nuclear, and oil/gas need regulation as dirty as that word is in the US because of idiot managers who love real time reports and remote manageability to cut down on costs. Something horrible will happen one of these days and it will be a very expensive problem to fix.

I do not trust kaspersky as I am sure Russia would love to have its own STUXNET as well.

Re:Just take them off the internet (0)

AK Marc (707885) | about 2 years ago | (#41673649)

For one I can install a network sniffer on it to gain passwords.

How do you sniff gain passwords of a properly encrypted and secured application?

With slashdot's earlier story of Iran planning a 9-11 like attack on American Infrastructure this is a very real concern.

You give me 20 Iranians willing to die following my every order, and I'll collapse any single industry you choose in the USA. One suicide bombing a week at various fast food restaurants, and after 2 months, the cashflow for Yum! Brands, and McDonalds franchisees, and even Macaroni Grill and Darden, though I couldn't guarantee a collapse of something like McDonalds or Subway, as those are mainly franchised restaurants, but Darden is 100% corporate owned restaurants, and 4 bombings would be enough to send them to bankruptcy. Or electric power grid, or phones, or airlines (attacking the airports on the ground and bombs in luggage that goes off before loading on a plane or after loading but before liftoff would shut down the industry and bankrupt every carrier other than some regional ones).

The US is teetering on the edge, and everything is on the edge of collapse without Iran's help. For all I can tell, the government is spreading FUD now as a pre-cover for unrelated problems. Like a false flag operation, but reversed. We are pretending to see some flag that isn't there, but nobody is actually flying someone else's flag.

Re:Just take them off the internet (0)

Anonymous Coward | about 2 years ago | (#41675877)

> . One suicide bombing a week at various fast food restaurants, and after 2 months, the cashflow for Yum! Brands, and McDonalds franchisees, and even Macaroni Grill and Darden, though I couldn't guarantee a collapse of something like McDonalds or Subway,

Sausage or Pepperoni? This is how it begins.

Re:Just take them off the internet (1)

grantspassalan (2531078) | about 2 years ago | (#41674699)

Please explain to me how you can destroy equipment, if none of that equipment is connected to the Internet? Why do the controls say for a generator in a power station be made accessible over the Internet?

Re:Just take them off the internet (2)

Billly Gates (198444) | about 2 years ago | (#41675063)

Easy to reduce costs and PHB can get their real time reports. If you have lets say 45 oil wells out in the field over a 700 mile area it is much more cost effective to have them on the internet where Bob with IE 6 with is all secure non signed activeX control, can work on each of them and check settings etc.

In the old days you would need 20 people doing Bob's job driving to oil well after oil well doing work, shutting off leaky valves, and documenting paperwork. Nuclear powerplants love internet enabled controls because it reduces the personnel in potentially dangerous areas.

These are targets Iran would love to attack and the State department said are in the process of doing. It seems retarded for safety reasons but it can cut on costs and automated software and do things like shut down values on leaky oil pipes. The PLC in the SCADA can easily destroy the equipment as they instruct the motors what to do.

Re:Just take them off the internet (1)

ibsteve2u (1184603) | about 2 years ago | (#41672485)

Concur. Makes me shudder to think of running SCADA over wireless....even if it were encrypted spread-spectrum technology. Between RF noise and signal injection/interception...lollll...makes my whole background want to throw up. Gimme that fiber!

Re:Just take them off the internet (1)

Billly Gates (198444) | about 2 years ago | (#41672577)

Just like the nuclear powerplant disaster in Japan the PHBs and cost accountants only care about costs as in have it all wireless so we can have 1 guy do the work of 20 by having it on the internet instead instead of having someone there.

This should be regulated if SCADA is used for any public infrastructure and one of them is no networking. Even a fiber link can get spliced. It is more difficult and expensive to do but Iran has the dough to do it and would be a target.

Re:Just take them off the internet (1)

MozeeToby (1163751) | about 2 years ago | (#41672747)

There's more than one way to infect a system, and yes, most of them require user stupidity but there is no end to the supply of stupid users. The most commonly described example is to drop a few USB thumb drives in the parking lot with your worm on them, then just wait for some well intentioned (or not) employee to pick it up and either plug it in to see who it might belong to or start using it for day to day activities, such as updating software on the 'secure', air-gapped systems.

Re:Just take them off the internet (3, Insightful)

Chris Mattern (191822) | about 2 years ago | (#41673033)

Make the client OS use DNS SEC and encrypted traffic for a secure network that is not physically connected to the internet or any network with a gateway to the internet. Why is this so hard?

Because management wants the real-time reports on their desks. What do mean it's not secure? Everybody else does it. You're the only one who seems to have trouble doing this!

(another) BSD fork()? (4, Insightful)

i.r.id10t (595143) | about 2 years ago | (#41672099)

Why waste the time in new development. Start with one of the BSD systems (already approved under iso9001/9002 type stuff) and either set up custom configurations, or fix what needs fixing.

Re:(another) BSD fork()? (1)

gentryx (759438) | about 2 years ago | (#41672439)

Exactly what I thought. Why reinvent the wheel? Shouldn't be too difficult to make BSD real-time capable.

Re:(another) BSD fork()? (1)

bluefoxlucid (723572) | about 2 years ago | (#41672445)

Minix. It's easier to do a major modification--the fact that it's only basically functional is not an issue, since it's a functional Unix OS without bells and whistles and you're going to be designing and implementing most of the bells and whistles.

Re:(another) BSD fork()? (2)

buttfuckinpimpnugget (662332) | about 2 years ago | (#41672799)

Agreed, but why beat around the bush? Start with OpenBSD.

Re:(another) BSD fork()? (1)

Anonymous Coward | about 2 years ago | (#41674073)

Once again the OpenBSD clan has stepped forward with a reasonable plan for saving the world, unfortunately as is par for the course with OpenBSD, their chosen representative refers to himself as buttfuckinpimpnugget to which the world replied with "oh god, what is wrong with you, go away, just go away!" and promptly returned to their course of apathetic self destruction.

Re:(another) BSD fork()? (0)

Anonymous Coward | about 2 years ago | (#41675653)

Finally, some sanity. Ignore the dislike of Theo... that is probably just because he didn't want USA DoD stagnation money.

I like the idea (3, Interesting)

kasperd (592156) | about 2 years ago | (#41672117)

I do like the idea of an operating system designed with such security in mind. The operating system is probably also going to require some sort of real time guarantees, but otherwise no requirements for ultra high performance.

As far as security goes, I think one important aspect is transparency. Code running on the operating system should probably not have much freedom to modify the underlying system, but it is crucial that they can see what is going on, such that you can monitor that nothing unexpected is running on the system.

I guess for most SCADA systems the risk of bad stuff happening due to unauthorized changes is a much greater concern than leaking information from the system.

Are Kaspersky the right people to build the OS? Time will show.

The 1970's called (1)

Anonymous Coward | about 2 years ago | (#41672277)

They want their capabilities architecture back.

Re:The 1970's called (0)

kasperd (592156) | about 2 years ago | (#41673435)

They want their capabilities architecture back.

Capabilities leads to complexity, complexity leads to bugs, bugs leads to vulnerabilities.

To build something secure, you need to aim for simplicity.

Re:I like the idea (2)

TubeSteak (669689) | about 2 years ago | (#41675789)

As far as security goes, I think one important aspect is transparency.

FTFA:

Threatpost: What are the most important features for the new OS?

Eugene Kaspersky: Alas, I cannot disclose many details about it.

A secure OS shouldn't need to be kept secret.
It should be publicly vetted like an encryption algorithm

VLANs (0)

Anonymous Coward | about 2 years ago | (#41672163)

My SCADA network is on a separate VLAN. Remote access via a VPN. How hard is that?
I would be more impressed if they came up with a secure-by-design OS for us to generally migrate into.

New Business Model (0)

Anonymous Coward | about 2 years ago | (#41672169)

1) Hype up suggestions that SCADA systems are vulnerable to attack.
2) Build a secure OS for SCADA systems (while knowing full well that no OS will ever be hack-proof)
3) Profit!

BONUS POINTS: Continue with these steps even after it comes out that SCADA attacks never happened in the first place. http://www.zdnet.com/contractor-explains-water-pump-scada-hack-4010024927/

Security through obscurity (5, Insightful)

jader3rd (2222716) | about 2 years ago | (#41672229)

"re-designing ICS applications is not really an option". If redesigning the apps isn't an option, how would a new OS help?

Re:Security through obscurity (2)

JWW (79176) | about 2 years ago | (#41672413)

I'm assuming they want to sandbox access to lower level hardware, which can be done with a modified OS.

Except SCADA's a strange bird in that respect. While low level access to network hardware might not be needed by the control interface, low level access to the controllers and monitoring systems is needed.

They're onto something when they're talking about a custom OS. But that problem had largely been solved in the past, until all the engineers and operators wanted SCADA interfaces that ran on Windows. After that security was always an afterthought and you reap what you sow.

Re:Security through obscurity (1)

VortexCortex (1117377) | about 2 years ago | (#41673045)

I've made several OSs -- It's not that hard. Protected Mode should have been the end of it, but you see, even hardware has bugs. Perfect software can be vulnerable on different hardware. Just look at any BIOS interrupt listing -- some BIOS interrupts are known to trash certain registers in an undocumented way. If our hardware doesn't always perform per spec then you're barking up the wrong fucking tree when it comes to security... Software is only part of the problem.

Re:Security through obscurity (0)

Anonymous Coward | about 2 years ago | (#41673429)

I've sent several probes to Mars -- It's not that hard.

I've reconstructed several heavily damaged internal organs to working condition -- It's not that hard.

Re:Security through obscurity (1)

Kaenneth (82978) | about 2 years ago | (#41672963)

I would guess the new OS would be binary compatible with the old OS; just like you can run Windows 1.0 applications on Windows 7 (subject to quirks...)

Which would also be why just using BSD wouldn't work.

Re:Security through obscurity (1)

future assassin (639396) | about 2 years ago | (#41673551)

how would a new OS help?

Magic.

shi7! (-1)

Anonymous Coward | about 2 years ago | (#41672293)

First, You have to kkep, and I won't myself. This isn't practical purposes,

Won't help much.. (1)

Anonymous Coward | about 2 years ago | (#41672303)

The problem isn't the os. The problem is the programmers.
The culture, the style, the programming best practices.. It needs to change when it comes to embedded systems that need high security.

You need high standards for these things.. Instead mostly they are still slapped together like the crappiest web apps.

So now you're going to build an idiotproof os?
Well you know what they say about that...

Good - keep mickey out (1)

shalomsky (952094) | about 2 years ago | (#41672367)

Keep M$ out of mission critical and high-danger environments? Good, and it's about time. Nothing could be smarter.

"Argue with the numbers" vs. these companies (-1)

Anonymous Coward | about 2 years ago | (#41672457)

"Keep M$ out of mission critical and high-danger environments? Good, and it's about time. Nothing could be smarter." - by shalomsky (952094) on Tuesday October 16, @02:51PM (#41672367)

---

38 HIGH TPM & 99.999% "uptime" examples:

---

XEROX: Managing 7++ million transactions a day for office devices for its customers using Windows Server 2003 + SQLServer 2005 64-bit with 99.999% uptime!

NASDAQ: The U.S.' LARGEST STOCK EXCHANGE, Since 2005 has had Windows Server 2003 + SQLServer 2005 in failover clusters running the "official trade data dissemination system" for them in 24x7 fabled "5-9's" 99.999% uptime, doing 64,000 transactions PER SECOND (compare London Stock Exchange using Linux @ 3,000 per second)

FUJIFILM GROUP: Tracks data for its imaging, information, & documentation for its products & services using Windows Server 2003 w/ a custom SAP solution on SQLServer 2005, achieving 99.999% uptime.

HILTON HOTELS: Manages 1.4 Billion records a day for customers in 1000's of their hotels worldwide - for 370,000 rooms & catering services forecasts (switching from 6 *NIX systems to 1 Windows Server 2003 + SQLServer 2005 clustered failover system using a data warehouse with 7 million rows & 99.998% uptime).

MEDITERRANEAN SHIPPING COMPANY: Manages & Tracks 7 million containers out of 116 countries daily using Windows Server 2003 + SQLServer 2005 in failover clusters with 99.999% uptime.

SWISS INTERNATIONAL AIRLINES: Serves 70 airport destinations worldwide, with 6,500 employees + 110 branch offices via Windows Server 2003 & Active Directory with 99.95% uptime (all while growing their business 30% per year). THEIR PREVIOUS LINUX SYSTEM COULD ONLY HANDLE 250 concurrent users - the Windows one handles over 500++ users concurrently/simultaneously!

UNILEVER: Global consumer good leader, migrated to mySAP on SQLServer 2005 + Windows Server 2003 & scaled UP their operations by over 200% & yet saved money + have 99.999% uptime!

MOTOROLA: Using System Management Server, Windows Server 2003 & SQLServer 2005 to conduct inventory of 65,000 desktops from a single location (e.g. for system updates corporate & worldwide).

NISSAN: Uses Windows Server 2003 to manage 50,000 employees' email & calendaring (w/ out VPN, & using Exchange Server 2003) for local AND remote + mobile users.

TOYOTA MOTOR SALES: Reduced the # of techs needed per dealership (1,000's worldwide) from 7, to 1 using Windows Server 2003.

SIEMENS: 420,000++ people, 130 business units over 190 countries managed in Windows Active Directory

REUTERS: Managing 3,000 servers worldwide @ customer sites internationally (using only 4 managers to do so, remotely).

DELL COMPUTER: Managing 130,000 servers & 100,000 PC's worldside using Windows Server 2003 + 40 million customers' data worldwide.

LEXIS NEXIS: Searches BILLIONS of documents each second delivering news, legal, & business information.

HSBC: Deploys System Center solutions to 15,000 Servers worldwide & 300,000 desktops using Windows Server 2003.

RAYOVAC: Chose Windows Server 2003 over Linux to manage their infrastructure - saving 1 million dollars estimated in software, staffing, & support costs.

JETTAINER/LUFTHANSA/U.S. AIRWAYS: managing shipping to 3,000 flights to 400 airports every day.

CONTINENTAL AIRLINES: Manages crew communication systems, log on/log off, schedules, & shifts using Windows Server 2008 worldwide.

JET BLUE AIRWAYS: Managing 12 million flights & their data annually + ticketing, finance, & personnel too.

TIMEX: Using Windows + Exchange Server for remote personnel & executives (for their ENTIRE workforce)

7 ELEVEN STORES: Chose Windows Server 2003 over Linux with a 20% TCO (total cost of ownership savings not only ESTIMATED, but actually REALIZED!), managing 1,000's of in-store servers via AD worldwide.

STATE OF ILLINOIS GOVERNMENT: Chose Windows Server 2003 over Linux to manage its ENTIRE infrastructure, state-wide, in 1,000's of offices remotely, back to central.

SWITZERLAND'S DEPARTMENT OF FOREIGN AFFAIRS: Managing 666 servers in 156 nations internationally.

REGAL ENTERTAINMENT GROUP: Used to run its POS concession & tickets systems @ 1,000's of theaters worldwide on Linux - Switching to Windows Server 2003 + Windows "Embedded" lowered their total cost of ownership (TCO), substantially as well as giving them better uptime.

CARNIVAL CRUISE LINES: Manages 1,000 shipboard & land based servers using Windows Server 2003 & Server Center.

QUALCOMM INCORPORATED: A wireless technology leader using Windows Server 2003 for managing 6,000 employees via an Active Directory Network in a Secured Network & Communications Infrastructure via Group Policies on AD, resulting in 33% less IT costs.

STARBUCKS: Managing 1,000's of store locations servers worldwide to HQ via Windows Server 2003 Active Directory.

RADIOSHACK: Upgrading from UNIX servers to Windows Server 2003 saved several millions in hardware, software, systems mgt., & support costs (chosen over LINUX in fact) - consolidated in-store servers by 50% from 10,200 to 5,100.

TOMMY HILFIGER: Using Windows Server 2003 they reduced their IT costs by 30%.

VIRGIN ENTERTAINMENT GROUP: Processes 400,000++ SKU's & 7.5 MILLION transactions per second analyzed in REAL TIME!

INFORMATION RESOURCES INC.: Manages over 123 terabytes of data providing consumer behaviour insights, advanced analytics, & decision analysis tools for consumer package goods, healthcare, retail, & financial sectors.

NcSOFT: Korean international gaming software company manages 400,000 users connecting to its game service SIMULTANEOUSLY using Windows Server 2003.

PING: Manages 400 end + servers & desktops for users via Windows Server 2003 Active Directory (& saved 40% less time vs. their old setup on Linux) from a single location.

TDC: Communications leader that is in 12 nations, using Windows Server 2003 to analyze data from 70 disparate (different) systems worldwide centralizing the data + analysis in SQLServer 2005.

GAMEWORKS: A high-tech gaming & restaurant chain, reduced helpdesk costs by 50% using Windows Server 2003 & AD Networks + Group Policies.

SHOP DIRECT: Shop Direct, operating under a number of brands including Littlewoods, Very, Woolworths, Marshall Ward, Kays and Great Universal, employs no less than 10,000 workers, 10% of whom work remotely. In addition, the Group also intends to migrate no less than 350 servers from Windows Server 2003 to Windows Server 2008 R2. The combination of Windows 7 and Windows Server 2008 R2 facilitates scenarios in which remote workers are no longer relying on Virtual Private Networks, but instead use the evolved DirectAccess technology. Another advantage of using Windows 7 Enterprise and ultimate is that the operating systems include BitLocker and BitLocker To Go encryption by default, which serves to protect the sensitive data of employees working remotely.

KBR/Kellogg Brown & Root: Runs their domain on Windows -> http://uptime.netcraft.com/up/graph?site=www.KBR.com

MICROSOFT THEMSELVES: The "shoe maker wears his own shoes" a sure mark of quality -> http://uptime.netcraft.com/up/graph?site=microsoft.com

---

* Would you like more?

I have PLENTY MORE from where that all came from - mostly in academic (top ones in their category) or corporate environs of lesser size than those above, but still well known companies worldwide.

(So, see subject-line, & "eat your words"...)

APK

P.S.=> Funny how Microsoft products are maintaining 99.999% ("Fabled '5-9's'") uptime in those high transactions-per-minute corporate environs above though, eh? Especially vs. YOUR statement I quoted...

... apk

Re:"Argue with the numbers" vs. these companies (1)

Anonymous Coward | about 2 years ago | (#41672617)

I'm confused... GP never mentioned a hosts file...

Is that the topic here? No. (0)

Anonymous Coward | about 2 years ago | (#41672669)

"I'm confused... GP never mentioned a hosts file..." - by Anonymous Coward on Tuesday October 16, @03:11PM (#41672617)

Are YOU on topic?? Again, no...

* Go away - "Shoo", little troll... lol!

APK

P.S.=> Yes - It TRULY makes me laugh to NO END, lol, whenever I post data that the /. trolls can't overcome or disprove & "the best they've got"? See the quote above - mere off-topic trolling, nothing more... lmao!

... apk

Hahaha, APK gets the nix trolls all pissed off (0)

Anonymous Coward | about 2 years ago | (#41672713)

So much so that all they had is off topic b.s. and unjustifiable down mods of his post. What's the matter boys? Cat got your tongue versus data apk put up?

Amen to that (0)

Anonymous Coward | about 2 years ago | (#41672887)

See my subject-line above, and you hit the nail right on the head. All they ever have is off-topic trolling or bogus downmods of my posts that contain data that makes their b.s. look like what it is - bullshit.

APK

P.S.=> It amuses me to NO END to watch the puny /. *NIX trolls have to resort to those things vs. data I put out...

... apk

Re:"Argue with the numbers" vs. these companies (0)

Anonymous Coward | about 2 years ago | (#41672753)

Uptime is not the same thing as security.

You mean like Linux "security"? (0)

Anonymous Coward | about 2 years ago | (#41672829)

"Uptime is not the same thing as security." - by Anonymous Coward on Tuesday October 16, @03:22PM (#41672753)

Ahem - The poster I replied to mentioned "mission-critical" systems.

Thus, I posted roughly 40 (of nearly 400 I have) high tpm examples in mission-critical/enterprise class environs that MS products did extremely well in & have continued to do so, for years, in.

* So, that "all said & aside"? What IS your point??

I'd also like to add that uptime IS security (the security of knowing your stuff is up & running in a stable fashion...) &, that REALLY securing Windows, is a snap (about 1 hour of work tops).

APK

P.S.=> Lastly, per my subject-line above? Well, ok - here's some "fine Linux security" from the past few years now for you to "chew on":

2012:

Medicaid hack update: 500,000 records and 280,000 SSNs stolen:

http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444

So, what's dts.utah.gov running everyone?

LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov

What's health.utah.gov running too??

YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov

* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!

===

2011:

KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)

http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised

---

Linux.com pwned in fresh round of cyber break-ins:

http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/

---

Mysql.com Hacked, Made To Serve Malware:

http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware

What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com

---

London Stock Exchange serving malware:

http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware

(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)

---

DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:

http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers

---

Linux Foundation, Linux.com Sites Down To Fix Security Breach:

http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach

---

Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)

http://uptime.netcraft.com/up/graph?site=StartCom.com

http://uptime.netcraft.com/up/graph?site=GlobalSign.com

http://uptime.netcraft.com/up/graph?site=Comodo.com

http://uptime.netcraft.com/up/graph?site=DigiCert.com

http://uptime.netcraft.com/up/graph?site=www.gemnet.nl

The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:

http://itproafrica.com/technology/security/cas-hacked/

&

http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811

---

The Stratfor SECURITY hack: (can't blame it on poor setup, this IS a security firm that uses Linux)

http://yro.slashdot.org/story/11/12/28/1743201/data-exposed-in-stratfor-compromise-analyzed

What's that domain run? Yes kids - you guessed it: LINUX -> http://uptime.netcraft.com/up/graph?site=www.stratfor.com

---

Phishers/Spammers FAVOR attacking LAMP: (Linux, Apache, mySQL, PHP)

http://www.theregister.co.uk/2011/06/10/domains_lamped/

PERTINENT QUOTE/EXCERPT:

"Phishers compromise LAMP-based websites for days at a time and hit the same victims over and over again, according to an Anti-Phishing Working Group survey. Sites built on Linux, Apache, MySQL and PHP are the favoured targets of phishing attackers"

---

Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?

* You get the picture...

Linux Security Blunders DOMINATE in 2011-2012, despite all /. "FUD" for years saying "Linux = SECURE" (what "b.s."/FUD that's turning out to be, especially on ANDROID where it can't hide by "security-by-obscurity" anymore & is in the hands of non-tech users galore - & EXPLOITS ARE EXPLODING ON ANDROID, nearly daily)

... apk

Re:You mean like Linux "security"? (0)

Anonymous Coward | about 2 years ago | (#41675513)

Care to list the Windows exploits out there? I could, but it would take several weeks to compile them all.

And as for kernel.org being hacked. It happened, yes. But the kernel itself was not compromised. How do we know that? Because of Git.

Re:"Argue with the numbers" vs. these companies (0)

Anonymous Coward | about 2 years ago | (#41674063)

Do you even dream of how many examples that state the oposite, can quoted here ????
London Stock Exchange for one comes to mind ...
Windows and M$ are the CANCER of computer tech ...

London Stock Exchange, eh? LMAO! (0)

Anonymous Coward | about 2 years ago | (#41674277)

"London Stock Exchange for one comes to mind ... -

LMAO - see my subject-line, & this (which you MISSED skimming troll):

---

London Stock Exchange serving malware:

http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware

---

I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE there 2 minutes into the job
http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch

AND, crash not only ONCE, but TWICE there?

* Please - make me laugh some more, ok??

APK

P.S.=>

"Do you even dream of how many examples that state the oposite, can quoted here ????" - by Anonymous Coward on Tuesday October 16, @05:12PM (#41674063)

Ahem - Like I said in my initial post here (which YOU skimmed over obviously, troll) -> http://it.slashdot.org/comments.pl?sid=3189435&cid=41672457 I quite LITERALLY have 100's MORE examples of Windows in LARGE academic environs, OR, those in corporate america...

Additionally on this note - You "talk" a lot, but produce ZERO of those examples you speak of but, that's your typical /. troll in action, alobng... lol!

---

"Windows and M$ are the CANCER of computer tech ...????" - by Anonymous Coward on Tuesday October 16, @05:12PM (#41674063)

Sure, kind of like LINUX (especially ANDROID) did in 2011 - 2012 -> http://it.slashdot.org/comments.pl?sid=3189435&cid=41672829

(YOU need to read THAT, troll... & "eat your words"!)

... apk

Re:London Stock Exchange, eh? LMAO! (1)

socceroos (1374367) | about 2 years ago | (#41675995)

It's interesting to study the motivations behind posts like these. I find these posts quite hilarious and to absolutely miss the point.

One the one hand we're told, "don't feed the trolls", and this person is an obvious troll. But, some part of me wishes to implore them to see the bigger picture.

To whoever you are: circumstance should dictate the tools you use - sometimes this means Windows, sometimes this means Linux. You will rarely see Linux running the domain of a large business, but you would equally rarely see Windows running on the planet's super computers. Also, no operating system is secure. There are relative levels of security, yes, but please keep things in perspective.

Personally, I think the OS needs to be reinvented (I'll drool over a realtime, event sourced, distributed microkernel) - but it is prudent to recognize that this is merely one spoke in the wheel of security. Another spoke would be 3rd party applications, another would be uptime - the list goes on. Widen your field of view and smell the roses: everything sucks - make it work the best you can and be smart.

Re:"Argue with the numbers" vs. these companies (0)

Anonymous Coward | about 2 years ago | (#41674977)

I'm bookmarking this one and calling it "The Day of the Devastator". It actually silenced the trolls on slashdot and their fud.

Re:Good - keep mickey out (0)

Anonymous Coward | about 2 years ago | (#41672971)

http://it.slashdot.org/comments.pl?sid=3189435&cid=41672457

That looks like they are reinventing... (0)

Anonymous Coward | about 2 years ago | (#41672393)

...Linux or xBSD, it would be cheaper and probably faster to move SCADA systems away from Windows.

Coincidence... (0)

Anonymous Coward | about 2 years ago | (#41672415)

...that all the anti-virus firms are from the same area that generates the most of them?

Wired article about Mr. Kaspersky (0)

Anonymous Coward | about 2 years ago | (#41672419)

In case you missed it...

http://www.wired.com/dangerroom/2012/07/ff_kaspersky/all/

Re:Wired article about Mr. Kaspersky (0)

Anonymous Coward | about 2 years ago | (#41672685)

Mod parent up. Toward the end of the Wired article, it mentions this SCADA project.

Good Luck (0)

Anonymous Coward | about 2 years ago | (#41672443)

Best of luck to them, but at the end of the day you need to get SCADA system developers AND integrators on board.

As it stands there are a number of SCADA systems that run on Linux (Redhat or otherwise). It is entirely possible to secure those OSes sufficiently. Combined with an air gap and suitable monitoring you've got a pretty secure system.

The problem comes from shitbox software that requires processes to run as root, installed by people with an electrical engineering background with no experience in IT or security that plug it into the corporate LAN. No amount of secure OS is going to help that.

Re:Good Luck (3, Interesting)

mlts (1038732) | about 2 years ago | (#41672563)

That is exactly the same problem general desktop computing has. The OS is secure, the hardware is secure, it is the poorly engineered browser addons (and sometimes browsers) which bring the system to its knees from a security persepective.

Yes, this embedded OS is secure, but what gives me the ability to trust it? Old Cold War tensions aside, if someone hands me a lock and says, "trust me, its secure", that doesn't give me much assurance. Having source code available for peer review (even if it is commercial like PGP's source) would go a long way in assuring.

Otherwise, I don't see that much improvement between what it offers, and Linux's AppArmor/SELinux. I do like the fact that writes can be redirected elsewhere which isn't a part of any UNIX OS, but if need be, that functionality could be sort of cobbled together by making a snapshot and having a clone be a new filesystem.

Re:Good Luck (1)

lennier (44736) | about 2 years ago | (#41674903)

That is exactly the same problem general desktop computing has. The OS is secure, the hardware is secure, it is the poorly engineered browser addons (and sometimes browsers) which bring the system to its knees from a security persepective.

If an operating system is written in such a way that it blindly gives full root-level access to untrusted third-party binary add-ons -- then your definition of "secure OS" is not the same as mine.

Seriously, it seems like in the last 20 years we've forgotten (or deliberately chosen to unlearn) everything we knew in the 1980s about security. The trend then was away from monolithic kernels towards microkernels, because, well, it's the only mathematically possible way to achieve security and reliability. (In the same way that "not distributing the decryption keys with the content" is the only mathematically possible way to achieve secure encryption.) But it was slow, at least back in the days when 4 Mhz CPUs and 1MB of RAM was a lot. So... we threw away security for speed. Raw C/C++ everywhere. And then built an entire global Internet based on operating systems built on a completely non-securable model. That includes Linux. Yes, do let's run native x86 machine code shared libraries everywhere, we can mitigate the damage after the fact with sufficiently clever code signing / virus scanning / patching. Except that, of course, in practice we can't.

Security of arbitrary x86 binaries is as much of a pipe dream as DRM is. It's simply impossible to close all the gaps when you're passing raw memory pointers and rewritable memory blocks around. The only way to do this right is to start from scratch, use a tiny security-audited microkernel at the bare metal level, with a securely designed message passing architecture everywhere above it. It'll be slow, it'll cost trillions of dollars in coder hours to rewrite all the incorrect code we wrote in the 1990-2000s boom, but it will be mathematically provable to be secure and not kill people.

So, of course, we won't be doing that anytime soon. Welcome to the Gibsonian cyberpunk present. System cracking as a videogame where everything is vulnerable and it's just a matter of how much you want to pay the Somalian Pirate Mafia or disgruntled USAF cyberwarfare cadets to buy the latest exploit. I used to think Neuromancer was a ridiculous scenario, that of course we'd fix the obvious bugs before Internet went 1.0; but we didn't, and now we're living the result.

We could have done it right. But we're stuffing up everything else on the planet, why did we expect that software would be any better?

Re:Good Luck (0)

Anonymous Coward | about 2 years ago | (#41675565)

It won't be mathematically provably secure. Mathematicians cannot even agree on whether such a thing is possible. The L4 microkernel people have claimed it has been formally verified (machine checked). This is true, but it only holds for certain propositions (and then you have to be sure your propositions really prove what you think they prove). Proving the correctness of code mathematically for every possible attack vector is impossible.

15krpm (1)

Alex Belits (437) | about 2 years ago | (#41672459)

That's how my eyes are rolling right now.

Kaspersky Lab is a company that has its whole business centered around digging through compromised insecure systems. They wouldn't know a secure design if it bit them in their faces.

Re:15krpm (1)

VortexCortex (1117377) | about 2 years ago | (#41673097)

That's how my eyes are rolling right now.

Kaspersky Lab is a company that has its whole business centered around digging through compromised insecure systems. They wouldn't know a secure design if it bit them in their faces.

Man, I've still got this head-ache...
Well, damn, man. Don't you think you should see about getting that bear trap removed from your head.
What bear trap?!

Take your time, please (1)

netwarerip (2221204) | about 2 years ago | (#41672463)

We aren't done completely hosing Iran's nuke program just yet. Once that is completely kaput then have at it!

Surely the military has solved this problem (1)

davidwr (791652) | about 2 years ago | (#41672465)

But then again, anyone who knows the solution would have to kill you if they told you.

This problem has already been solved. (0)

Anonymous Coward | about 2 years ago | (#41672647)

Kapersky is late to the game on this one.

http://www.integrityglobalsecurity.com/index.html

first, redesign the assumptions. (1)

swschrad (312009) | about 2 years ago | (#41673003)

assumption 1: we can have remote control work. FALSE. any backdoor anywhere will open.

assumption 2: the vendor is secure. FALSE. any fixed system password is known to somebody bad.

assumption 3: we can use lowest-cost hardware. FALSE. there will be flash drives and dongles and games placed on these machines from who knows where.

assumption 4: we can firewall the net and have Smart Grid work safely. FALSE. it's >ALL fixed passwords out there in StupidGrid, wireless here and there, customer access... it's all bad. all. bad.

dump these bogus assumptions, and reconsider 50s systems management for SCADA... big box in the middle, no intelligence elsewhere, and no connections to anything outside the control room. much more secure.

Won't work -- they'll turn off everything (0)

Anonymous Coward | about 2 years ago | (#41673065)

A lot of SCADA can be somewhat secured. Basic plaintext passwords, networks put inside VPNs... etc.

There *are* buffer overflows and overruns, and registers doing /weird/ not-so-standard things.

But the bottom line is most installs ... have the password left at a default. Or the password is the same across the entire company or given field/factory.

At the first hint of any error or problem whatsoever, the first thing that will happen is passwords will be set to empty, and any encryption will be turned wholly off.

The next thing is the device will be put into world-write mode. And any communication port will be plugged directly into the 'primary' or 'all purpose' communication line directly into whatever logging software or controller they have.

That's the way the hands, bosses, and factory managers do it. That's why SCADA will be insuecre no matter what happens.

It's a people problem that needs to be solved with very public job terminations.

I wish them luck in making a better SCADA O/S, but the root of the problems with scada are social, not technical.

I'm sure there's people who work at big companies that will say there network isn't like this. Maybe they are correct. I suspect, having been subcontracted some of the top-10's -- that their foreman lie to them about the configuration so they can get home at 5 for a cold one. Seen that happen right in front of me many times.

But Windows is secure - NOT! (1)

hamster_nz (656572) | about 2 years ago | (#41673155)

Those of us who have been around a while will remember Microsoft trumpeting Windows NT's security.

"Microsoft included security as part of the initial design specifications for Windows NT, and it is pervasive in the operating system"

The whole Orange Book / Red book, C2 security level and so on,

They would be better off improving the failings of the existing system, rather than inventing a whole new set of ways to fail.

So maybe they get lucky and get 99.9% of the bugs (0)

Anonymous Coward | about 2 years ago | (#41673237)

That still leaves a few bugs to interest the bad guys.

Another useful layer would be to build a cpu with a dual stack for each user mode thread.
      One half for the data where things can overflow.
      The other half protected by the hardware for control information to help prevent overflows from happening and causing harm.
      The protected half could contain return addresses and pointer bounds information.

Maybe that will provide a few of more 9's.

Come cross checks in the app might provide a few more.

They will never get to 100%, but if it's more trouble than it's worth to break in, then maybe that's good enough.

TCP for SCADA (1)

aaarrrgggh (9205) | about 2 years ago | (#41673273)

Wow.... You know what I really want... Trusted Computing Platform for SCADA. Because, hey... If I don't have verifiable challenge-response between a sensor and controller, how can I really trust it. Maybe they can even make the Thunderbiolt connector the standard, with authentication for all the cables! That would be great... Then we could just blame system failure in a bug on the authentication layer!

The need for interoperability is where most of the problems seem to come from. Properly securing and making a system truly bulletproof just isn't always justified.

Secure OS from ground up? (1)

aglider (2435074) | about 2 years ago | (#41673515)

Or maybe Kaspersky will engineer some tightly security checked distribution of Linux/*BSD/Solaris?
Kaspersky should also take into account solutions like L4 or Minix3. I fear that really witing an OS from zero would be overkilling.

ICS? (1)

SuperMooCow (2739821) | about 2 years ago | (#41673749)

Ice Cream Sandwich? Android?

Useless Waste of Resources (0)

Anonymous Coward | about 2 years ago | (#41673933)

I am not sure whether these people realize, but SCADA systems are highly proprietary, integrated, dedicated systems. Very few run on general purpose hardware. Most run on very constrained resources, require certification from safety bodies to put into the field, and have been tested for thousands if not tens of thousands of hours of operation.

The last system I put into operation, was based on a 50 MHz 8051 derivative, with 48kiB ROM and 2kiB RAM. Sorry, but there is no room for "security" from a 3rd party. It is assumed that the SCADA master my product was connected to, was responsible for all security. None of these systems are connected to the internet, either.

Quite a few of the companies I deal with, have built their own SCADA controllers over the years. They are not interested in divulging details of these systems to anyone. They generally contain highly secretive algorithms for controlling processes, optimizing well production, or ensuring flows across different parts of the their pipelines.

But, here's a security firm who has no exposure to real life, who thinks they will go play with the big kids. So reminiscent of http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage [wikipedia.org] .

Good luck with that.

In Soviet Russia... (0)

Anonymous Coward | about 2 years ago | (#41673941)

In Soviet Russia, OS secures *you*!

To prevent a Stuxnet repeat (0)

Anonymous Coward | about 2 years ago | (#41674453)

Sounds like Siemens wants to avoid future Stuxnet attacks. And, surprize, the Russians want to help them out.

Kaspersky will get the job (0)

Anonymous Coward | about 2 years ago | (#41674487)

Why? Low pay to the coders is why. I've seen this happen in the Fortune 100-500 before too. CO$T$ ARE EVERYTHING nowadays.

* Personally speaking - I think it'd be STUPID to have a foreign power doing the work here (yes, even IF it's Kaspersky) actually, but... then again, we live in a world of insanity, where the "holy dollar", rules!

APK

P.S.=> A pal of mine rose to VP status @ a LARGE ISP (very large) & his secret? Making projects under budget (not necessarily under the timeframe allotted, as in deadlines) - & how? His secret was what I noted above!

E.G. - He's from Russia, & knew TONS of coders there (and, he's an EXCELLENT one himself, which was such a shame he went into mgt., but, the money was there, & I can't blame him that with a new family started etc.)... it goes on, like mad (or, is not "offshoring/outsourcing" a problem?) - he pay them $5 per hour (whatever the rate was, it was way, Way, WAY below what was allotted for wage-per-hour to the coders), & yet, the ISP was paying out $150/hr. ranges (guess who POCKETED the $145/hr. difference, people...

... apk

oh and (0)

Anonymous Coward | about 2 years ago | (#41674543)

oh and its made secure buy locking it into a box and the users cant touch it...never ever gets a virus again....

Kaspersky is part of the problem... (0)

Anonymous Coward | about 2 years ago | (#41674679)

Kaspersky? Seriously?

It would be like asking a company that sells poor tire patchs in order to fix cheap tires (that shouldn't need patches in the first place btw) to suddenly start building 'Y' rated tire to put on a Bugatti Veyron.

Will only work if we get rid of the biggest issue (1)

rat7307 (218353) | about 2 years ago | (#41675191)

This is all good in theory, but let's not forget WHY we have ended up here:

The Customer.

The Customer WANTED to have Windows based servers, the customer wanted to have integration on to their business networks using Windows protocols and standards.

DCS vendors for DECADES had their own OS's from the PLC up to the HMI , granted they were not secure, but they didn't need to be as they were not externally accessible, nor could they run anything untoward.

When the customer sees this new OS and can't get the data they want on to the managers desktop without expensive interfaces/hardware they will vote with their wallets and maintain the status quo.

I don't believe this will go anywhere.

SCADA/DCS/ICS Vendors will harden up their systems end-to-end and customers will still go and put VNC on their servers negating any work on the vendors behalf.

Qubes: the secure OS (1)

dgharmon (2564621) | about 2 years ago | (#41675599)

"After nearly three years of development, Invisible Things Labs has finally released Qubes 1.0, a Fedora 17-based Linux distribution that tries to be as secure as possible by isolating various applications in their own virtual machines using Xen. If one of the applications is compromised, the damage is isolated to the domain it's running in" link [linuxuser.co.uk]
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...