Friday News and Notes
- Eric Byres has been named an ISA Fellow and will be officially awarded the distinction at ISA Expo next week. Well deserved honor for his work in the control system security community in general and ISA 99 in particular.
- It appears that Cisco is discontinuing their Host IPS, the Cisco Security Agent. Back when Digital Bond started, 1998 – 2000, we actually sold and installed Cisco security products. There was a pattern – - Cisco buys security company with HIDS – - Cisco says this new tech is the greatest ever, push it – - Cisco discontinues product. I’m always leery of recommending any security product without a large installed base, and by large I mean large for the company selling it. The last product with a small installed base we recommended was the early SSL VPN by Neoteris [bought by Netscreen who was bought by Juniper] because it was revolutionary VPN tech.
- A vuln in OSIsoft’s PI server was disclosed by C4 and the CERT’s this week. It is related to the encryption in the authentication process and is fixed in the 380 release. Based on a little insider knowledge, kudo’s are deserved for Eyal and the C4 team as well as OSIsoft for their handling of this vuln and disclosure. It is refreshing to have a few positive examples this year. [FD: OSIsoft is a participant in the Bandolier and Portaledge research projects and past S4 sponsor]
- An Australian electric utility purportedly staved off the W32.Virut.CF virus by switching HMI from Windows to Linux on the fly according to an article. My guess is they did not stop the infection on the fly, but rather used an OS that was not vulnerable to the virus as a recovery approach rather than trying to purge the virus. Probably a wise decision if there was “ineffective segregation” of the corporate and SCADA networks.
Author: Dale Peterson
Posted: October 2nd, 2009 under Uncategorized.
Comments: none
Write a comment