Useful Links

Recent Posts

Archive

Water Supply System Apparently Hacked, with Physical Damage

18 November 2011

According to press reports, a water utility's SCADA network was hacked. The attacker turned a pump on and off too much, resulting in physical damage to the pump. This is an extremely significant incident, for three reasons:

Arguably, the first point is the most important one. For years, security specialists have been warning that something like this could happen. Although more and more people have started to believe it, we still hear all of the usual reassuring noises — the hackers don't know enough, we have defenses, there are other safeguards, etc. That debate is now over: we have an existence proof. All future debate has to start from this fact: the threat is real. We can argue over magnitude, but not over the possibility.

The second noteworthy point is that it didn't take the cyberwarfare unit of a major nation-state to break in. ("Nation-state"? Are there that many city-states around today that we need to describe which kind of "state" we're worried about? Or is the qualifier intended to distinguish it from nations that aren't states?) Reports point to ordinary vulnerabilites in standard web software.

Finally, the attack caused physical damage to a water pump. It's not enough to wipe the disk of the compromised computer and restore from backups; instead, you have to acquire and install new hardware. This is the really scary part about attacks on SCADA systems: the defenders almost certainly have less replacement hardware than they would need in event of a large-scale, focused, malicious attack.

Exactly what happened here is not yet completely clear. The implications, though, are scary.

Rewriting History

17 November 2011

I just returned from the IETF meeting in Taipei. To avoid carrying too much, I got some ebooks to read on the plane; to make sure I could read something when jet-lag had scrambled my brain, I made sure I had some light reading; in particular, I borrowed ebooks of Isaac Asimov's original Foundation series, since I know them more or less by heart and they don't take much concentration. It worked well; I was indeed able to read a great deal of it, despite being mostly unconscious — until I found that someone had tinkered with it.

I wasn't certain about the first anomaly I spotted: "Could Anacreon supply us with adequate quantities of plutonium for our nuclear-power plant?" But Asimov didn't use the word "nuclear"; I was pretty sure he used "atomic". Later on, when the Time Vault is about to open, the ebook spoke of a "computer" and a "muon beam". I was quite certain that these words were not in my copy.

I confirmed that today. My paperback (the 1972 Avon printing) speaks of atomic power, and the Time Vault is controlled by a "speck of radium" and a "tumbler". Why the changes? To make the text more "modern"? To "translate" the book into modern English? Thanks, but no thanks. One reason I enjoy reading older works is precisely to enjoy the older language, and to meditate on how language has evolved with the times. Making gratuitous changes like these reminds me of a line from E.M. Forster's The Machine Stops where he speaks of people who "will see the French Revolution not as it happened, nor as they would like it to have happened, but as it would have happened, had it taken place in the days of the Machine."

Another interesting question is when the change took place. I suppose that the Avon edition might already differ from the original 1951 Doubleday version, but I think it more likely that it was the Bantam 1991 paperback that had the change, or perhaps their 2004 hardcover. The copyright notice on the ebook says "1951, 1979" — was the change made by Asimov himself to enable renewal of the copyright? If so, that's a case of legally-induced tinkering. Regardless, I don't like it.

There's a larger issue here. If you're studying texts, the edition matters. (This is, of course, not a new statement to many scholars in the humanities.) One sometimes-touted "feature" of cloud-resident ebooks is that mistakes can be fixed, that you can always have the latest version. This isn't always a benefit! To behave like this is to hurt future researchers. I'd rather see the power of electronics used for online versioning: make all editions available simultaneously.