On Wed, Oct 6, 2010 at 6:20 PM, Ian Thomas <il.tho...@iinet.net.au> wrote: > Yes, in the last year or so I've looked at the Google PowerMeter, Microsoft > HOHM, etc – ‘looked' meaning that I read the web pages, followed a few > links, looked at some blogs, looked at some info on controllers, etc. I > haven't actually hooked up any systems to hardware and power corps. > > Missed HEAT, though. > > Since originally posting, I've looked into what's evolving in SCADA – I see > the reticence to connect to internet, and the slow acceptance of TCP/IP > protocol (many proprietary protocols were used, years ago). I trust that any > new “SmartGrid systems” will work out the necessary security protections > (and not rely on security by obscurity).
I'd like to draw you attention to this: http://www.mail-archive.com/cryptogra...@randombit.net/msg00086.html I think people get too caught up in saying and paying respects to "security by obscurity" but not taking in the whole picture, as the poster there makes a nice note of. It is appropriate to keep things secret, it is appropriate to keep things offline even if it's slightly counter-productive (depending on your *thread model*), and so on. I certainly don't "trust" that any SmartGrid would automatically be secure. It seems like just the opposite would be true. The recent padding oracle is actually pretty amusing in this regard. Even I remember when the oracle-type attacks were discussed, and nobody really noticed or did anything. Yet the vector existed for a long time (in multiple environments, and probably will continue to do so in some old libraries). Even when people *know* about vulnerabilities, products are still realised insecurely. Stuxnet again is a classic example of this. I really hope that if anyone does implement some sort of system, they have a rigorous system of security. But then again I really don't know anything about the topic, just wanted to draw your attention to the security-by-obscurity is Bad (tm) is not neccessarily a wise approach. After all, an AES key is just some "obscure" number. And obscurity (lack of information) is what solves the padding oracle attack. It makes sense, as I see it, to have "core" componentry *not online*, and other parts online. If it doesn't need to be online, don't make it so. > I don’t know much about building management systems, apart from a few radio > broadcasts. (much -> 0) > > ________________________________ > > Ian Thomas > Victoria Park, Western Australia -- silky http://dnoondt.wordpress.com/ "Every morning when I wake up, I experience an exquisite joy — the joy of being this signature."
