Omo and Rowley say they informed Securam about both their safe-opening techniques in spring of last year, but have until now kept their existence secret because of legal threats from the company. “We will refer this matter to our counsel for trade libel if you choose the route of public announcement or disclosure,” a Securam representative wrote to the two researchers ahead of last year’s Defcon, where they first planned to present their research.
Only after obtaining pro bono legal representation from the Electronic Frontier Foundation’s Coders’ Rights Project did the pair decide to follow through with their plan to speak about Securam’s vulnerabilities at Defcon.
I’ve worked in a heavy industry space where the “computers” were just slightly complicated circuit boards working together. No OS, no networking, nothing but circuit logic running hilariously important machines. The cabinets were locked in a small area deep in the facility that was manned 100% of the time, and were rarely accessed, so it would be a big event for anyone to interact with them. There were no windows for “someone with a clipboard” to just be waived in to mess with them.
There was no remote access, and no social engineering possible. Anyone who could work on them was well known by everyone who would be in the room. An insider threat was basically the only kind possible, but the only “hacked” output would just be a failed “off” state, which wouls be replaced.
There really are “unhackable” computerized machines out there, but only because calling them “computerized” is a stretch.
Exactly, the computers that used to control our nukes were so old and so simple that they literally can’t do anything but what they were designed to do, they require physically inserting old floppy disks and manually entering codes to access, no network access, no ability to multitask, so malware can’t run in parallel with the other process…singular for the word “process” because those old computers can’t multitask
now they’re using modern computers that just recently got hacked with a sharepoint vulnerability…by the way, a whitelisting application that indiscriminately blocks everything that hasn’t already been allowed to run would’ve blocked the processes of that exploit and prevented anything from happening…I actually use something like that on my windows PCs
All those prehistoric old farts in our government thought that would be an “upgrade” and then they probably just used norton to secure it because they’re too stupid to research anything that might be better
If you think software devs are any better… The more complex our systems become, the more it becomes someone else’s problem. The shit I hear coming out of some of my younger colleagues is just embarrassing sometimes. And they just don’t care. They couldn’t be arsed doing a quick search for a solution, trying to understand things from the other side’s perspective, nothing.
And then they wonder if AI gonna replace them? If you ain’t using your brain, what are you there for?
I’ll give you that, but I blame the public schools for conditioning kids into not using their brains
Even younger politicians can’t be expected to have a clue about this kind of security. And younger tech people might not remember how it used to be done. You need some prehistoric tech farts to tell the prehistoric political farts what’s what.
Just rows and rows of 7400 series ttl logic chips