LabVIEW
A virus written in G?
I think there so many way to hang society,
boats, cars, power plants, trains , water control, alarm system ....
i 'm curious to know exaclty how much percent labview code is present in those domains
just curious , nothing more ............
@tinnitus wrote:
I think there so many way to hang society,
boats, cars, power plants, trains , water control, alarm system ....
i 'm curious to know exaclty how much percent labview code is present in those domains
just curious , nothing more ............
which reminds me of book my wife had me read recently that used the acronym "TEOTWAWKI" that we pronouce "tea-ot-wok-ie" which stands for
"The End Of The World As We Know It".
I recall my jaw dropping when they sugested I take a pick-up truck when going to purchase ammo.
The expression MALWARE is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. Hence Express VIs will fall under that category (annoying program code). So if you do not use Express VIs you should be safe. Or put it in your contract with your Labview software developer. That No Express VIs are to be used. You should be safe for any Labview malware
Ben, I can't believe that any system is unbreakable. I'm sure that it'd be pretty tough to get into a military system of the US, much more than into (suspected target of stuxnet) Iranian atom program. But I really forgot to mention this in my analysis of 'spreading' of such a virus: social engineering and similar means.
I don't understand how this works, but I'm sure intelligence people have made a science out of it since ages. But personally, I look like Captain Jack Sparrow without being Johnny Deep. And I work in some research facilities of major global companies. They do care what you are doing in these places, but I only get hassled by police/customer/'other official' youngsters in the train on my way back home. The best of all was the police-guy who searched me for drugs after I came from Singapore! To reverse: Any well-dressed woman sitting next to me would be very safely smuggling anything...
Well, I could share a lot of strange stories about 'social hacking'. You can get almost everywhere.
What about the nuns from 'swords to ploughshares' (?) that demolished some rockets with atomic bombs (?).
What about that suspected (?) Islamic amok in an US base?
What about 9/11?
There is not absolute safety possible, we need to arrange with this. Most important: try to guard our freedom against the false prophets of security. But propably I'm getting too political for your taste now...
Felix
@f. Schubert wrote:
Ben, I can't believe that any system is unbreakable. I'm sure that it'd be pretty tough to get into a military system of the US, much more than into (suspected target of stuxnet) Iranian atom program. But I really forgot to mention this in my analysis of 'spreading' of such a virus: social engineering and similar means.
I don't understand how this works, but I'm sure intelligence people have made a science out of it since ages. But personally, I look like Captain Jack Sparrow without being Johnny Deep. And I work in some research facilities of major global companies. They do care what you are doing in these places, but I only get hassled by police/customer/'other official' youngsters in the train on my way back home. The best of all was the police-guy who searched me for drugs after I came from Singapore!
Well, I could share a lot of strange stories about 'social hacking'. You can get almost everywhere.
What about the nuns from 'swords to ploughshares' (?) that demolished some rockets with atomic bombs (?).
What about that suspected (?) Islamic amok in an US base?
What about 9/11?
There is not absolute safety possible, we need to arrange with this. Most important: try to guard our freedom against the false prophets of security. But propably I'm getting too political for your taste now...
Felix
Ben changes hats.
Back when I started with computer the only people that could afford them was the military and banks. So I worked to maintain bank machines and proprietary alrams systems with Diebold Inc. (Yes the same who now do voting mahcines). At that time I had a tilte of "Security Consultant" Whre I hob-nobbed with the heads of security for the Fedral Reserve Bank as well as MBNA.
In that role I was given plans for bansk before they were built and I had to design the security system. The critical number I needed to do this effectively was to know how much they planned on storing or rather what was the value of what they were trying to protect. The idea was to make it more expensive to break in than what could be stolen.
So we did not concider then theft proof to any extreme. Just a hasle.
Next story:
One of the guys I worked with a Diebold was concidered one of the best "safe crackers" in the world (his father taught me to pick locks). He was presented with the challenge of getting into a cash machine where they had lost the combination. He went to another machine of the same model and carefully examined the internal workings. He then went to the target machine and we drilld two holes, tapped them, drove into bolts then backed them out. THe cash machine opened right up!
Similarly Hudini (sp?) when faced with safes would demonstrate not how to break in but how to break out.
So...
I agrre that anything a human can make another human can un-make.
THe barier we put up to defind those thing made should only be as higha as are justified but what is being protected.
So from what I have seen the barrier are high enough and the eye are vigilent so I don't see any LV threats sneaking in.
Also take note that I have said much about the challenges and nothing about any soft spots that exist in LV. TO discuss the detials of such things would be like opening that valut door and letting other see the weak parts.
So let me summarize the security the military has up with a crude analogy.
Spoiler"A virgin does not have to worry about STDs. As long as everyone keeps their floppy in their pants, we can relax*."
Ben
* Can you tell I am an ex-sailor?
Another example is all the different schemes that are used for software copyright protection. What they do is only to create trouble for the legit user. Like if you are supposed to use a customer computer with Labview development software installed. And need to replace a network card. This will cause all Labview licensees to cancel. Very nifty I must say. The piracy user will only laugh about this. But for the legit user it may cause big trouble.
I guess we could continue to discuss the vulnerabilities of the US Military, but perhaps we risk having the NSA knock on our door.
Based on Ben's comments, it seems like they run a very tight ship (another Navy reference!). Though, I am sure that other quasi-governmental entities aren't quite so strict (e.g. Power Plants?).
But getting back on topic: I'm more curious about the idea of viruses spreading into new domains (like G). Stuxnet, I believe, was the first malware to attack PLCs (Siemens). And they have already spread into mobile phones.
NI has a lot of hardware that runs embedded code (e.g. PACS). One of Siemens' downfalls was the use of a default password (duh!). Do we dare discuss the vulnerabilities of NI products here?
