En el artículo ,
newshound escribió:

. As they explained, an "air-gap"
is a good line of defence provided you have very tight control of
anything which might go across it.

You'll like this.

"Audio-based networking may seem an unusual choice for the Internet of
Things, especially when used for machines to bellow information at each
other inside a nuclear power station"

https://www.theregister.co.uk/2017/0...wer_station_io
t_audio_sensors/

--
(\_/)
(='.'=) systemd: the Linux version of Windows 10
(")_(")

On 1/24/2017 4:58 AM, Mike Tomlinson wrote:
En el artículo ,
newshound escribió:

And this is why we don't have PLCs in the final parts of the protection
circuits for nuclear power plants

Yet?

, and also things like steam turbines
and generators which can't tolerate significant overspeed

Interestingly, one of EDF's UK nukes has just had repairs to the turbine
overspeed protection. it's back in service now, so I'm not sure which
one. May have been Hunterston B.

Overspeed trips are quite complicated mechanical systems, they are
regularly tested and occasionally found to be out of spec or to need
adjusting.

Also found this while searching:

"Events reported to ONR by EDF Energy (01 Apr 2012 to 19 Jan 2016)"

https://www.edfenergy.com/file/1914279/download

All unrated, or level 0/1 (not significant). Good to know.


Interesting list, one of the merits of a very open, "no blame" reporting
system. The same list can be found on the ONR site, together with lists
of incidents at other UK nuclear sites.

You'll see that one of the EDF INES 1 events was a double reactor trip
when an offsite fault took down the 400 KV lines. This is the correct
response from the control system, it has that rating because an event
which in itself has no great significance (like loss of a single engine
in a commercial airliner) may be more serious if they occur in
combination with other events.

On 1/24/2017 10:30 AM, Mike Tomlinson wrote:
En el artículo ,
newshound escribió:

. As they explained, an "air-gap"
is a good line of defence provided you have very tight control of
anything which might go across it.

You'll like this.

"Audio-based networking may seem an unusual choice for the Internet of
Things, especially when used for machines to bellow information at each
other inside a nuclear power station"

https://www.theregister.co.uk/2017/0...wer_station_io
t_audio_sensors/

Yes, I did! They explain one of the reasons:

"As for the nuclear power stations, Chirp's tech has found a useful
niche in IoT sensor applications where traditional RF networking cannot
be used. Nuclear power stations have an absolute ban on RF over fears of
interference – thereby ruling out Wi-Fi, Bluetooth and all the usual
go-to wireless networking technologies"

En el artÃ*culo ,
newshound escribió:

Yes, I did! They explain one of the reasons:

"As for the nuclear power stations, Chirp's tech has found a useful
niche in IoT sensor applications where traditional RF networking cannot
be used. Nuclear power stations have an absolute ban on RF over fears of
interference €“ thereby ruling out Wi-Fi, Bluetooth and all the usual
go-to wireless networking technologies"

It also ties in with the air-gap approach to security we were discussing
earlier in the thread. If equipment is networked using Chirp, that's
another vector for attack/infection, showing that air-gapping per se is
meaningless in the context of security.

I worked for some years at an astronomical observatory. RF equipment,
such as wi-fi was banned inside the observing dome while the telescope
was operating to prevent the possibility of it interfering with the very
sensitive CCD detectors used in the instruments.

--
(\_/)
(='.'=) systemd: the Linux version of Windows 10
(")_(")

On 25/01/17 08:25, Mike Tomlinson wrote:
If equipment is networked using Chirp, that's
another vector for attack/infection, showing that air-gapping per se is
meaningless in the context of security.

The staggering non sequitur from the brainless monkey, is noted.

Meanwhile elsewhere, the NHS is dispensing with alcohol hand wipe
dispensers as seniors consultant Mike ****edBrainson has shown that they
are 'just another vector for infection'


--
"When a true genius appears in the world, you may know him by this sign,
that the dunces are all in confederacy against him."

Jonathan Swift.

On 1/25/2017 8:25 AM, Mike Tomlinson wrote:
En el artÃ*culo ,
newshound escribió:

Yes, I did! They explain one of the reasons:

"As for the nuclear power stations, Chirp's tech has found a useful
niche in IoT sensor applications where traditional RF networking cannot
be used. Nuclear power stations have an absolute ban on RF over fears of
interference €“ thereby ruling out Wi-Fi, Bluetooth and all the usual
go-to wireless networking technologies"

It also ties in with the air-gap approach to security we were discussing
earlier in the thread. If equipment is networked using Chirp, that's
another vector for attack/infection, showing that air-gapping per se is
meaningless in the context of security.

If you have got into the turbine hall, you have already breached the
site security. If you can damage an oil, feedwater, or steam pipe this
can cause a big incident. In any case, this is technology transmitting
instrumentation data out to a logger or display, it won't be part of a
control loop. At most, it might provide a trip signal.

En el artículo ,
newshound escribió:

In any case, this is technology transmitting
instrumentation data out to a logger or display, it won't be part of a
control loop. At most, it might provide a trip signal.

In that particular usage scenario, yes. But the point of the Register
article is that Chirp is a layer 1/2 protocol.

You could lay TCP/IP on top of it if you wanted, with all the advantages
and drawbacks that entailed. Some bright spark might decide that it's a
grand idea to install PLC firmware over Chirp - after all, to the
software, it looks just like another TCP/IP node.

--
(\_/)
(='.'=) systemd: the Linux version of Windows 10
(")_(")

On 25/01/2017 08:36, The Natural Philosopher wrote:
On 25/01/17 08:25, Mike Tomlinson wrote:
If equipment is networked using Chirp, that's
another vector for attack/infection, showing that air-gapping per se is
meaningless in the context of security.

The staggering non sequitur from the brainless monkey, is noted.

Meanwhile elsewhere, the NHS is dispensing with alcohol hand wipe
dispensers as seniors consultant Mike ****edBrainson has shown that they
are 'just another vector for infection'



They are if they are used rather than soap and water as everyone with
sense already knows.

They do FA with viruses while soap and water removes them.

dennis@home wrote:

The Natural Philosopher wrote:

the NHS is dispensing with alcohol hand wipe dispensers as seniors
consultant Mike ****edBrainson has shown that they are 'just
another vector for infection'

They are if they are used rather than soap and water as everyone with
sense already knows. They do FA with viruses while soap and water
removes them.

Many local authority non-NHS buildings where alcohol dispensers were
fitted at every door during past swine/bird flu scares, have realised
nobody cleans their hands with them and the cartridges have passed their
use by date, so are now removing them.

"Mike Tomlinson" wrote in message
...
En el artículo , Huge
escribió:

his worked fine for several years, until some plonker
installed some network discovery software at the other end, which dialled
the *outbound* ISDN, connected to my router, said hello (or whatever
it did) and then disconnected. Every few minutes. No-one noticed this
until the bill arrived - for several thousand pounds.

The joys of the call set-up charge. Which ****ing BT has just increased
to 21p per call. #

Bleeding 'ell is it really that much

I'll be using my mobile even more in future

tim

On 26/01/17 14:38, Andy Burns wrote:
dennis@home wrote:

The Natural Philosopher wrote:

the NHS is dispensing with alcohol hand wipe dispensers as seniors
consultant Mike ****edBrainson has shown that they are 'just
another vector for infection'

They are if they are used rather than soap and water as everyone with
sense already knows. They do FA with viruses while soap and water
removes them.

Many local authority non-NHS buildings where alcohol dispensers were
fitted at every door during past swine/bird flu scares, have realised
nobody cleans their hands with them and the cartridges have passed their
use by date, so are now removing them.

Whoosh to both of you...

--
Microsoft : the best reason to go to Linux that ever existed.

On 23/01/2017 13:40, tim... wrote:


"Vir Campestris" wrote in message
o.uk...
On 21/01/2017 18:37, tim... wrote:
"Huge" wrote in message
...
snip
All software has bugs.

but back in the day you used to try and make sure that you found them
all before releasing the product

I've been writing software so long it's getting embarrassing (some of
my colleagues weren't even born) and this has always been true: You
try to find the bugs before you ship the product.

Equally true: You never find them all.

Firmware may need to be updated to maintain manufacturer support, even
without explicit bugs.

not on any firmware I ever worked on (in 35 years)

It went out the door embedded inside the product and was never touched
again

Which merely means that the only chance for it to get infected with
malware was before you shipped it.

I'm not sure what you mean by "merely" .

Surely the point of this infection (under discussion) is that it can
work without you having to break through the physical security systems
of the victim.

It's quite difficult to infect a PROM with malware. The device can't
write to it.

And there were a few viruses around back then - spread on floppies mostly.

Andy

On Thursday, 26 January 2017 14:37:12 UTC, Andy Burns wrote:
dennis@home wrote:

The Natural Philosopher wrote:

the NHS is dispensing with alcohol hand wipe dispensers as seniors
consultant Mike ****edBrainson has shown that they are 'just
another vector for infection'

They are if they are used rather than soap and water as everyone with
sense already knows. They do FA with viruses while soap and water
removes them.

Many local authority non-NHS buildings where alcohol dispensers were
fitted at every door during past swine/bird flu scares, have realised
nobody cleans their hands with them and the cartridges have passed their
use by date, so are now removing them.

I'd heard at my local hospital that they were being stolen by some eastern euopeans and drank as an alchol substitute.

On Thu, 19 Jan 2017 03:09:02 -0800, whisky-dave wrote:

On Thursday, 19 January 2017 11:04:10 UTC, Mike Tomlinson wrote:
En el artÃ*culo , tim...
escribió:

In what way are the BBC passing if off as their own?

It's "BBC branded" on the relevant iPlayer webpage, and touted as part
of the BBC's own Storyville series. Not one mention that it's not a
BBC production, much less that it was first produced a year ago.

They're even offering to sell it on the BBC Store for a fiver!

It clearly says in the credits who produced it

who reads the credits?

Those that want to know who made it or contributed to the making of it.

Or those who simply want an answer to the question,

"Just how old *is this* programme, anyway?"

Knowing the answer to *that* question is particularly useful when
hoovering up, for example, "Horizon" and "Natural World" BBC4 repeats
from the Beeb's Iplayer servers using get_iplayer so as to 'refresh' the
existing archive of the original 720 by 576 SD broadcasts with 1280 by
720 'nearly HD' iplayer versions.

Unfortunately, the 1280 by 720 standard isn't universally applied to
iplayer content, sometimes being spoilt by the use of the oddball 960 by
540 resolution option ("Dad's Army" and "Reel History" being just two of
the many programmes to suffer this indignity).

--
Johnny B Good

On Tuesday, 31 January 2017 00:31:15 UTC, Johnny B Good wrote:
On Thu, 19 Jan 2017 03:09:02 -0800, whisky-dave wrote:

On Thursday, 19 January 2017 11:04:10 UTC, Mike Tomlinson wrote:
En el artÃ*culo , tim...
escribió:

In what way are the BBC passing if off as their own?

It's "BBC branded" on the relevant iPlayer webpage, and touted as part
of the BBC's own Storyville series. Not one mention that it's not a
BBC production, much less that it was first produced a year ago.

They're even offering to sell it on the BBC Store for a fiver!

It clearly says in the credits who produced it

who reads the credits?

Those that want to know who made it or contributed to the making of it.

Or those who simply want an answer to the question,

"Just how old *is this* programme, anyway?"

Usually in roman numeralstoo.


Knowing the answer to *that* question is particularly useful when
hoovering up, for example, "Horizon" and "Natural World" BBC4 repeats
from the Beeb's Iplayer servers using get_iplayer so as to 'refresh' the
existing archive of the original 720 by 576 SD broadcasts with 1280 by
720 'nearly HD' iplayer versions.

Unfortunately, the 1280 by 720 standard isn't universally applied to
iplayer content, sometimes being spoilt by the use of the oddball 960 by
540 resolution option ("Dad's Army" and "Reel History" being just two of
the many programmes to suffer this indignity).

Isn;t that because they are the old aspect ration of 3:2 .
I've seen such program streach to widescreen and they lok crap and it's easy to see the distortion when they try to streach it to 16:9 or 16:10

On Tue, 31 Jan 2017 03:18:24 -0800, whisky-dave wrote:

On Tuesday, 31 January 2017 00:31:15 UTC, Johnny B Good wrote:
On Thu, 19 Jan 2017 03:09:02 -0800, whisky-dave wrote:

On Thursday, 19 January 2017 11:04:10 UTC, Mike Tomlinson wrote:
En el artÃ*culo , tim...
escribió:

In what way are the BBC passing if off as their own?

It's "BBC branded" on the relevant iPlayer webpage, and touted as
part of the BBC's own Storyville series. Not one mention that it's
not a BBC production, much less that it was first produced a year
ago.

They're even offering to sell it on the BBC Store for a fiver!

It clearly says in the credits who produced it

who reads the credits?

Those that want to know who made it or contributed to the making of
it.

Or those who simply want an answer to the question,

"Just how old *is this* programme, anyway?"

Usually in Roman numerals too.

I've gotten pretty adept at deciphering them, what with all the practice
I've had over the past decade or so that I've been recording Freeview
broadcasts. :-)


Knowing the answer to *that* question is particularly useful when
hoovering up, for example, "Horizon" and "Natural World" BBC4 repeats
from the Beeb's Iplayer servers using get_iplayer so as to 'refresh'
the existing archive of the original 720 by 576 SD broadcasts with 1280
by 720 'nearly HD' iplayer versions.

Unfortunately, the 1280 by 720 standard isn't universally applied to
iplayer content, sometimes being spoilt by the use of the oddball 960
by 540 resolution option ("Dad's Army" and "Reel History" being just
two of the many programmes to suffer this indignity).

Isn't that because they are the old aspect ratio of 3:2 .
I've seen such program stretch to widescreen and they look crap and it's
easy to see the distortion when they try to stretch it to 16:9 or 16:10

They use non-square pixels with the video metadata set to produce a 16:9
AR frame, even with 4:3 AR material such as "Dad's Army" when they simply
pillar box it into the required 4:3 AR window.

I'm still recording the SD Freeview broadcasts since there's no
guarantee of iPlayer availability. This provides both a reference and a
'safety recording'. This means I can compare the quality between the
Freeview 720 by 576 and the iPlayer 960 by 540 Pillar boxed versions of
such 4:3 AR material. Since there's almost no discernible difference in
video quality, I tend to use the iPlayer 960 by 540 versions since they
very rarely suffer from end credit vandalism. The only downside to this
choice is the reduction of vertical resolution from typically 572 lines
down to 540 lines which in theory would compromise the quality but in
practice doesn't appear to do so.

Since the original scan line count is a bit of an unknown, along with
the efficacy of the conversion processes used to convert to the 576 and
540 line output formats, it's quite possible that the smaller 540 line
picture is actually the better of the two options (but not by much). I've
never been able to arrive at any conclusion as to which is the better
from a video quality point of view, hence my electing to to opt for the
960 by 540 option to avoid end credit vandalism.

--
Johnny B Good

On 1/25/2017 3:26 PM, Mike Tomlinson wrote:
En el artículo ,
newshound escribió:

In any case, this is technology transmitting
instrumentation data out to a logger or display, it won't be part of a
control loop. At most, it might provide a trip signal.

In that particular usage scenario, yes. But the point of the Register
article is that Chirp is a layer 1/2 protocol.

You could lay TCP/IP on top of it if you wanted, with all the advantages
and drawbacks that entailed. Some bright spark might decide that it's a
grand idea to install PLC firmware over Chirp - after all, to the
software, it looks just like another TCP/IP node.

I agree completely. But it won't have much bandwidth so I would
generally expect it to be restricted to that sort of not particularly
"sensitive" application. It could change, of course.

I believe that at one time there wasn't much bandwidth in the secure
communications to nuclear subs, but I bet there was plenty of security
elsewhere in the chain!

En el artículo ,
newshound escribió:

I agree completely. But it won't have much bandwidth

Understatement of the century

--
(\_/)
(='.'=) systemd: the Linux version of Windows 10
(")_(")