Private Key Found Embedded In Major SCADA Equipment 105
sl4shd0rk writes "RuggedOS (A Siemens Subsidiary of Flame and Stuxnet fame), an operating system used in mission-critical hardware such as routers and SCADA gear, has been found to contain an embedded private encryption key (PDF). Now that all affected RuggedCom devices are sharing the same key, a compromise on one device gets you the rest for free. If the claims are valid, systems in use which would be affected include U.S. Navy, petroleum giant Chevron, and the Wisconsin Department of Transportation. The SCADA gear which RuggedOS typically runs on is often connected to machinery controlling electrical substations, traffic control systems, and other critical infrastructure. This is the second security nightmare for RuggedCom this year, the first being the discovery of a backdoor containing a non-modifiable account."
Rule One (Score:5, Funny)
Never, ever, name any software "Rugged".
You're just asking for it.
Re:Rule One (Score:5, Funny)
Is that why there are so many hookers named Chastity?
What?? (Score:1, Funny)
What the fuck is wrong with people? Don't they know we live in a post-PC world? Just throw that old gear on the trashpile of history where it belongs and buy everybody iPads. Problem solved.
L /thread
Re:Simens is suicidal (Score:5, Funny)
And all that from a German company.
Well, to be fair, the alloy chosen, the temper, and tooling tolerances, on the shared private key were damn beautiful...
Re:what goes around comes around (Score:4, Funny)
Are you saying that Snow Mexicans are behind this threat?