Technology

62063 readers

4692 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

1069

Anonymous: Trump is making America weaker and we’ll exploit it - News Cafe (www.news-cafe.eu)

submitted 2 days ago by eirenicon@lemmy.sdf.org to c/technology@lemmy.world

166 comments fedilink hide all child comments

Anonymous: Trump is making America weaker and we’ll exploit it. The international hacker community is preparing to strike against U.S. infrastructure and calls for public awareness against incoming fascism

you are viewing a single comment's thread
view the rest of the comments

[+] TypicalHog@lemm.ee -10 points 1 day ago (1 children)

I'm all for attacking infra - we need to make this shit more resilient and we need to transition to memory-safe langs like Rust. This will hopefully accelerate it. Also, I lol at people saying Trump/Elon/Doge will destroy the US when in reality - these kinds of people who wanna attack it probably have way better chances to do so.

[–] addie@feddit.uk 14 points 1 day ago (2 children)

Memory safety is just a small part of infrastructure resilience. Rust doesn't protect you from phishing attacks. Rust doesn't protect you from weak passwords. Rust doesn't protect you from network misconfiguration. (For that matter, Rust doesn't protect you from some group of twenty-year old assholes installing their own servers inside your network, like you say.) Protecting your estate is not just about a programming language.

"Infrastructure", to me, suggests power, water, oil and food, more than some random website. For US infra, I'm thinking a lot of Allen-Bradley programmable logic controllers, but probably a lot of Siemens and Mitsubishi stuff as well - things like these: https://www.rockwellautomation.com/en-us/products/hardware/allen-bradley/programmable-controllers.html.

Historically, the controllers for industrial infrastructure (from a single pumping station to critical electrical distribution) have been on their own separate networks, and so things like secure passwords and infrastructure updates haven't been a priority. Some of these things have been running untouched for decades; thousands of people will have used the (often shared) credentials, which are very rarely updated or changed. The recent change is to demand more visibility and interaction; every SCADA (the main control computer used for interactive plant control) that you bring onto the public internet so that you can see what it's up to in a central hub, the more opportunity you have to mess up the network security and allow undesirables in.

PLCs tend to be coded up in "ladder logic" and compiled to device-specific assembly language. It isn't a programming environment where C has made any inroads over the decades; I very much doubt there's a Rust compiler for some random microcontroller, and "supported by manufacturer" is critical for these industries.

[–] TypicalHog@lemm.ee 1 points 20 hours ago

All of this is true, but we will eventually have to migrate to Rust. Will probably take decades tho. Rust is absolutely not a silver bullet, but will help in certain cases.

[–] anon_8675309@lemmy.world 2 points 1 day ago

Take my upvote!!!