[SCADASEC] When is innovation a mistake...

Brodsky, Jake jBrodsk at wsscwater.com
Thu Feb 14 13:55:31 CST 2008 

I think you "got it" this time.  Bluetooth devices scare me too.  

There are too many fundamental hacks with Bluetooth.  

Nevertheless, I'm sure they'll get customers from utilities who see
nothing but convenience and who don't understand the risks.  

Joe Weiss has found plenty of substation hardware with wireless
Bluetooth configuration ports for sale as of last January's Distributech
convention in Tampa.  It creeps us all out.  

Jake Brodsky

-----Original Message-----
From: scadasec-bounces at news.infracritical.com
[mailto:scadasec-bounces at news.infracritical.com] On Behalf Of Myrcurial
Sent: Thursday, February 14, 2008 12:29 PM
To: scadasec at news.infracritical.com
Subject: [SCADASEC] When is innovation a mistake...
Importance: Low

http://www.blackberrycool.com/2008/02/14/006571/

"BluFlo has announced the release of a SCADA application for
BlackBerry. SCADA is a system for measuring and controlling
large-scale industrial systems, by bringing data from a bunch of
monitoring stations to one central computer. BluFlo's solution works
with any SCADA setup that uses the Modbus protocol. All data is sent
via secure connection to BluFlo's servers where it can be viewed over
the web, or the data can be sent to an internal server if the user
prefers. The application also features user defined registers, archive
definitions, control limits, and alarms. Combined with something like
the OtterBox, this could come to be a must-have for industrial
engineers."


As one of the IT Security types on the list, I have to say that while
I'm perfectly ok with using a blackberry app for online financial
trades, I find myself at a bit of a loss to determine how and why I
might permit something like this to be installed on a production SCADA
system.  While the device - RIM - BES connection is FIPS140 secure,
I'm not so thrilled with the bluetooth implemention or the implication
that so long as you've got your trusty BB, you don't need hardwire
control.

How does the need to increase separation between control and business
networks change when either party "needs" the assistance of each
other?

Thoughts?

Comments?

IT guy who just doesn't "get" it?

~Myrcurial

_______________________________________________
To unsubscribe from this mailing list, please visit:
http://news.infracritical.com/mailman/listinfo/scadasec

To review our privacy statement, please visit:
http://www.infracritical.com/privacy.html

scadasec at news.infracritical.com
http://news.infracritical.com/mailman/listinfo/scadasec

More information about the scadasec mailing list