We have the EU to thank for that - another well-thought-out policy from BrusselsBazza06 wrote: ↑Sun Apr 15, 2018 10:56 pm
I don’t know the mechanics of it well enough but when changes to the law made it available for any registered business that provided key replacement services the ability to have access to the programming software previously only supplied to the manufacturers authorised dealers this issue sky rocketed.
Vehicle Security - Theft Methods Deployed By Thieves
Correct. I was one of many that opposed it but was peeing in the wind.Ian.g wrote: ↑Mon Apr 16, 2018 9:36 pmWe have the EU to thank for that - another well-thought-out policy from BrusselsBazza06 wrote: ↑Sun Apr 15, 2018 10:56 pm
I don’t know the mechanics of it well enough but when changes to the law made it available for any registered business that provided key replacement services the ability to have access to the programming software previously only supplied to the manufacturers authorised dealers this issue sky rocketed.
Previously owned:
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
Re internal barriers / access control. How robust is your building entrance? If your building has good access control measures there is an argument that additional internal controls are not necessary except to areas such as sever rooms as the people you have allowed in are likely to have free movement anyway.John_M wrote: ↑Mon Apr 16, 2018 8:55 pmIt sounds like a single point can break the whole system, they'd need rethink it - security isn't just about stopping the bad guy, it is assuming you can't and how do you limit what they can get for given effort - I find it amazing at work (top half of FTSE 100), when I am inside the n/w I don't encounter barriers between areas.Bazza06 wrote: ↑Sun Apr 15, 2018 10:56 pmI’m also taking into account the cost and time involved in updating the vehicle software to the thousands of affected vehicles each time the code is cracked .
I don’t know the mechanics of it well enough but when changes to the law made it available for any registered business that provided key replacement services the ability to have access to the programming software previously only supplied to the manufacturers authorised dealers this issue sky rocketed.
Updating software shouldn't be expensive - arrives in dealer, plug in card, vehicle confirms by encryption certificate it is valid and untampered and updates - 2 mins work, but they don't design it to be easily updatable.
One problem though, engineers and programmers don't generally think like hackers, so tend to not see the holes.
Previously owned:
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
Building? Think more like sites world wide (pretty much all servers though are in secured data centres.) with user numbers in order of tens of thousands plus outsourced support around the world and remote working connecting by VPN - pretty large computer network. The computer network all seems fairly open, personally I would be keep parts isolated from each other if only to limit damage virus could do.Bazza06 wrote: ↑Mon Apr 16, 2018 9:47 pmRe internal barriers / access control. How robust is your building entrance? If your building has good access control measures there is an argument that additional internal controls are not necessary except to areas such as sever rooms as the people you have allowed in are likely to have free movement anyway.
Sorry, I missed the NW part of your post and had in mind you were talking about the building you work inJohn_M wrote: ↑Mon Apr 16, 2018 11:25 pmBuilding? Think more like sites world wide (pretty much all servers though are in secured data centres.) with user numbers in order of tens of thousands plus outsourced support around the world and remote working connecting by VPN - pretty large computer network. The computer network all seems fairly open, personally I would be keep parts isolated from each other if only to limit damage virus could do.Bazza06 wrote: ↑Mon Apr 16, 2018 9:47 pmRe internal barriers / access control. How robust is your building entrance? If your building has good access control measures there is an argument that additional internal controls are not necessary except to areas such as sever rooms as the people you have allowed in are likely to have free movement anyway.
IT isn't my area - thankfully
Previously owned:
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
IT security N/W isn't my worry now, but I do have a background in it. I write software (or atm direct writing), most of my stuff is for internal use only and not web based so not hugely worried about hackers. But I am not convinced our IT security staff are much better than the script kiddies that knock on the door so to speak.
IT guys are not necessarily the smartest kids on the block, a few years ago I was the Engineering Services Manager at a Bank’s Computer Centre.
One Saturday one of my shift guys rang me to see if I had heard that there was a Worldwide problem with the server controlling the Hole in the Wall Cash machines, apparently an IT guy wanted to test run a new server and he totally ignored the label and pulled the plug of the Cash machines server to use its supply.
Being the Engineering Boss I was in charge of Security hardware, typically IT server rooms require a swipe card being scanned by a card reader together with entering on a keypad a four figure access code. Plus very few IT guys were given access into the server room, those that needed temporary access were escorted.
You think server rooms are secure, now a Banks cash centre takes the biscuit, no radio electronics, only mechanical and electro-mechanical interlocked airlocks.
One Saturday one of my shift guys rang me to see if I had heard that there was a Worldwide problem with the server controlling the Hole in the Wall Cash machines, apparently an IT guy wanted to test run a new server and he totally ignored the label and pulled the plug of the Cash machines server to use its supply.
Being the Engineering Boss I was in charge of Security hardware, typically IT server rooms require a swipe card being scanned by a card reader together with entering on a keypad a four figure access code. Plus very few IT guys were given access into the server room, those that needed temporary access were escorted.
You think server rooms are secure, now a Banks cash centre takes the biscuit, no radio electronics, only mechanical and electro-mechanical interlocked airlocks.
Col
Macan Turbo
Air, 20” wheels, ACC, Pano, SurCam, 14w, LEDs, PS+, Int Light Pack, Heated seats and Steering, spare wheel, SC, Privacy glass, PDK gear, SD mirrors, Met Black, rear airbags
Macan Turbo
Air, 20” wheels, ACC, Pano, SurCam, 14w, LEDs, PS+, Int Light Pack, Heated seats and Steering, spare wheel, SC, Privacy glass, PDK gear, SD mirrors, Met Black, rear airbags
I did hear recently that companies are favouring younger IT workers over older more experienced workers in the same field.John_M wrote: ↑Tue Apr 17, 2018 6:10 pmIT security N/W isn't my worry now, but I do have a background in it. I write software (or atm direct writing), most of my stuff is for internal use only and not web based so not hugely worried about hackers. But I am not convinced our IT security staff are much better than the script kiddies that knock on the door so to speak.
The company I work for made redundant two IT guys with 50 years experience between them and replaced with a 20 year old. It hasn’t worked and that person, a contractor, is now leaving.
Previously owned:
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
Wasn’t there a similar story in the news not so long ago with someone unplugging a piece of IT equipment that sent the business in turmoil? Was it an airport? I can’t remember.Col Lamb wrote: ↑Tue Apr 17, 2018 6:32 pm IT guys are not necessarily the smartest kids on the block, a few years ago I was the Engineering Services Manager at a Bank’s Computer Centre.
One Saturday one of my shift guys rang me to see if I had heard that there was a Worldwide problem with the server controlling the Hole in the Wall Cash machines, apparently an IT guy wanted to test run a new server and he totally ignored the label and pulled the plug of the Cash machines server to use its supply.
Being the Engineering Boss I was in charge of Security hardware, typically IT server rooms require a swipe card being scanned by a card reader together with entering on a keypad a four figure access code. Plus very few IT guys were given access into the server room, those that needed temporary access were escorted.
You think server rooms are secure, now a Banks cash centre takes the biscuit, no radio electronics, only mechanical and electro-mechanical interlocked airlocks.
Previously owned:
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
We had someone working on our SAN - I believe they were pulling redundant PSU for servicing, unfortunately they pulled the wrong one - no problem mistakes happen, unfortunately it was at this point they find the SAN configuration hadn't saved to disk so when it came back up it didn't know where any partitions etc. were - I think there was something like a thousand oracle databases on it. They got almost everything back, but it took out about 2/3rds of our systems for a period. There are several lessons that needed re-learning painfully yet again.Col Lamb wrote: ↑Tue Apr 17, 2018 6:32 pmOne Saturday one of my shift guys rang me to see if I had heard that there was a Worldwide problem with the server controlling the Hole in the Wall Cash machines, apparently an IT guy wanted to test run a new server and he totally ignored the label and pulled the plug of the Cash machines server to use its supply.
-
- Similar Topics
- Replies
- Views
- Last post
-
- 18 Replies
- 1528 Views
-
Last post by Bazza06
-
- 17 Replies
- 3357 Views
-
Last post by andreas
-
- 3 Replies
- 409 Views
-
Last post by wab172uk
-
- 24 Replies
- 2131 Views
-
Last post by Monaco2323
-
- 5 Replies
- 940 Views
-
Last post by Cobnapint