zdnet.com.au — Barry Munns, an Austrailian senior technology auditor, has raised concerns about his profession's awareness of the risks posed by critical infrastructure operators' shift from proprietary systems to open standards-based structures for the management of tasks such as remote control or monitoring of infrastructure, such as substations or water pipes.
May 30, 2006 View in Crawl 4
wiseweaselMay 30, 2006
What a load of FUD. The problem is clearly improper administration, not use of open source software and open standards. How many times do you have to drill into people's minds that security through obscurity is not a solution? Just because it's proprietary doesn't mean there aren't vulnerabilities that should be patched. It's just that they are less likely to be discovered, and so systems tend to remain vulnerable. While this creates less visible work for administrators, the actual security of the system isn't any better. Seems like they need to make sure they hire the proper experts to administer the systems they deploy, not go back to the good ol' days of proprietary software...