1. 30
  1. 6

    If folks are interested in this, a researcher from Trend Micro presented last year in Miami at S4 on a high fidelity, high interaction factory honeypot. There’s both a short intro video (about two minutes) and the full talk available online. I won’t spoil the results, but suffice it to say, they had some interest!

    1. 2

      Great talk, thanks for the link.

    2. 5

      Here is a non medium version : https://outline.com/TH92J6

      1. 2

        That is really interesting. I’m always surprised that these things run open on the internet with a public IP. I’ve always expected them to be behind some kind of VPN.

        Not that this makes the device “secure”, but it just adds one layer of security in case of a vulnerability in these IoT products.

        Sometimes, I’m happy that I’m not working on airplane software, because I might not fly ever again…

        1. 3

          Oh the hardware is already scary enough, no need to look at the software ;)

          1. 2

            Working manufacturing IT / with SCADA systems is really an experience. Lots of very old systems powering very expensive automation and with no security.

            I once saw a storage closet full of VAXes and jokingly asked if I could have one. Nope: backups for the overhead robotic transport system. But they were better than the Windows 2000 systems all around the factory floor that had to be aggressively firewalled off – fewer VMS worms running around the internet.

            1. 1

              For the vintage computing people, this is why it’s hard to find VAXen/Alphas - because companies will buy them up for hot spares!

              1. 1

                The person I e-know who works at a plant that uses software written for VAX has told me they run it under emulation. Unfortunately I couldn’t find the URL for the software in my logs, but I do remember the home page looked very 90s…

                1. 1

                  Replying to myself, the company is https://www.avtware.com/, and my e-friend says emulation is definitely a good option if you have source - maybe not if you don’t .