bestbat09

7 months already open hole in industrial software from Siemens hit the Netherlands. A HP G62 screen system at TNO was wide open.

It just revealed 0-day hole in the remote access to Siemens' factory management software SIMATIC is the worldwide abuse. Industrial systems with so-called SCADA software (Supervisory Control And Data Acquisition) to remotely manage remote access by default open with default password also automatically takes effect when a user enters invalid password.

Netherlands, Delft

Open systems are so over the Internet to find blogs the security researcher who, after seven months silence his discovery now revealed. He thereby provides a link to port scanning site Shodan . It has more than one year ago served as Stuxnet scanner . Worldwide HP G71 screen there are many more systems to be found by simply Googling to the text message that the web interface is on.

Through the SCADA-specific site are outstanding Shodan Simatic systems available. Inspection by Macworld did a Dutch IP address on, what a lookup in the name of research institute TNO. Spokesman Martin L?rtzer reacts quickly to report this vulnerability. It confirms that the IP address of TNO and light their own security people at the institute.

Equal offline

ICT professionals who do not take half measures and block the entire IP address of the HP G72 screen underlying Simatic system. This takes TNO at once the three 'types' of this vulnerability. The Siemens software enables all come three open access services: Web, VNC (remote desktop) and Telnet. Macworld yesterday afternoon has been tested to verify only the first and immediately informed TNO.

All three services are separate as authentication is concerned. Adjusting username / password for one remote access service will not impact the other. The web interface offers enough options to the underlying system to drive them to read the logs and the whole off.

Climate Control

TNO before the blockade of the open web interface is checked what the actual system. In order to estimate the impact of the blockade would be L?rtzer puts out. "It's not a critical system," he knows to report. "It is a climate control for." In such a space can RIP measurements with HP Mini 110 screen different temperatures and humidity.

It was not that great around here RIP was to "freeze", the spokesman still comfortable. However, it was through the open web interface to see what kind of industrial equipment to operate thus: a 10-inch touch panel for climate control equipment used. This so-called HMI panel can be used to operate various industrial equipment: in factories, power plants and environmental chambers.

System Info, Web server logs

The open web interface also gave detailed information about the underlying system. As the HP Mini 210 screen firmware and bootloader version has the batch commands have been run when operators have logged.

The built-in file browser of the web interface allows access to the folder where the actual webserver. It also leads to any inserted memory cards and USB keys. Then the logs are, parameters, configuration files, history and various other files to operate the industrial system.

1-click pwnen

Furthermore, all directly through the web interface all "user data administration" in a handy file to download, but upload. An attacker may be thus obtained. Pwl file HP DM1 screen is provided with its own login account and upload again. Finally, the configuration (called " recipes ") of the industrial equipment available: it can be downloaded, delete, replace and supplement.

If the House does not agree with a ban on downloading from illegal sources, then threaten Brain Foundation and assigns individual HP G42 fan uploaders to court.

Stichting Brein throws the cat among the pigeons. Piracy opponent states in response to a parliamentary debate held Wednesday that if there is no legal prohibition download, including the ability to block illegal sites, owners or their arrows will focus on individual filesharers.

Sue uploaders

"When downloading from obviously illegal HP G50 fan source is not unlawful, and access to sites that illegally downloading facilitate not blocked may be, than there is for persons exercising their right to retain anything else than the current legislation to use the private prosecution of individual users Upload illegal, " writes Brain.

The current law is forbidden to upload but not download from illegal sources. This download is because discounted by the private copying levy. That position is quite unique in Europe HP G60 fan, in most other countries, download from illegal sources is prohibited.

Addressing large fish

Brain still has always been made with individual filesharers alone. The Brain is all about the big fish, the major providers and facilitators.

But these fish can with the current laws already address, as Brain has itself in recent years proven in court. The Foundation has in recent years include Mininova, Share Connector, HP G61 fan various Usenet forums and usenet news service provider Europe through the courts to its knees.

Uploading often unconsciously

D66 MP Kees Verhoeven also reacts negatively to the statement of Mind. "D66 is against the use of content creators without pay, but it is absolutely the wrong way to deal with individual users. This upload is done because in many cases unconsciously, so that should not be criminalized. Brein not think oh , so we'll upload illegal user address. They are defensive and find it on the extremes. This is not good. So when individuals began addressing the House will HP G62 fanreact and what Mind is impossible. "

Wrong attitude

According to Verhoeven, the content industry to a positive embrace offensive mentality. "Brain and the content industry should take into account the room and that is clear: no download ban . The answer lies in innovation and the expansion of legal offers, as well as strengthening of the author's contract and supervision of the management organizations [collective management HP G70 fan organizations, ed ]. It shows once again that organizations like Brain and Buma very far removed from the actual creators. They are also opposed because the download ban. "

Undesirable scenario

Brain-director Tim Kuik denied that request, there is a threat. "It's a scenario that we deem undesirable, like everybody," said Kuik at Macworld.

Brain wants it the alarm bells ringing. The ban on downloading from an illegal source is HP G71 fan necessary because more and more large parties facilitate piracy say that they only facilitate downloading, legal and so are more difficult to address.

If the adjustment in the legislation is not forthcoming, will eventually addressing individual uploaders, the only way for owners to maintain, says Kuik HP G72 fan.

Nokia's French business executives Paul Ah Musai Haslem (Paul Amsellem) in a recent interview, confirmed that there will soon be more high-end Windows Phone handsets available. Paul Ah Musai Haslem said that Nokia Lumia 800 comparable BMW 5 Series sedan,Compaq CQ45 screen Nokia plans to release new 7 Series and 3 Series Nokia phones.

A few years ago, the high-end mobile phone market, Nokia has been left behind, now planned to rise to catch up, using the Microsoft Windows Phone system will help. Nokia N9 and Lumia 800 mobile phone is just a prelude to the future new products, long-awaited Nokia 900 mobile Compaq CQ56 screen phone will add more new selling point. Analysts believe that Nokia focused on tackling high-end smartphones, taking into account the end product is indeed a wise move.

Microsoft Windows Phone system update will also help to return to high-end Nokia phones battlefield. Microsoft's new Windows Phone system updates include adding to the camera optical Compaq CQ61 screenproperties.

Therefore, the global mobile phone vendors will keep a close eye the new Windows Phone Nokia mobile phone.