1970s again

The Rocketry Forum

Help Support The Rocketry Forum:

kevin.mcgee

Active Member
TRF Supporter
Joined
Dec 27, 2020
Messages
30
Reaction score
28
Maybe the answer is we need to have out hackers hit Russia if that is where this started.
General Nakasone has taken the gloves off. We are not sitting idly by and letting whomever do whatever they want. You’re just not going to hear about it.
 

kevin.mcgee

Active Member
TRF Supporter
Joined
Dec 27, 2020
Messages
30
Reaction score
28
isnt that he case?

I, a generic & bored 'smart guy', manage to hack you & hold you hostage. You pay me the $$ I demand. I then flee [retire] to the Turks & Cacos.. I can still come & go with impunity; you have no idea of who I am..

the guy behind 'KnowBe4' used to be a hacker. Look at him now.. How many other hackers have become legit & well employed to 'fight their own kind'?

There is always 'someone else'...
Speaking of the Iranian nuclear program and cyber security. Google “Stuxnet”
 

kevin.mcgee

Active Member
TRF Supporter
Joined
Dec 27, 2020
Messages
30
Reaction score
28
Payload, please understand my angry face emoji on your post has nothing to do with you and everything to do with the corporation passing the cost of their monumental stupidity down to us, the consumers.

Now, I identify as fiscally conservative and understand and support capitalism. However, this is one of those RARE times when I think the government should force the offending corporation to forgo passing the costs on to the consumer and tell them to suck it up, buttercup. Actions (or inaction) should have consequences. If they recoup their "losses" by charging us for cleaning up their FUBAR, then they avoid the negative consequences of a decidedly negative failure to take appropriate precaution.

Maybe the costs should come out of the CIO's and CEO's compensation packages.

</rant>
I think the root cause is companies not willing to pay for some serious cyber security defenses. I think that infrastructure operators should be required by law to have galaxy class cyber defenses. Worrying about if the ransom is passed on to the customers is closing the barn door after the horse has left.
 

kevin.mcgee

Active Member
TRF Supporter
Joined
Dec 27, 2020
Messages
30
Reaction score
28
Between TOR, Darkweb, VPS, IP spoofing, staying completely untraceable on the internet is easy. And to that, payment by bitcoin? You cannot stop someone you cannot identify.
Everything you list can be defeated. Some take more effort than others. There is a ranking of cyber bad guys based on their available resources. Top of the heap is nation-states who are assumed to have unlimited resources. Flip that around if a good guy is a nation-state, it has unlimited resources to find you. Everything that crosses the Internet leaves a trail of bread crumbs. Go https://www.fireeye.com and get their report on APT1.
 

dhbarr

Amateur Professional
Joined
Jan 30, 2016
Messages
7,273
Reaction score
1,705
Anyone here hear of TOR, Router Bots, etc>? Completely un-traceable
Eh, less traceable. Ish. OS, browser, DNS queries, etc. still leave fingerprints everywhere.
 

John Kemker

Well-Known Member
TRF Supporter
Joined
Aug 25, 2019
Messages
1,887
Reaction score
818
I think the root cause is companies not willing to pay for some serious cyber security defenses. I think that infrastructure operators should be required by law to have galaxy class cyber defenses. Worrying about if the ransom is passed on to the customers is closing the barn door after the horse has left.
You have a point, but something needs to be done to wake these E. a. asinus haberdashers up.
 

Peartree

Cyborg Rocketeer
Staff member
Administrator
Global Mod
Joined
Jan 6, 2009
Messages
5,507
Reaction score
971
Location
Alliance, Ohio
I think the root cause is companies not willing to pay for some serious cyber security defenses. I think that infrastructure operators should be required by law to have galaxy class cyber defenses. Worrying about if the ransom is passed on to the customers is closing the barn door after the horse has left.
After a few incidents like this one (and hopefully just one will be enough), it may well be that insurance companies for large corporations will begin to put cyber security into their policies. What I mean is, policies may explicitly state that the insurance company doesn't pay out if the corporation doesn't have cyber security that meets certain standards. That, or premiums will increase for companies with lax security. You may be skeptical, but after the Oklahoma City bombing and 9-11, everyone pays an additional premium for terrorism. And, after several church shootings, etc. local congregations are having conversations with their insurers about building security. The insurance companies are going to pay out claims and their response will be to push stricter requirements, and/or increased premiums to cover this "new" eventuality. Those increased premiums, we hope, will drive increased cyber security awareness.
 

RocketT.Coyote

Well-Known Member
Joined
Jan 20, 2009
Messages
1,245
Reaction score
94
Waiting for speed limits to be rolled back to 55 MPH nationwide. Truckers would do 70 anyway.
 

lakeroadster

Lonewolf.... No Club
Joined
Mar 3, 2018
Messages
2,615
Reaction score
1,450
Location
Central Colorado
I'm pretty sure the venn diagram of anti maskers and people who would fill a tote with gasoline are two overlapping circles.
Would you personally feel better, if she was wearing a mask? I'm not talking about today, but two days ago, when the nanny state told you we all had to?

1621090601421.png
 

CrazyModelGuy

Well-Known Member
Joined
Mar 31, 2016
Messages
54
Reaction score
17
Yep, a more forceful response than righteous outrage. Maybe an attack in kind ? We have some hackers on our side, right ?
Unfortunately not many. My one buddy from high school spent 5 years in a federal jail because he hacked a bank and a credit reporting agency do his girlfriend could buy a house! LOL. He said they showed no interest in hiring hackers "officially". Many times they are used to counter hack and get shortened sentences
 

Bowman

Well-Known Member
Joined
Mar 8, 2014
Messages
239
Reaction score
153
Would you personally feel better, if she was wearing a mask? I'm not talking about today, but two days ago, when the nanny state told you we all had to?

View attachment 464299
AND talking on the cellphone...
Can't put that thing down even to do something dangerous. Never mind the ESD risk with the polyethylene tote.
From the looks of things though, she might have a small can inside that tote and uses the tote to catch spills.
 

afadeev

Well-Known Member
TRF Supporter
Joined
Sep 21, 2017
Messages
1,726
Reaction score
954
Would you personally feel better, if she was wearing a mask? I'm not talking about today, but two days ago, when the nanny state told you we all had to?
Neah, she is outdoors. Same answer today, and X-many days ago.

But she should be required to always wear her Magaca hat, as a fair warning to others. So normal people can see her coming from afar.
Like the dude below:


Smoking and pee-ing at the gas pump are optional, but earn extra "Darwin award" qualification points:



😎
 
Last edited:

lakeroadster

Lonewolf.... No Club
Joined
Mar 3, 2018
Messages
2,615
Reaction score
1,450
Location
Central Colorado
Neah, she is outdoors. Same answer today, and X-many days ago.

But she should be required to always wear her Magaca hat, as a fair warning to others. So normal people can see her coming from afar.
Like the dude below:


Smoking and pee-ing at the gas pump are optional, but earn one extra "Darwin award" qualification points:



😎

I stopped taking my camera to family events. Based on the family photo's you just posted, if I may suggest, perhaps you should do the same?
 

modeltrains

Well-Known Member
Joined
Jun 29, 2011
Messages
1,490
Reaction score
356
https://mwi.usma.edu has a an article about failing to train conventional forces for irregular warfare
Interesting stuff there.
And on a bit of a tangent,
The thought connects with the photos my brother just emailed me about half an hour ago of an AWI reenactment event May 1 & 2 he participated in at Mt Vernon.
He goes as 1st Virginia Regiment in uniform; and/or as militia/irregular.

(and daaaang he looks good in that uniform)
(a lot of which he made)
 

Doug Holverson

Well-Known Member
Joined
Jul 4, 2012
Messages
331
Reaction score
152
If it's going to the the '70s again, at least bring back Centuri Engineering! And maybe even AVi Astroport or FSI.....

I filled up my '98 Dodge pickup in Moorhead, Iowa ($2.93). It took almost the full 30 gallons. I almost felt like one of those dumb hoarders on the coast. At least some things are better thann the '70s. My '73 F-250 with 360 from way back then only got 8mpg. The Dodge with 360 gets 16 mpg.13.3 towing a Studebaker camper special over the Grand Tetons and back to Omaha. Yes, I did that....
 

Bill S

Well-Known Member
Joined
Aug 6, 2019
Messages
760
Reaction score
364
Unfortunately not many. My one buddy from high school spent 5 years in a federal jail because he hacked a bank and a credit reporting agency do his girlfriend could buy a house! LOL. He said they showed no interest in hiring hackers "officially". Many times they are used to counter hack and get shortened sentences
This seems incredibly short-sighted and stupid on the part of the fed.gov. Whether anyone will admit it publically or not, we are at war with Russia and China. It just isn't with conventional weapons; its cyber attacks, propaganda campaigns, political subversion, all kinds of asymmetrical warfare. If we don't get on the ball damn soon, we're going to lose alot more than some money. We're talking about the literal survival of our nation. And that kind of war won't be won with nukes or large invasions, etc.

It could be won with a combination of counter-hacking/propaganda, hit teams of CIA operatives taking out enemy hackers/support personnel, etc, whatever needs to be done. But with weak leadership and an apathetic fed.gov, it won't.
 

jrap330

Retired Engineer, NAR # 76940
TRF Supporter
Joined
Jan 25, 2020
Messages
673
Reaction score
198
Location
NJ
Would you personally feel better, if she was wearing a mask? I'm not talking about today, but two days ago, when the nanny state told you we all had to?

View attachment 464299
I am assuming most states require fuel to be dispense in the "approved" Gas Cans. So Wawa get out the Wawa police
 

Michael L

Random Pixel Generator
TRF Supporter
Joined
Sep 22, 2020
Messages
308
Reaction score
233
Location
Weimar, TX
These attacks always drive me nuts, b/c nobody ever holds the infrastructure operator liable for ignoring basic industry standard safety precautions.

It's always about the Big Bad Hackers when, in fact, the owners have left the keys in the ignition of the money truck, idling in a bad neighborhood.

Am I excusing the thieves? Not at all. But at some point there has to be some accountability for absolute negligence WRT securing critical system operations.
Not true. PHMSA rules, among other things, includes network security.

(1) The SCADA system (I design and program SCADA and control systems) was not compromised. They shut the line down "out of an abundance of caution". They got skeert... Their corporate business network was hacked and that was probably from inside. Some doofus probably clicked on an email he or she wasn't supposed to or downloaded something at home and brought it to work. Firewalls abound in the corporate IT world in the energy business.

(2) The Colonial pipeline ships fuels in batches. Ie Jet A followed by a buffer fluid followed by diesel followed by a buffer fluid followed by 100 low lead Av gas, etc ,etc ,etc. At the receiver end... btw... there are a lot of receipt points on the line, a densitometer (and usually an operator just in case, looks for a density change that signifies that the product stream is switching to buffer fluid at the expected time of arrival (not all of the time in other words). Valves switch to a buffer tank, the densitometer looks for whatever product they are receiving, when it sees the cut valves switch and the product flows to the product tank. We built a plant near Midland, PA that took propane off of a products line that originated in Chicago, IL. in much the same way. I built the control system for it. It looks like it's still there. The product tanks across the street weren't there. Cool project and cool people

40.628606°
-80.442663°

Years later we (different company) built a truck unloading terminal not too far from Wellsville, OH. I've been across the Newell bridge countless times. Our hotel was across the river in Newell.

(3) Speaking of tanks. The pipeline went down and there was a sudden panic buying (remnants of Covid toilet paper stupidity) because "we're out of gas". No they weren't. Depending on where inventory was there was likely to be 100's of thousands of barrels of products in storage. The pipeline isn't a nozzle straight in to the gas station. It goes to storage first, then it is trucked to the distributor, and that is trucked to the gas stations. This was hysterical panic buying induced shortages.

(4) Very few people know where the sh*t comes from.

(5) I feel like typing today :) and misspelling :) plus screwing up punctuation.

Do any of you know anything about natural gas and oil? Probably not. I like to know where my sh*t comes from plus I've worked in the business for 40+ years.

Lets start with what it's made from. Oil and natural gas is made up of organic molecules, called a hydrocarbon, made from Carbon and Hydrogen. Get it hydro = hydrogen and carbon = carbon.

Sometimes, most of the time, there are impurities like Nitrogen, Oxygen, CO2, and H2S. The CO2 and H2S have to be processed out of the wellhead stream before it is processed further. Rarely N2 is in high enough concentrations that it has to be removed, I've worked on a couple of NRU's over the years but it's energy intensive and costs usually don't warrant building the plant. But that's it, that's the primary components of natural gas and oil, Carbon and Hydrogen. Oh my... those are scary... not.

These are the more useful components of natural gas and oil. The heavier the molecule the more likely it'll ended up in a fuel tank. Typically C5 plus and additives.
C1 - Methane - CH4
C2 - Ethane - C2H6
C3 - Propane - C3H8
nC4 - Normal Butane - C4H10
iC4 - iso-Butane - C4H10
C5....C200+

All of the above can be reformed to something more useful.

We'll get back to ethane and the butanes in a minute. Pentane also has iso and normal versions.
Do you see pattern? CnH2n+2 where N is the number of atoms

Hidden in the compounds that I listed is the methyl group, CH3. Those two little letters and a number impact you and yours every single day. It is the basis for just about everything you can touch or see right now. Plastic, including the covering of the wire or fiber optic cable that brings you the internet, electronic component packages, warm clothes (wasn't it Northface that did some kind of "statement" about fossil fuels. That was hilarious. Don't they know where their material comes from?), computers, methanol, fertilizer, fuel of course, roads, medicine (Zantac has ties to Propane but I could never get the customer to tell me how they used it :) ) on and on and on.

It's energy intensive derive a methyl group from hydrocarbons.

If you were driving down the road and could magically cut your ties to all things related to the oil and natural gas you would find yourself rolling down a dirt road, car gone, naked, and quite possibly dying of whatever ails you because your meds are gone. Oh... and you would also be starving. Even Elon Musk knows the value of the hydrocarbon molecule.

If you drive by a petrochemical plant (not a refinery, but refineries do have hydrogen flares, the refinery creates the feedstock for the petrochemical plant) and you see a stack with a tiny blue flame at the tip, the blue flame is the pilot that ensures that the hydrogen coming out of the stack is lit. You can't see a hydrogen flame. So where does that come from? In very simple terms a petrochemical plant consumes and rejects hydrogen. I'm getting out of my box so we'll leave it at that.

The carbon atom likes company. It has 4 valance (outer) electrons that want to hang out with friends. Hydrogen has 1 valence electron. In the case of Methane the 4 electrons double bond with 4 hydrogen atoms. I'm not 100% sure that Methane can be made to give up one of it's hydrogen atoms to form CH3. It would be wasteful and expensive considering that it's a good rocket fuel, and it's good for heating homes, making fertilizer, etc

Here's a diagram of Methane and Ethane

C1 and C2 Structure.png


With Ethane, "all you have to do" is break the C:C double bond and you get two methyl groups and no waste hydrogen. We make and sell a lot of Ethane but it's pricing is volatile due to the amount of it that is on the market.

Here's a diagram of Propane

Image59.gif


Two methyl groups but with an extra carbon (smoke) and two extra hydrogens. Not worth the effort (yet)


Here's a diagram of iso and normal butane

nC4andiC4.jpg

Normal on the left, iso on the right. the - are double bonds (different way of drawing molecules). With normal butane you can split off two methyl groups and have a lot more waste, with iso butane you can split off three methyl groups and have one excess hydrogen.

Back in the late 80's there was a shortage of ethane and we seriously looked at adding an isomerization unit, isom unit for short to convert our normal butane stream to iso butane. It's energy intensive. You need a source of hydrogen and a catalyst. Storing hydrogen isn't the safest thing you can do (they tried it at the Skunkworks when they were developing the SR71)
 

dhbarr

Amateur Professional
Joined
Jan 30, 2016
Messages
7,273
Reaction score
1,705
Not true. PHMSA rules, among other things, includes network security.

(1) The SCADA system (I design and program SCADA and control systems) was not compromised. They shut the line down "out of an abundance of caution". They got skeert... Their corporate business network was hacked and that was probably from inside. Some doofus probably clicked on an email he or she wasn't supposed to or downloaded something at home and brought it to work. Firewalls abound in the corporate IT world in the energy business.

(2) The Colonial pipeline ships fuels in batches. Ie Jet A followed by a buffer fluid followed by diesel followed by a buffer fluid followed by 100 low lead Av gas, etc ,etc ,etc. At the receiver end... btw... there are a lot of receipt points on the line, a densitometer (and usually an operator just in case, looks for a density change that signifies that the product stream is switching to buffer fluid at the expected time of arrival (not all of the time in other words). Valves switch to a buffer tank, the densitometer looks for whatever product they are receiving, when it sees the cut valves switch and the product flows to the product tank. We built a plant near Midland, PA that took propane off of a products line that originated in Chicago, IL. in much the same way. I built the control system for it. It looks like it's still there. The product tanks across the street weren't there. Cool project and cool people

40.628606°
-80.442663°

Years later we (different company) built a truck unloading terminal not too far from Wellsville, OH. I've been across the Newell bridge countless times. Our hotel was across the river in Newell.

(3) Speaking of tanks. The pipeline went down and there was a sudden panic buying (remnants of Covid toilet paper stupidity) because "we're out of gas". No they weren't. Depending on where inventory was there was likely to be 100's of thousands of barrels of products in storage. The pipeline isn't a nozzle straight in to the gas station. It goes to storage first, then it is trucked to the distributor, and that is trucked to the gas stations. This was hysterical panic buying induced shortages.

(4) Very few people know where the sh*t comes from.

(5) I feel like typing today :) and misspelling :) plus screwing up punctuation.

Do any of you know anything about natural gas and oil? Probably not. I like to know where my sh*t comes from plus I've worked in the business for 40+ years.

Lets start with what it's made from. Oil and natural gas is made up of organic molecules, called a hydrocarbon, made from Carbon and Hydrogen. Get it hydro = hydrogen and carbon = carbon.

Sometimes, most of the time, there are impurities like Nitrogen, Oxygen, CO2, and H2S. The CO2 and H2S have to be processed out of the wellhead stream before it is processed further. Rarely N2 is in high enough concentrations that it has to be removed, I've worked on a couple of NRU's over the years but it's energy intensive and costs usually don't warrant building the plant. But that's it, that's the primary components of natural gas and oil, Carbon and Hydrogen. Oh my... those are scary... not.

These are the more useful components of natural gas and oil. The heavier the molecule the more likely it'll ended up in a fuel tank. Typically C5 plus and additives.
C1 - Methane - CH4
C2 - Ethane - C2H6
C3 - Propane - C3H8
nC4 - Normal Butane - C4H10
iC4 - iso-Butane - C4H10
C5....C200+

All of the above can be reformed to something more useful.

We'll get back to ethane and the butanes in a minute. Pentane also has iso and normal versions.
Do you see pattern? CnH2n+2 where N is the number of atoms

Hidden in the compounds that I listed is the methyl group, CH3. Those two little letters and a number impact you and yours every single day. It is the basis for just about everything you can touch or see right now. Plastic, including the covering of the wire or fiber optic cable that brings you the internet, electronic component packages, warm clothes (wasn't it Northface that did some kind of "statement" about fossil fuels. That was hilarious. Don't they know where their material comes from?), computers, methanol, fertilizer, fuel of course, roads, medicine (Zantac has ties to Propane but I could never get the customer to tell me how they used it :) ) on and on and on.

It's energy intensive derive a methyl group from hydrocarbons.

If you were driving down the road and could magically cut your ties to all things related to the oil and natural gas you would find yourself rolling down a dirt road, car gone, naked, and quite possibly dying of whatever ails you because your meds are gone. Oh... and you would also be starving. Even Elon Musk knows the value of the hydrocarbon molecule.

If you drive by a petrochemical plant (not a refinery, but refineries do have hydrogen flares, the refinery creates the feedstock for the petrochemical plant) and you see a stack with a tiny blue flame at the tip, the blue flame is the pilot that ensures that the hydrogen coming out of the stack is lit. You can't see a hydrogen flame. So where does that come from? In very simple terms a petrochemical plant consumes and rejects hydrogen. I'm getting out of my box so we'll leave it at that.

The carbon atom likes company. It has 4 valance (outer) electrons that want to hang out with friends. Hydrogen has 1 valence electron. In the case of Methane the 4 electrons double bond with 4 hydrogen atoms. I'm not 100% sure that Methane can be made to give up one of it's hydrogen atoms to form CH3. It would be wasteful and expensive considering that it's a good rocket fuel, and it's good for heating homes, making fertilizer, etc

Here's a diagram of Methane and Ethane

View attachment 464426


With Ethane, "all you have to do" is break the C:C double bond and you get two methyl groups and no waste hydrogen. We make and sell a lot of Ethane but it's pricing is volatile due to the amount of it that is on the market.

Here's a diagram of Propane

View attachment 464430

Two methyl groups but with an extra carbon (smoke) and two extra hydrogens. Not worth the effort (yet)


Here's a diagram of iso and normal butane

View attachment 464428
Normal on the left, iso on the right. the - are double bonds (different way of drawing molecules). With normal butane you can split off two methyl groups and have a lot more waste, with iso butane you can split off three methyl groups and have one excess hydrogen.

Back in the late 80's there was a shortage of ethane and we seriously looked at adding an isomerization unit, isom unit for short to convert our normal butane stream to iso butane. It's energy intensive. You need a source of hydrogen and a catalyst. Storing hydrogen isn't the safest thing you can do (they tried it at the Skunkworks when they were developing the SR71)
I don't much care which of their networks were compromised, except to say if it was their controls network then that's even worse.

Office networks are also securable, and failure to do so is just as inexcusable as not inspecting piping for corrosion or letting the drains on your roof get plugged up.
 

tsmith1315

Well-Known Member
Joined
May 16, 2020
Messages
805
Reaction score
594
Location
Doerun, GA
After a few incidents like this one (and hopefully just one will be enough), it may well be that insurance companies for large corporations will begin to put cyber security into their policies.
What would these policies pay for, lost revenue? That might help the company, but it wouldn't stop the price increases to the consumer.
 

Michael L

Random Pixel Generator
TRF Supporter
Joined
Sep 22, 2020
Messages
308
Reaction score
233
Location
Weimar, TX
I don't much care which of their networks were compromised, except to say if it was their controls network then that's even worse.

Office networks are also securable, and failure to do so is just as inexcusable as not inspecting piping for corrosion or letting the drains on your roof get plugged up.
That sounds easy. How do you stop someone from bringing a USB stick or drive to the office? Make a policy? That works for people that follow policies to the letter.

If someone hasn't separated their business network from the control network by now they need a new IT department.

I will add that this incident increased my awareness and I will no longer check personal email at work. We all have the freedom to do that but this incident changes the way I see MY responsibility.
 

H_Rocket

Death by Powerpoint
Joined
Jan 18, 2009
Messages
3,944
Reaction score
291
Location
North Central Texas
That sounds easy. How do you stop someone from bringing a USB stick or drive to the office? Make a policy? That works for people that follow policies to the letter.
That's relatively easy. We had system controls in place that could detect an external mass storage device connected to a USB (or any other port) and would block transfers to and from them. We had the system option, though we did not use it, to tattle on you if you even tried. DLP software in enterprise environments is quite common.
 

John Kemker

Well-Known Member
TRF Supporter
Joined
Aug 25, 2019
Messages
1,887
Reaction score
818
That sounds easy. How do you stop someone from bringing a USB stick or drive to the office? Make a policy? That works for people that follow policies to the letter.

If someone hasn't separated their business network from the control network by now they need a new IT department.

I will add that this incident increased my awareness and I will no longer check personal email at work. We all have the freedom to do that but this incident changes the way I see MY responsibility.
You do like Lowes and some other companies have done: You block USB drives in the OS. That doesn't stope someone from inserting a USB Killer, but it will stop malware from reaching the network.
 

Latest posts

Top