this post was submitted on 10 Jan 2024
62 points (95.6% liked)

Technology

58431 readers
5248 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s
[email protected]
[email protected]
[email protected]
enu
[email protected]
L4s
62
Hackers can infect network-connected wrenches to install ransomware | Researchers identify 23 vulnerabilities, some of which can exploited with no authentication (arstechnica.com)
submitted 8 months ago by L4s to c/technology
25 comments fedilink hide all child comments
 

Hackers can infect network-connected wrenches to install ransomware | Researchers identify 23 vulnerabilities, some of which can exploited with no authentication::Researchers identify 23 vulnerabilities, some of which can exploited with no authentication.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 8 months ago (1 children)

Not an industrial process engineer, so I can't tell you all the possible reasons, but in general it works out well to assume that people have a reason for why they do stuff, and doubly that you probably can't do someone's job better than them with 10 minutes of thinking.

My initial guess would be that you want the system to record "yes, I tightened these bolts", and then you want that record to have a matching "I inspected these bolts and they were correct" follow-up entry.
My next thought would be what you do if the sticker falls off. In the sticker only solution, you have to look up the part, and then enter the parameters into the tool. In the networked system, you look up the part and then the system programs the tool. Automatic is going to be faster and have less errors. Both of those improve product quality and save money, through time, not having to fix error, or having to dispose of parts that were made incorrectly and can't be salvaged.

The existence of a vulnerability is very different from the exploitation of that vulnerability.
You fix the vulnerability, but you don't need to worry too much when a prerequisite is that the attacker has already gained a privileged position in the system.

This is "oof" not "oh shit".

[–] captainlezbian 1 points 8 months ago

I am that kind of engineer and yep that’s why I’d use them. And yeah the hacker that has your wrench probably has your assembly line and server too.