[Xunxi]

It's only a matter of time, there's gonna be physical casualties at some point in time. We've all seen it in the movies. Experts have warned of the dangers of tethering vital utilities controls to the internet.

Is it not possible to develop protocol or device that operates outside of the web but functions like the'two-man' rule used to launch nuclear bombs?

[lazide]

Those devices don’t work like a nuclear bomb control does - that is adding resistance/controls to taking an action.

The appropriate analogy is more like a nuclear reactor. They require some system controls to stay functional and healthy (water temp increases in loop x, increase motor speed of pump y, if already at or exceeding speed z, set off an alarm).

These controls need constant monitoring in a control station somewhere, sometimes tuning or fixing if there is a bug or issue somewhere, etc.

A lot of the cost of a nuclear plant is trying to cover every possible scenario and being compliant with endless regulations for stuff like this (and everything else).

That most non-nuclear plants don’t want to deal with the hassle and expense shouldn’t surprise anyone. That non-nuclear plants often don’t even TRY to cover basic cases SHOULD dismay and surprise people. These issues have been well known and publicized for literally 30 years.

A reason safety guys in these industries have the saying ‘regulations are written in blood’ is often not because no one sees the danger. Rather, until the body count reaches a certain point, no one can justify the expense to require it be fixed.

[dreamcompiler]

> the'two-man' rule used to launch nuclear bombs?

Yes. It's called Threshold Cryptography and it generalizes 'two-man' rule to require that N of M authorized users agree to an action.

But it's not really necessary here. What's needed for infrastructure is to get it off the internet and to quit using insecure operating systems and languages.

[Jerry2]

>It's only a matter of time

According to some sources, it's been done before:

>CIA plot led to huge blast in Siberian gas pipeline

>Thomas Reed, a former US Air Force secretary who was in Ronald Reagan's National Security Council, discloses what he called just one example of the CIA's "cold-eyed economic warfare" against Moscow in a memoir to be published next month.

>Leaked extracts in yesterday's Washington Post describe how the operation caused "the most monumental non-nuclear explosion and fire ever seen from space" in the summer of 1982.

>Mr Reed writes that the software "was programmed to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welds".

https://www.telegraph.co.uk/news/worldnews/northamerica/usa/...

[extropy]

It's like 100x more expensive.

Would be nice to have separate data lines, running fiber optics sealed in pressurized conduits for double tamper detection. The military actually does this for their critical infra.

[mschuster91]

> Would be nice to have separate data lines, running fiber optics sealed in pressurized conduits for double tamper detection.

At least German Telekom has been doing this for ages for the trunk cables serving entire areas with analog phone service - although not for tamper detection as an anti-spionage measure, but rather to detect and pinpoint damage to the cables, e.g. from excavators, tree growth or splice seals degrading.

[oasisbob]

Pressurizing conduits also helps prevent water ingress.

[shagie]

One such example... a test done at the Idaho National Lab

https://www.wired.com/story/how-30-lines-of-code-blew-up-27-...

That lab tends to specialize in cybersecurity and infrastructure.

https://www.wired.com/2011/10/idaho-national-laboratory/

The critical infrastructure part of the lab:

https://inl.gov/critical-infrastructure-protection/

[lebuffon]

"It's only a matter of time, there's gonna be physical casualties at some point in time. We've all seen it in the movies."

You mean like a pandemic? ;)