BlackOut2003 - "More sutainted Software/IT needed?"

Robert Michel news at
Sat Aug 23 17:54:45 UTC 2003

Salve FSF-people!

after the BlackOut 2003 the massmedia were only looking for symptomes for the 
big black out, but not for reasons why it was so big. So I started to do 
research on Saterday last week and now 7 days later non-stop working on it I 
fould a lot of facts like
- the enegy industrie has a big problem with IT-security
- that there have been a Slammer worm attack at the Davis-Besse nuclear power 
plant on 25.01.2003 inside the control network[1] 
- there was no firewall between business and  control network
- power plants use Windows 2000
- SCADA, used for controll and comand case in the energie sector is not secure
- SCADA use Port 135, the same as W32.Blaster
- the EoD gave hints how to secure SCADA in 21 (!) steps
- on 13.08.2003 the NERC anounced a "Cyber Security Standard"
- power plants use unencrypted WLAN
- there are important SCADA comunications over public internet
- The Departemant of Homeland Security has call on blocking port 135
  (when it is not realy needed for business) to power plants and ISPs

I will not say why it was - but the energy companies are in big IT-trouble!

On the second look, this big problems are a big trouble for the IT branche, 

I fear that action which will now takes will conceal only the symptomes and 
will not solve the reasons. Actions of the Departemant of Homeland Security 
are also a likely danger that some IT-firms which are friends of the 
Bush-adminsitration, will influce the "Cyber Security Standard" and other 
actions in their interest.

My result is that it is needed  to call for "More sutainted Software" and IT 
I have a 70kB German text with English quotes written to be maby published
at the online-magazin telepolis

What are your opinion about this?
Would be great if some experiant German-reading person would contact me.

And I would like feedback of a FSF-Speaker to answer me questions for this 


-Go to
- Use "Advanced Search"
-Search for "Davis-Besse" & Filter with "worm"
- Press "Search"
- Open " 1. (91) Davis-Besse - Worm Virus Infection E-Mail.
ML031040567   2003-04-02 7 
05000346 NPF-003 2003-04-02 2003-04-15 --------- FOR INFORMATION ONLY--------- 
WORM VIRUS INFECTION On January 25, 2003 a server on the Plant Network was 
thought to be infected with the MS- SQL Server Worm. The consequence of the 
infection was large amount

More information about the Discussion mailing list