Thread: Chinese to build powerstation in UK
View Single Post
Old 22-10-2015, 10:45   #18
Ignitionnet
Inactive
 
Join Date: Jun 2008
Location: Leeds, West Yorkshire
Age: 47
Posts: 13,995
Ignitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny stars
Ignitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny stars
Re: Chinese to build powerstation in UK
Quote:
Originally Posted by mrmistoffelees View Post
Your infosec course not teach you about stuxnet?

https://en.m.wikipedia.org/wiki/Stuxnet
Yes, which is why I specifically mentioned that Iranian facilities were compromised physically. Some tool brought a USB key into the enrichment facility by most accounts.

Strangely enough I've studied Stuxnet, hence my specifically mentioning SCADA systems. I've read the reports and indeed read the code.

Even had the pleasure of discussing a dissertation on that exact subject, given it was nation state malware using zero-days.

Quote:
To my knowledge the US still has an import block on huawei products
Political. Nothing to do with fears of information security. Going by Snowden's revelations the Chinese would be far more justified to avoid Cisco kit.

Quote:
Finally and again returning to your infosec course every system in the world can be airgapped boxed off but it only takes one human to make a mistake and its compromised
Indeed, as I referred to in my post. So explain to me why it matters that China are building the plant?

I referred to out of band communication and airgapping specifically as the primary reason for concern over China building the thing would be a fear they could remotely control the plant. Physical infiltration is a risk whatever.

Regardless of who builds it it is vulnerable to human error, and regardless of who builds it the SCADA systems may be running commercial software which will potentially be vulnerable.

I would highly recommend reading what I wrote with more care, rather than assuming that my course, the best Information Security course in the country, is deficient and/or I'm not paying attention

---------- Post added at 11:45 ---------- Previous post was at 11:43 ----------

Quote:
Originally Posted by Hugh View Post
Or not have any power, which would be cheaper, but sub-optimal....
A third alternative is perhaps to borrow the money ourselves, given that we can borrow at historically low rates, and handle the construction domestically.

We are seeing a rather disturbing trend of money leaving the country due to these policies, which is why while GDP per capita is back at pre-crisis levels, disposable income per capita is not - more and more of our national income is being exported.
Ignitionnet is offline   Reply With Quote