Researchers identify 23 vulnerabilities, some of which can exploited with no authentication.
See full article...
See full article...
Network-connected wrenches in factories can be hacked for sabotage or ransomware
- Thread starter JournalBot
- Start date
Upvote
-11
(1
/
-12)
I’m confused by the number of posters who conflate “network-connected” with “internet-connected”. The story even points out that these things would typically not be internet-connected, requiring an attacker to first get access to the private LAN they are running on. But then some posters: “shouldn’t they run such things on a private LAN”? 
Upvote
12
(12
/
0)
Upvote
1
(1
/
0)
Upvote
0
(0
/
0)
I had to go looking for this comment, because it's exactly right. There's a number of articles even here on Ars mentioning recalls for improperly torqued seatbelts. Manufactures use the logs from these tools to identify which vehicles need to be inspected/repaired, instead of needing to recall every single vehicle. These kinds of tools make stuff better, cheaper, and easier to identify when something is wrong.
Upvote
15
(15
/
0)
Hopefully someone has already mentioned this but:
For systems engineering tracking of manufacturing, keeping a log of results and outliers of individual parts being created/integrated is a long standing manufacturing process that you see across many industries, including chip fabrication. This means a traveling record of a part that logs the tolerences of how a process/step completed, i.e. 1% with spec, 5% within spec and so on.
Once the manufacturing/assembly process is complete, this record travels with the part to help determine if the part can be milspec or meets the criteria of the end buyer. Having a network connected one makes sense in terms of tracking and logging these, as well as avoiding mistakes in the torque settings in this particular case.
My initial respohsne to this article was to be scornful as well, so, hopefully some follow-up can happen on who buys/uses these devices and are they intended for home use or the sorts of systems engineering practices described above.
For systems engineering tracking of manufacturing, keeping a log of results and outliers of individual parts being created/integrated is a long standing manufacturing process that you see across many industries, including chip fabrication. This means a traveling record of a part that logs the tolerences of how a process/step completed, i.e. 1% with spec, 5% within spec and so on.
Once the manufacturing/assembly process is complete, this record travels with the part to help determine if the part can be milspec or meets the criteria of the end buyer. Having a network connected one makes sense in terms of tracking and logging these, as well as avoiding mistakes in the torque settings in this particular case.
My initial respohsne to this article was to be scornful as well, so, hopefully some follow-up can happen on who buys/uses these devices and are they intended for home use or the sorts of systems engineering practices described above.
Upvote
2
(2
/
0)
Ah ha! found it. Hopefully Dan G highlights this comment to avoid further "hur-hur-hur IoT wat?!?"
Upvote
2
(2
/
0)
Upvote
5
(5
/
0)
It would not surprise me to learn that Iranian engineers putting together centrifuges for refining uranium use them.
Upvote
4
(4
/
0)
I was going to launch a tirade about how stupid it is to have "smart" wrenches, etc., but reading the article, OK, there is a use case for precision work in factories. Still, seems like some dedicated RF system would be better.
Also, thanks to Ars for this:
I'm glad not to have to skim over the usual corporate bullshit ladled into the article out of some misguided sense of journalistic fairness. Separately, this kind of honesty is greatly appreciated.
Also, thanks to Ars for this:
I'm glad not to have to skim over the usual corporate bullshit ladled into the article out of some misguided sense of journalistic fairness. Separately, this kind of honesty is greatly appreciated.
Upvote
3
(4
/
-1)
I didn't make it past the first paragraph. Network connected wrenches... this really is the dumbest timeline.
Upvote
-16
(1
/
-17)
There actually is a reason for it, just... not what I consider a good enough one. Those preset torque levels could have easily been set and updated without a network connection involved. It was a security vulnerability just asking to be exploited.
Upvote
-8
(2
/
-10)
I really don't want to be that guy that gripes about new technology all the time. Honestly. I eat, sleep, breathe and shit technology in my day to day life and I love the convenience it brings and the potential it has to make life easier for people.
But then I read shit like this. Anyone who thinks their torque wrench needs an embedded computer at all let alone a networked one needs to get their head checked out. Where is the efficiency or productivity benefit to doing it this way vs. an old-school torque wrench? You turn the bolt, wrench goes "click", now it's torqued to spec. If it's a safety-critical application, you calibrate the torque wrench frequently, and have a QC guy go around and double-check the torque with another also frequently-calibrated torque wrench. No computer, no astronomical cost, and no ransomware.
I want to be excited for the ways new technology can improve our lives, but instead people use it to slow down and add needless complexity and points of failure to our systems and procedures, usually because our bloated management classes are obsessed with incorporating every new safety procedure and device that hits the market in the endless struggle to cover their asses from our dysfunctionally litigious society.
But then I read shit like this. Anyone who thinks their torque wrench needs an embedded computer at all let alone a networked one needs to get their head checked out. Where is the efficiency or productivity benefit to doing it this way vs. an old-school torque wrench? You turn the bolt, wrench goes "click", now it's torqued to spec. If it's a safety-critical application, you calibrate the torque wrench frequently, and have a QC guy go around and double-check the torque with another also frequently-calibrated torque wrench. No computer, no astronomical cost, and no ransomware.
I want to be excited for the ways new technology can improve our lives, but instead people use it to slow down and add needless complexity and points of failure to our systems and procedures, usually because our bloated management classes are obsessed with incorporating every new safety procedure and device that hits the market in the endless struggle to cover their asses from our dysfunctionally litigious society.
Upvote
-13
(0
/
-13)
Well, as one of those "a clicking torque wrench is just as good" people, that kind of answers my questions about it, but can you give an example? What kind of product has millions of fasteners that all have unique torque values? And even in those situations you'd think any one technician would only be working with a certain set of fasteners in a given day that they could remember or quickly refer to a cheat sheet, which brings you back to the clicky torque wrench.
Upvote
-5
(0
/
-5)
The design of this wrench apparently assumes that it must be connected to some kind of network at the same time it is being used. I do not agree with this assumption. Specified torque values and logging per bolt could be accomplished using only local [on wrench] memory. At the end of the shift, the wrench would be docked. This dock would charge the battery and connect to isolated local network by RJ-45. Logs could be uploaded, torque settings for the next shift could be downloaded and saved, and this would be a good time for some self testing. The user interface for the wrench would be disabled while connected to charger and/or network.
This would not be a perfect solution, and the implementation is likely more complex than I imagine.
I just wonder if this was even considered.
Upvote
-4
(0
/
-4)
A fully isolated lan just for these devices would be a perfectly fine solution, so long as it was impossible to connect any other devices, such as by using keypairs for authentication.
You can absolutely make this work - I was partially responsible for a fleet of several hundred handhelds that were shepherded to a company VLAN only for them, they went years with not a single attack. On the other hand, this was around 2015, and I'm not sure I would be sleeping nights these days, especially since the days are over for handheld devices where every single aspect of what could run, and how the OS and hardware was configured, was completely controllable. On my favorite devices of the day, EVERYTHING of importance was on read-only memory, and to make the most trivial setting persist across boots took some measure of work.
Upvote
0
(0
/
0)
This used to be the way a lot of these kind of devices worked - you hotsynced them at some interval. The problem is, if you lose the data, you probably have to go back and scrap, or at least redo, a hell of a lot of work (if you can even identify what was affected).
Having the data go and from a central secure store is a good idea, provided everything is built and secured right, and not simply assembled out of webdesigner lego where even the developers don't know how it works or what it's dependent on anymore (but malware users certainly do).
Upvote
8
(8
/
0)
How is that better, though? Oh, it’s got an RJ-45 connection to the network? The network connection is temporary? Neither of those provide any meaningful security value.
Upvote
9
(10
/
-1)
No, I’m just explaining how many executives will see it. Unless the cost of using these products with poor security is greater than the cost of more employees, the employees will continue to get pink slips. I don’t like it, but that’s economics.
Upvote
0
(0
/
0)
It is easier to do a MITM attack against a wireless, always on device, and it is easier in general to do attacks against devices that are always connected.
Upvote
2
(3
/
-1)
These are run on private LANs. If you’ve got access to the private LAN sufficient to attack one of these devices, the only difference will be whether or not you have access to a zero-day that can operate through whatever interface the device uses.
Upvote
8
(8
/
0)
We have taken control of your device. It will not release your private part until we receive your bitcoin payment.
If you do not pay within 4 hours, it will begin to suck in other parts in and begin to slowly tighten.
Upvote
0
(1
/
-1)
!
Upvote
-2
(0
/
-2)
Keith Tanner
Ars Tribunus Militum
If you’ve ever used a torque wrench that reports the actual torque you just applied, you know that you’re not really that accurate with your clicky wrench. It’s close enough for stuff like lug nuts, but when tolerances are really tight it’s not good enough. The fact that the examples in the article were of 0.054 and 0.15 Nm indicates that we‘re looking at very small values here.
I think there have been enough other examples in this thread of why automatic setting and logging of fastener torque is desirable.
Upvote
5
(5
/
0)
Upvote
0
(0
/
0)
Was this software developed in the '90? Because the vulnerability list reads like that. This was developed without ANY of basic the programming rules of the last 20 years. I mean every vulnerability class is on the list: SQL injection, hardcoded credentials, stack and heap overflows, you name it.
Upvote
2
(2
/
0)
Upvote
0
(0
/
0)
They hired some guy whose experience was gleaned from stackoverflow.com
Upvote
0
(0
/
0)
Even stackoverflow is full on methods how to safely protect against SQL injection.
Upvote
1
(1
/
0)
Mostly confined to questions asking how to avoid it. A lot of the popular answers to questions that use SQL tend to do it the wrong way with the assumption that the consumer of the answer knows that you need to do additional work to mitigate SQL injection.
Also, lots of the more popular answers to more popular questions are a decade or more old and will never be updated. Don't get me wrong, Stack Overflow used to be an invaluable resource back when I was a greener developer, but today it has a massive problem. It needs some serious curating or risk becoming irrelevant.
Upvote
0
(0
/
0)
The bigger question is why every company feels every device needs any type of network connection in the first place. Much less that security isn't just an afterthought, it's of no thought at all.
Upvote
-2
(0
/
-2)
"Well, that's just stupid."
[http://www.script-o-rama.com/movie_scripts/i/i-robot-script-transcript.html]
[http://www.script-o-rama.com/movie_scripts/i/i-robot-script-transcript.html]
Upvote
-1
(0
/
-1)
This sentence feels a bit out of context. That could be one outcome of a fastener that is too loose, but it's very context dependent. Apparently another outcome could be a section of plane falling off (hey, if feels like too long since we've stuck it to Boeing...) Inadequately torqued fasteners are never good, but fire risk isn't always the consequence.
Upvote
1
(1
/
0)
