*Most* of the f-secure FAQ is a good read
(c) 2010. Submitted 3:30 pm ish, Saturday.
*Most* of the f-secure FAQ is a good read.
Their ignorance of the field of process automation shows, however, when they fail to spot the real significance of myrtus.
Any insider with a clue would know that this almost certainly originated as a reference to "my RTUs", where an RTU is a "Remote Terminal Unit", which in this context is a remote device which the PLC program uses for IO which isn't directly attached to the PLC itself.
Now it may of course be that there is a play on words going on here, and that the significance is *both* the biblical one and the industrial automation one. But for a self-proclaimed expert (and a recently arrived one at that) on the subject to not spot the industrial automation connection just makes them look ever so slightly silly. In their defence, obviously f-secure are not the only ones that have failed to spot this, and the rest of their FAQ gets a good mark for effort.
Symantec's writeups on the subject are quite good too (that's not a sentence I *ever* expected to be saying).
But the best I've seen to date comes from Herr Langner, in particular the level of detail in the entry at Oct 1st, 11:00, shows Herr Langner's team (unlike f-secure and many others) has some credibility wrt process control.
http://www.langner.com/en/
F-secure, if you choose to update your FAQ after reading this, please do it nicely.