General > General Technical Chat
how secure/safe are modem day oscilloscopes??
<< < (4/4)
Warpspeed:

--- Quote from: Benta on September 22, 2022, 07:32:01 pm ---The best thing is to wrap the oscilloscope in tin foil. Problem solved.

--- End quote ---

Yes, good advice.
If you think your oscilloscope is watching you, just place a cover over the screen when not in use.
Bud:

--- Quote from: Infraviolet on September 22, 2022, 09:40:31 pm ---I can't really imagine why you'd want to connect an oscilloscope to the internet, normally.

--- End quote ---

You do not connect oscilloscopes or other Test equipment to the internet, you connect to LAN to make use of network commands to control them, to use software like Keysight Benchvue,etc.  It is just happens that the LAN itself may become accessible from the internet.
Berni:
Yep as others have said. Test equipment is not really secure at all, but at  the same time is so rare that nobody bothers to develop exploits/malware for it.

There are some notable exceptions of osciloscopes, spectrum analyzers etc.. that run Windows XP and similar under the hood and can't be upgraded to anything newer since the computer inside is underpowered or the software/drivers would never run on anything more modern. You do want to keep those off a network.

But when it comes to just regular scopes that use a proprietary OS under the hood, they get security by obscurity. You generally don't expose there open ports out to the internet so people can't connect to it and they never really connect out into the internet on there own, so there is no real way to talk to it from the internet. It is mostly just other machines on your LAN that can talk to it.

So yes anyone that can see your scope on the LAN can send commands to it, but i don't see the reason to do so apart from perhaps playing a prank on someone. Viruses won't use oscilloscopes as a replication method on a LAN because they are too rare for the exploit development to be worth it (they target other PCs or routers or IOT crap etc..).

So yeah if you are worried about a coworker tampering with your scope over the network then have your equipment inside its own VLAN area. Or more simply just buy another network card and plug your scope directly into your PC rather than a network.
ejeffrey:

--- Quote from: Berni on September 23, 2022, 05:14:55 am ---Yep as others have said. Test equipment is not really secure at all, but at  the same time is so rare that nobody bothers to develop exploits/malware for it.

There are some notable exceptions of osciloscopes, spectrum analyzers etc.. that run Windows XP and similar under the hood and can't be upgraded to anything newer since the computer inside is underpowered or the software/drivers would never run on anything more modern. You do want to keep those off a network.

--- End quote ---

Pretty much any benchtop test equipment with a network port is running some widely used commercial OS.  High end equipment indeed often has the embedded version of windows XP/Vista/7, but if it doesn't use that it will have WinCE, VxWorks, or some linux flavor.  At the low end you will find some microcontrollers running FreeRTOS and lwIP or maybe even a wiznet ip stack, but in my experience that is the exception.  Low power or cheap test equipment that uses small microcontrollers generally use USB rather than ethernet.


--- Quote ---But when it comes to just regular scopes that use a proprietary OS under the hood, they get security by obscurity.

--- End quote ---

"Proprietary" operating systems basically don't exist any more.  There are like 6 operating systems that anyone uses in anything and you should assume that active network exploits exist for all of them.  Just become nobody intends to infect your LCR meter with a virus doesn't mean it won't happen.  And even if the instrument hast mostly read only storage and won't be tremendously negatively infected by an attack doesn't mean that it won't then be used to exploit other devices on the network.  Keep in mind that vxi11 is just sun RPC and most ethernet connected instruments have some sort of web server built in too.  These are common enough to get caught up in a lot of vulnerability scanners.


Navigation
Message Index
Previous page
There was an error while thanking
Thanking...

Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod