And You Think Closed-Source is Secure

A security researcher has uncovered a slew of vulnerabilities in Siemens industrial control systems, including a hardcoded password, that would let attackers reprogram the systems with malicious commands to sabotage critical infrastructures and even lock out legitimate administrators…

According to the alert, Siemens discovered the password in 2009 and removed it from subsequent systems. But anyone using pre-2009 versions of the S7-300 firmware would likely still have the password installed.

Wired

And people are scared of the security of open source software? Siemens hard-coded a generic password onto a piece of automated industrial equipment (used to make cars AND enrich uranium) AND didn’t fix it for two years after finding out about the problem!

Meanwhile, open source software projects like Firefox and WordPress get a bad rap for security when they fix flaws within a matter of days or even hours.