
How the JPL works to secure its missions from adversaries - ajaviaad
https://techcrunch.com/2020/02/09/the-war-against-space-hackers-how-the-jpl-works-to-secure-its-missions-from-nation-state-adversaries/
======
TimTheTinker
Fascinating article! One of the most interesting details is that they create
logical network graphs, then query them using Datalog to logically quantify
threats to each subsystem given access to a particular area. The example given
in the article is querying all possible attack paths to all systems from the
cafeteria WiFi network.

------
Stierlitz
“a spike in CPU usage might indicate a compromised server being used for
cryptocurrency mining.”

What's abnormal about that statement is that it is now considered normal.

~~~
thrower123
A generation ago, it would probably have indicated that engineers were goofing
off playing Doom...

------
apawloski
Here is the NASA Inspector General’s report on JPL cybersecurity practices
from last year:
[https://oig.nasa.gov/docs/IG-19-022.pdf](https://oig.nasa.gov/docs/IG-19-022.pdf)

------
cat199
> Each mission at JPL is like its own semi-independent startup.

We as people used to call these 'projects'.. I fail to see how a funded
mission within a gov't organization which will never sell anything is anything
at all like a small company bootstrapping a commercial product..

------
astrea
Didn't they get hacked by a raspberry pi the other day?

------
jvanderbot
Awesome! I worked lately with Arun on a proposal to do some R&D on this topic.
Great to see it getting some sunlight.

But man, talking about "the JPL" reads awkwardly.

------
ycombonator
All their stuff got exfiltrated to China long time ago. It’s too late
compadres.

------
supernova87a
They lost me at "the" JPL.

------
saber6
As a network architect I'm kind of surprised they couldn't answer basic
questions such as "can someone sitting in a general user access segment (eg
Cafeteria) access critical resource X by default?"

This is a fairly standard infosec method already in use for a long time
(defense in depth, enclave-based security architectures, etc).

Not knocking them - JPL are wonderful people. If I had to guess they did not
have funding for this prior, got caught (embarrassed) and now are correctly
allocating resources to deal with the issue. Good news!

~~~
xenihn
My girlfriend's family has a bunch of software engineers who worked on various
space programs as employees for the major defense contractors (Boeing,
Lockheed Martin, Raytheon), and they had nothing but bad things to say about
NASA software engineers, and working with NASA in general. Maybe things have
changed in the past 16 years, though. Could also just be typical private vs.
public rivalry.

~~~
oso2k
Professional rivalries. But IMO, NASA engineers are some of the best and many
approach the “scary smart” or renaissance levels of breath & depth of
intelligence. Also, on the whole, at least at JPL, our engineers were some of
the most ethical in terms of personal accountability and corporate
accountability. Fewer ethics violations and higher accuracy in identifying and
reporting ethics violations especially as compared to the rest of the
industry.

~~~
exdsq
Is there a general sort of background for a JPL engineer? Do they tend to come
in straight after university or do they join later in their careers? It must
be fun to work on such critical systems with so little margin for error.

~~~
oso2k
Physics, Engineering, Math, Science, CS were obviously prized backgrounds.
Over the last 10 years, I think JPL is diversifying but I couldn’t be sure.
When I joined as an intern in 2002 out of college, there was a huge push for
youth. It used to be that more than 40% of The Lab had 20 years or more
experience at The Lab. 33% were due to retire within 10 years. My first mentor
there retired after 42 years with The Lab. It was an amazing place to learn
and grow in my 20s. Awesome problems to work on and even more amazing people,
humans, to work with.

You can see what they’re looking for here
[https://jpl.jobs/](https://jpl.jobs/)

~~~
WWLink
Question for ya: Are the outsider recruiters of any use? I've been contacted
by them before but I get the impression you're better off just applying.

~~~
oso2k
Recruiters don’t seem to be useful. Apply on your own.

------
foobarbecue
Nobody says "the JPL." It's just "JPL".

~~~
ajaviaad
Techcrunch says the JPL

~~~
foobarbecue
Haha, good point. I meant they did that in error.

------
DailyHN
The Space Force

~~~
Stierlitz
“there's a red-thingy moving toward the green-thingy .. I think we're the
green-thingy.”

