this post was submitted on 30 Jun 2026
90 points (98.9% liked)
Canada
12117 readers
632 users here now
What's going on Canada?
Related Communities
🍁 Meta
🗺️ Provinces / Territories
- Alberta
- British Columbia
- Manitoba
- New Brunswick
- Newfoundland and Labrador
- Northwest Territories
- Nova Scotia
- Nunavut
- Ontario
- Prince Edward Island
- Quebec
- Saskatchewan
- Yukon
🏙️ Cities / Local Communities
- Anmore (BC)
- Burnaby (BC)
- Calgary (AB)
- Comox Valley (BC)
- Edmonton (AB)
- East Gwillimbury (ON)
- Greater Sudbury (ON)
- Guelph (ON)
- Halifax (NS)
- Hamilton (ON)
- Kingston (ON)
- Kootenays (BC)
- London (ON)
- Mississauga (ON)
- Montreal (QC)
- Nanaimo (BC)
- Niagara Falls (ON)
- Niagara-on-the-Lake (ON)
- Oceanside (BC)
- Ottawa (ON)
- Port Alberni (BC)
- Regina (SK)
- Sarnia (ON)
- Saskatoon (SK)
- Squamish (BC)
- Thunder Bay (ON)
- Toronto (ON)
- Vancouver (BC)
- Vancouver Island (BC)
- Victoria (BC)
- Waterloo (ON)
- Whistler (BC)
- Windsor (ON)
- Winnipeg (MB)
Sorted alphabetically by city name.
🏒 Sports
Baseball
Basketball
Curling
Hockey
- Main: c/Hockey
- Calgary Flames
- Edmonton Oilers
- Montréal Canadiens
- Ottawa Senators
- Toronto Maple Leafs
- Vancouver Canucks
- Winnipeg Jets
Soccer
- Main: /c/CanadaSoccer
- Toronto FC
💻 Schools / Universities
- BC | UBC (U of British Columbia)
- BC | SFU (Simon Fraser U)
- BC | VIU (Vancouver Island U)
- BC | TWU (Trinity Western U)
- ON | UofT (U of Toronto)
- ON | UWO (U of Western Ontario)
- ON | UWaterloo (U of Waterloo)
- ON | UofG (U of Guelph)
- ON | OTU (Ontario Tech U)
- QC | McGill (McGill U)
Sorted by province, then by total full-time enrolment.
💵 Finance, Shopping, Sales
- Personal Finance Canada
- Buy Canadian
- BAPCSalesCanada
- Canadian Investor
- Canadian Skincare
- Churning Canada
- Quebec Finance
- Canada Grown Business
🗣️ Politics
- General:
- Federal Parties (alphabetical):
- By Province (alphabetical):
🍁 Social / Culture
- 2 North American 4 You (Shitposting & Memes, North America focus)
- Ask a Canadian
- Bières Québec
- Canada Francais
- Canadian Gaming
- Eh Buddy Hoser (Shitposting & Memes, Canada focus)
- EhVideos (Canadian video media)
- First Nations
- First Nations Languages
- Indigenous
- Inuit
- Logiciels libres au Québec
- Maple Music (music)
Rules
- Keep the original title when submitting an article. You can put your own commentary in the body of the post or in the comment section.
Reminder that the rules for lemmy.ca also apply here. See the sidebar on the homepage: lemmy.ca
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Does anyone have any sources or knowledge on how the network infrastructure for these systems are designed? I've never investigated this and wouldn't know where to look, and this article doesn't provide much information (it's a Postmedia Network source, btw, so take this all with a grain of salt).
I can't imagine that any remote access isn't done through SSH or an intranet for exactly this reason. Is that incorrect? Or is there a reason they wouldn't be and a way that these systems could be compromised by an employee's device that has access to the internet?
I worked in water treatment during an internship and learned about air gapping. You make it so that data can go out for monitoring, but nothing can come in. You need physical access to make changes. Because if someone can control it remotely, that means anyone can control it remotely.
I mean, SSH would create some barriers that makes this question even more relevant, if there was a weakness somewhere (even if just because remote access was available), it better have been a result of user error and not poor infrastructure design.
The smaller the municipality (and the older the system), the less likely that they have a robust IT department managing all the access controls.
Then again, I've also an encountered office (not utility infrastructure) where some random employee had plugged a WIFI access point into their desks ethernet port and set it on the window ledge so they could use their phone on the company network while they were outside having a smoke... (yes they faced consequences when management was made aware)
As we all know, security is only as good as your weakest link.
Yeah I think the size of the municipality is a great thing to keep in mind for this, as I'm sure a more rural, low population, and dispersed municipality would likely have less funding to update and maintain these systems. What I'm curious about is if this is a consequence of that neoliberalization -- whether this was a result of reduced public funding and therefore the adoption of privatized, profit-driven solutions -- or if it was simply a consequence of older infrastructure and poor discipline. Those are very different explanations that present their own risks for the rest of us to be concerned about and options for what we are able to do about it.
Which is why it is important for facility operators to pay attention to the forensic audits of the compromised systems, and react appropriately.
And, obviously, it is also important that those audit reports be made available, and not hidden away because of some sense of corporate embarrassment or claims of "proprietary information"
Most likely Windows XP on an old dell desktop in a closet. Can't be upgraded due to some no longer maintained driver blah blah
Why is that most likely? I'm having a hard time finding reliable information on how these water treatment systems are actually designed, but everyone feels very comfortable speculating.
I've worked for the government before. This is from experience
Okay, but you do understand that anyone can just say that though, right? Do yo have any public links that you'd be aware of from working in the govt that relates to information on this?
No, they wouldn't advertise that.
Best you'll find is news articles about compromises on critical infrastructure. But, even then, the government is going to do its best to bury their incompetence that was the root cause.
Again, I've never researched this before (especially so for Quebec), so I guess it is a little surprising that public spending like that wouldn't have to disclose some specifics around the use of funds and who is involved for contracts.
And like, yeah, but what level of government is this? Was it a consequence of municipal decisions? Provincial funding? The general neoliberalism that has dominated Canadian politics and economics for the past four decades? There are a lot of factors to determine how much of a concern this actually is and how to realistically address it.