> Not gonna lie, all i hear is "i'm annoyed i was able to ignore the problem for 30 years but now i have to actually fix it".
You're not entirely wrong, but you're talking to the wrong guy. Clean-slate rewrites are some of my favorite best projects, and I hate dealing with legacy junk - but there's just not budget to keep everything brand new all the time.
Realize that when you flush the toilet, the reason the water level goes down is likely to be a municipal sewer system and waste treatment plant that must never stop...they replace mechanical wear items once in a while, but some of the controls are well over 30 years old. Same story at the clean water plant that fills the tank back up. An average consumer might replace their phone every 2 years, but industrial processes and infrastructure have much, much longer timelines.
Hey, I get it.
The thing is, budget is largely artificial. Unless a company is on the brink of bankruptcy, there can be budget (but the company has to eat that from profits).
The thing is, eating budget for maintenance and system upgrades is a known playbook companies use. That doesn't make it right though.
That is why i wrote that the issue is organizational, not technical...
You weight the cost of incurring in that thing getting hacked against the cost of that thing being rebuilt on modern hardware with modern technologies and enough processing power to do TLS.
Then you pick the "rebuild route". Easy.
Anyway, it's crazy how on this forum it goes from "REWRITE EVERYTHING IN RUST!!! ANYTHING THAT'S NOT RUST IS INHERENTLY UNSAFE" to the complete opposite of "why doesn't anybody think of the poor WindRiver VXWorks RTOS!!".
> Sure, adding a cert to the SCADA server is trivial, it runs Windows Server and has a NIC that can access the Internet, but on the other NIC...there's a menagerie of 30 years of industrial oddities.
Not gonna lie, all i hear is "i'm annoyed i was able to ignore the problem for 30 years but now i have to actually fix it".