I just spent two hours trying to get in contact with the owner of a small Swedish hydropower plant that had an open vnc connection, where anyone could turn on/off generators, open the damn completely etc.
Once I got in contact with him, this is the conversation we had:
1. I explain the critical situation
2. he pretends there's a bad reception and ask for my number and quickly says 'I'll call you tomorrow'
3. I explain that I am not trying to sell him anything and that I spent 2 hours to find him to tell him about how anyone can control his powerplant
4. He nonchalantly ignores my warning and says "I have two powerplants that you can control like this, nothing to worry about."
5. I try to explain that a LARGE group of people now know about his powerplant and that I could garantuee that people will login and tamper with it
6. "Hmm, it is a really bad reception here right now, i'll call you tomorrow.'
If the hydropower plant that is referenced here is "Nordansjö Kraftverk" - then it's been fixed yesterday, through a tipoff to CERT-SE at MSB (Swedish Civil Contingencies Agency).
People in Sweden made that joke as well. Kind of worried I will get in trouble legally because of this. If there is gonna be any issues with the damm, he will probably blame me. :(
Once I got in contact with him, this is the conversation we had:
1. I explain the critical situation
2. he pretends there's a bad reception and ask for my number and quickly says 'I'll call you tomorrow'
3. I explain that I am not trying to sell him anything and that I spent 2 hours to find him to tell him about how anyone can control his powerplant
4. He nonchalantly ignores my warning and says "I have two powerplants that you can control like this, nothing to worry about."
5. I try to explain that a LARGE group of people now know about his powerplant and that I could garantuee that people will login and tamper with it
6. "Hmm, it is a really bad reception here right now, i'll call you tomorrow.'
7. Click
What the actual fuck!