• voodooattack@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    And said trick ends when an attacker manages to socially-engineer their way in. (But maybe they’ll drop floppies instead of flash drives around the block this time)

    • Syndic@feddit.de
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      Sure, but how likely is this in this specific scenario. We’re talking about a system that’s not even directly controlling the train but just a display on it. The worst that can happen is that those displays won’t work until the system is reinstalled. That’s hardly a lucrative target for modern hackers. There’s way easier target which are worth something.

    • yesman@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      1
      ·
      9 months ago

      You really think that infrastructure IT is dumb unless it can brush off a Stuxnet-like attack by the CIA and Mosad? Most RR traffic signals in the US are run with mechanical logic, physical switches connected to circuits closed by steel wheels on steel tracks. Do you really want a “move fast and break things” tech bro to update all this stuff for us?

      All kinds of infrastructure uses ancient software because it’s reliable. Updating it just to protect from hackers causing damage is likely to cause that damage unintentionally while doing little to protect from hackers anyhow.