• arc@lemm.ee
    link
    fedilink
    English
    arrow-up
    26
    ·
    10 months ago

    It really depends if these systems (that appear to control arrival boards) are on a network or not. If they’re not, then there is minimal risk to leave them the way they are. Somebody would need physical access to the devices to do harm. If they are on a network then that’s a pretty big deal, but some attacks could be mitigated against by tunnelling and/or additional packet filtering to ensure the integrity of messages.

    Continuing on a railway theme you should be FAR more worried all the devices that run up and down the side of railway lines - PLCs that talk with each other and operations centres to control things like lights, junctions, crossings etc. If they’re more than 5 years old then chances are then all that traffic is in the clear, and because these things live in boxes by the railway line, it wouldn’t take much to break into a network and potentially kill people by running two trains into each other.

      • arc@lemm.ee
        link
        fedilink
        English
        arrow-up
        10
        ·
        10 months ago

        The job might be remote, doesn’t mean the system is remote. For all you or I know they want somebody to reverse engineer the protocol of this thing, which could be some weird board & driver that hooks into an old PC so they can switch it out for something else.

        • bane_killgrind@lemmy.ml
          link
          fedilink
          English
          arrow-up
          13
          ·
          10 months ago

          It’s in the job description, remote access is available via a repurposed laparoscope robot and webcam placed in front of the original terminal keyboard and CRT

          • XTornado@lemmy.ml
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            10 months ago

            I think you are pulling my leg… But if that’s true that’s super cool.

            • bane_killgrind@lemmy.ml
              link
              fedilink
              English
              arrow-up
              1
              ·
              10 months ago

              A remote KVM through a portal would be the actual way an air gapped system would be accessed, yeah… Spoofing ps/2 or Din with a teensy would probably be needed to use new hardware for the KVM. Maybe a SFF PC with an analog input capture card…

      • Syndic@feddit.de
        link
        fedilink
        English
        arrow-up
        5
        ·
        10 months ago

        Well yes. You can code software remotely. That doesn’t mean the end system is reachable through the network. Given it’s DB, I bet these systems are still patched by floppy. Until very recently they’ve used floppy’s to distribute train schedules to be displayed in the train.

    • nexusband@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      10 months ago

      Exactly. And these things are on an internal bus network, but they are not connected to the internet.