this post was submitted on 30 Jan 2024
844 points (98.2% liked)

Technology

59271 readers
3462 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 130 points 9 months ago (33 children)

Legacy hardware and operating systems are battle tested, having been extensively probed and patched during their heyday. The same can be said for software written for these platforms – they have been refined to the point that they can execute their intended tasks without incident. If it is ain't broke, don't fix it. One could also argue that dated platforms are less likely to be targeted by modern cybercriminals. Learning the ins and outs of a legacy system does not make sense when there are so few targets still using them. A hacker would be far better off to master something newer that millions of systems still use.

Tell me you know nothing about cybersecurity without telling me you know nothing about cybersecurity. Wtf is this drivel?

[–] [email protected] 31 points 9 months ago (7 children)

It really depends if these systems (that appear to control arrival boards) are on a network or not. If they're not, then there is minimal risk to leave them the way they are. Somebody would need physical access to the devices to do harm. If they are on a network then that's a pretty big deal, but some attacks could be mitigated against by tunnelling and/or additional packet filtering to ensure the integrity of messages.

Continuing on a railway theme you should be FAR more worried all the devices that run up and down the side of railway lines - PLCs that talk with each other and operations centres to control things like lights, junctions, crossings etc. If they're more than 5 years old then chances are then all that traffic is in the clear, and because these things live in boxes by the railway line, it wouldn't take much to break into a network and potentially kill people by running two trains into each other.

[–] [email protected] 16 points 9 months ago (2 children)

the job was advertised as being remote.....

[–] [email protected] 5 points 9 months ago

Well yes. You can code software remotely. That doesn't mean the end system is reachable through the network. Given it's DB, I bet these systems are still patched by floppy. Until very recently they've used floppy's to distribute train schedules to be displayed in the train.

[–] [email protected] 11 points 9 months ago (1 children)

The job might be remote, doesn't mean the system is remote. For all you or I know they want somebody to reverse engineer the protocol of this thing, which could be some weird board & driver that hooks into an old PC so they can switch it out for something else.

[–] [email protected] 14 points 9 months ago (1 children)

It's in the job description, remote access is available via a repurposed laparoscope robot and webcam placed in front of the original terminal keyboard and CRT

[–] [email protected] 2 points 9 months ago* (last edited 9 months ago) (1 children)

I think you are pulling my leg... But if that's true that's super cool.

[–] [email protected] 1 points 9 months ago

A remote KVM through a portal would be the actual way an air gapped system would be accessed, yeah... Spoofing ps/2 or Din with a teensy would probably be needed to use new hardware for the KVM. Maybe a SFF PC with an analog input capture card...

load more comments (4 replies)
load more comments (29 replies)