• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

FFS

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    FFS

    Serial killer hack threat to gas pipes, traffic lights, power plants ? The Register

    Analysis Medical systems to traffic light boxes are apparently wide open to hackers thanks to a lack of authentication checks in equipment exposed to the internet.

    That's according to research from security toolmaker Rapid7, which says it found plenty of systems that can be freely remotely controlled via public-facing serial port servers.
    Always forgive your enemies; nothing annoys them so much.

    #2
    I did a small project to replace some industrial control software that used RS232, with TCP/IP over ethernet. And it wasn't a router sized box as that Reg article suggests, but an RJ45 socket sized box soldered directly to the board.

    That just connected a TCP or UDP connection direct to RS232 - i.e. bytes in, bytes out, with no kind of authentication whatsoever. Of course I did bring up the question of security, but nobody thought it would be an issue. So somebody a bit careless connecting one of those machines to an unprotected LAN, and yes it could be controlled from the other side of the world. Which would be cool, if not really what the customer would want.
    Will work inside IR35. Or for food.

    Comment


      #3
      saw it 20 years ago with event logging, that was output only but still valuable security information.
      Always forgive your enemies; nothing annoys them so much.

      Comment


        #4
        We used to have terminal server boxes that connected 8 serial lines to ip so we could access stuff via telnet, but we bought the serial lines into the building and the boxes were under a desk.
        While you're waiting, read the free novel we sent you. It's a Spanish story about a guy named 'Manual.'

        Comment


          #5
          Cool. Any way to tap into a central heating system and make it set fire to a neighbour's house? Or maybe he could be attacked by his dishwasher?

          PS Or how about a hidden box wired to the engine control system on his truck? Could I make it drive off a cliff? We've got a cliff by the road here, only about 30 foot drop, but probably enough.
          Last edited by xoggoth; 29 April 2013, 12:08.
          bloggoth

          If everything isn't black and white, I say, 'Why the hell not?'
          John Wayne (My guru, not to be confused with my beloved prophet Jeremy Clarkson)

          Comment

          Working...
          X