• @[email protected]
    link
    fedilink
    English
    3111 months ago

    It really depends if these systems (that appear to control arrival boards) are on a network or not. If they’re not, then there is minimal risk to leave them the way they are. Somebody would need physical access to the devices to do harm. If they are on a network then that’s a pretty big deal, but some attacks could be mitigated against by tunnelling and/or additional packet filtering to ensure the integrity of messages.

    Continuing on a railway theme you should be FAR more worried all the devices that run up and down the side of railway lines - PLCs that talk with each other and operations centres to control things like lights, junctions, crossings etc. If they’re more than 5 years old then chances are then all that traffic is in the clear, and because these things live in boxes by the railway line, it wouldn’t take much to break into a network and potentially kill people by running two trains into each other.

      • @[email protected]
        link
        fedilink
        English
        1111 months ago

        The job might be remote, doesn’t mean the system is remote. For all you or I know they want somebody to reverse engineer the protocol of this thing, which could be some weird board & driver that hooks into an old PC so they can switch it out for something else.

        • @[email protected]
          link
          fedilink
          English
          1411 months ago

          It’s in the job description, remote access is available via a repurposed laparoscope robot and webcam placed in front of the original terminal keyboard and CRT

            • @[email protected]
              link
              fedilink
              English
              111 months ago

              A remote KVM through a portal would be the actual way an air gapped system would be accessed, yeah… Spoofing ps/2 or Din with a teensy would probably be needed to use new hardware for the KVM. Maybe a SFF PC with an analog input capture card…

      • @[email protected]
        link
        fedilink
        English
        511 months ago

        Well yes. You can code software remotely. That doesn’t mean the end system is reachable through the network. Given it’s DB, I bet these systems are still patched by floppy. Until very recently they’ve used floppy’s to distribute train schedules to be displayed in the train.