Traffic Trouble

The fact that SCADA systems and embedded controllers are woefully insecure is hardly news to security folk. But is is always somewhat eye opening to see how some of these systems can be compromised. One of those is in this blog post from IOActive Labs that a friend sent to me, where they used remote control drones to hack the systems that send data to the  traffic control systems.
While the specific details haven't been revealed yet, IOActive did reveal the responses they received after reporting the bugs to the manufacturers including in one case where:

(T)he vendor said that since the devices were designed that way (insecure) on purpose, they were working as designed, and that customers (state/city governments) wanted the devices to work that way (insecure), so there wasn't any security issue.
Nice to know the poor security isn't an accident, it was done on purpose due to customer demands!

powered by Blogger | WordPress by Newwpthemes | Converted by BloggerTheme