this post was submitted on 30 Jan 2024
845 points (98.2% liked)

Technology

59673 readers
3161 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] yesman 33 points 10 months ago (4 children)

You really think that infrastructure IT is dumb unless it can brush off a Stuxnet-like attack by the CIA and Mosad? Most RR traffic signals in the US are run with mechanical logic, physical switches connected to circuits closed by steel wheels on steel tracks. Do you really want a "move fast and break things" tech bro to update all this stuff for us?

All kinds of infrastructure uses ancient software because it's reliable. Updating it just to protect from hackers causing damage is likely to cause that damage unintentionally while doing little to protect from hackers anyhow.

[–] Linkerbaan 9 points 10 months ago (1 children)

It must be updated sometime or risk being archaic and unmanageable. Chances are high they are paying insane amounts for those legacy mechanical switches you mention.

The actual logic is usually very well portable to a more modern ecosystem.

[–] [email protected] 3 points 10 months ago (1 children)

Or these companies could pay to train (no pun intended) technicians to learn the systems they’d like to maintain. No matter how old they are.

Until entropy comes for the actual hardware (assuming they won’t invest in remanufacture or production of replacements). Re-engineering a successfully working system is more costly and might result in worse outcomes, especially in the near term.

[–] Linkerbaan 1 points 10 months ago

Often these system rely on old components which are just not made anymore.

People don't design every switch, computer and chip themselves. They buy whatever mainstream stuff is available at the time and combine it into a system

If you want to resupply those old parts you literally need to search Ebay to buy some weird outdated 2nd hand MSDOS PC to put in your "awesome reliable railway system".

Upgrading at every new whim is of course bad, but once your system reaches legacy age it's often necessary to fully overhaul and modernize it for the next ~15-20 years.

[–] mlg 5 points 10 months ago

Every SCADA related cyber attack and incident has entered the chat.

Even if it's archaic, a lot of these systems aren't secure which can be done relatively easily and cheaply with things like basic firewalls and stunnel.

[–] [email protected] 3 points 10 months ago

Akshually it was recently found that a spy from Holland I think penetrated a chip supply line and installed an infected chip which found it's way into the centrifuge network

[–] RaoulDook 2 points 10 months ago

uses ancient software because it’s reliable

HAHAHA!

I just have to laugh at that idea, since I've been using computers since the days that those OSes were in common use. Reliable is not what I would call a lot of that old stuff for sure.

The bottom line is that ancient software will likely have ancient security vulnerabilities that would be trivial to exploit and take over or destroy those systems. It's not good.