[TUHS] Happy birthday, Ken Thompson!
tytso at mit.edu
Tue Feb 6 14:58:22 AEST 2018
On Mon, Feb 05, 2018 at 05:54:57PM -0500, Dan Cross wrote:
> Speaking of things like that...This just landed in my inbox:
> The metrocard vending machines in the NYC subway are little PCs. I could
> swear I've seen either an OS/2, Windows, or Linux startup sequence on one
> or more of them before (maybe all three).
> Anyway, what do you want to bet that the MTA is making people go around
> with media and manually install updates for Spectre/Meltdown across the
> transit system?
No bet. How much do you want to bet the MTA isn't bothering to update
gazillions of *other* already published and known security holes that
were zero days years ago? Holes that are probably *Way* easier to
exploit than those using Spectre/Meltdown?
If it's anything like the MBTA in Massachusetts their security is
limited to trying to sue graduate students in an attempt to impose
prior restraint on their research (and including the presentation
as an exhibit on the lawsuit and letting it be published on the
court's website for all to see?).
More information about the TUHS