[Cryptography] Air Traffic Control computers are maintained about as well as most home machines
Tom Mitchell
mitch at niftyegg.com
Thu Mar 5 00:23:26 EST 2015
On Tue, Mar 3, 2015 at 6:19 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
wrote:
> Jerry Leichter <leichter at lrw.com> writes:
>
> >While the Federal Aviation Administration (FAA) has taken steps to protect
> >its air traffic control systems from cyber-based and other threats,
> >significant security control weaknesses
>
..................
> In some situations the use of shared credentials is even enshrined in
> organisational
>
...................
> An extreme case of the shared login is the 24-hour login, in which the
> user
> is never logged off.
>
Interesting...
This seems as if it lacks the concept of audit and responsibility.
Many of these systems are old enough that changing them would
be astoundingly difficult. Physical security enhancements seem
to be an easier project.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150304/ec3c7b01/attachment.html>
More information about the cryptography
mailing list