PCs Pilfered, Paralyzing Populace

Heywood Yabuzof writes "According to this Wired story, thieves in Chile caused traffic to grind to a halt when they decided to steal the computers (15 PCs and 2 servers) that control the traffic lights in Santiago. Funny how everyone worries so much about preventing "evil hackers" from breaking in to systems remotely and causing chaos, and then some burglars just go ahead and steal the critical computers to produce the same (unintended?) results."

Physical Security

[dirvish]

Physical security is just as important as network security. If the admin of these servers and computers had safegaurded their physical security there wouldn't have been a problem. Hackers are just one threat...vandals must also be considered. That is why physical security is one of the 10 sections covered in the CISSP certification exam (the premeire information security certification).

Re:Physical Security

[mark-t]

Physical security is just as important as network security.

Although the point you've made here is essentially correct, physical security is actually _more_ important than network security, as without it, any and all additional security features are rendered null and void. Period.

Re:Physical Security

[GeorgieBoy]

With e.g. Debian boot floppies [debian.org] or any other mini Linux [uga.edu] and mini Unix [cotse.com] distribution you can just insert a floppy, hit reset and wait a while until you got r00t and do whatever you want (like change the real root password in /etc/shadow on the main partition to whatever you want).

It's really even easier than that, in fact, without a floppy, you can just tell the bootloader (e.g. lilo) to boot with options like "linux init=/bin/sh" or something similar, and after the kernel loads you'll just get a shell.

Re:It's a good thing...

[BlueUnderwear]

Makes you wonder why they needed computers to control the traffic lights - surely that could be done with some 555 timers

Read the article. The traffic light were able to operate autonomously using builtin timers... What the computer did was ensure synchonization between one crossroads and the next. To make sure that when you get a green light, the lights are also green in the next few crossroads. Timers tend to drift, and hence an centralized system is necessary to keep things in sync.

And presumably the computer system also changes the timings to adapt to the differences in traffic patterns throughout the day (giving longer green periods to those directions where the most traffic is at that time). Nowadays, most city road networks operate very close to their capacity, and even little details such as the exact timing of traffic light are important to keep matters fluid.

Re:i hope for their sake

[herko_cl]

Living in Santiago, I can testify they luckily did. Using a backup server, they were able to restore traffic to normal within 6 hours.
I'd like to clarify a few points, though. Our traffic lights are fully autonomous, but the stolen computers analyze traffic flow via cameras at critical junctions and synchronize the lights from one crossroads to the next.
This works so well that, even when traffic is extremely heavy, cars keep moving along. On most mornings and evenings, if you are going "with the flow" you can drive for miles without getting a red light.

On the subject of security: apart from stealing the alarm system (we thought that was funny, too), they removed heavy cast-iron bars from a window to enter this office. To do this, they had to break down part of the wall. This was obviously a well-planned, well executed heist.

Re:Tangential Tidbit

no, they're mostly Plan 9 systems.