"Major London rail station reveals 'signal system passwords' during TV documentary"

Discussion in 'UK Railway Discussion' started by SPADTrap, 1 May 2015.

Thread Status:
Not open for further replies.
  1. SPADTrap

    SPADTrap Established Member

    Messages:
    1,962
    Joined:
    15 Oct 2012
    http://www.theregister.co.uk/2015/05/01/london_rail_station_exposes_signal_system_passwords/
     
    Last edited: 1 May 2015
  2. AngusH

    AngusH Member

    Messages:
    205
    Joined:
    27 Oct 2012
    (genuine question)

    Which parts do you consider to be misinformation?
     
  3. Jonny

    Jonny Established Member

    Messages:
    1,292
    Joined:
    10 Feb 2011
    Location:
    Walking distance to CLS
    I'm not sure what the misinformation is, but it seems like a massive gaffe... unless there are other security precautions in place. It would be (barely) tolerable in the short run if it had to be that particular computer terminal.
     
    Last edited: 1 May 2015
  4. SPADTrap

    SPADTrap Established Member

    Messages:
    1,962
    Joined:
    15 Oct 2012
    They call it a workstation on a signaller's control desk yet then refer to it as utility unknown along with the headline about revealing signalling system passwords, just gives the impresion that someone could go to 'www.waterloosignalling.com' and play trains! :lol:

    Some valid points raised in there though and certainly a lot to think about, perhaps misinformation wasn't the best word to use! :)
     
    Last edited: 1 May 2015
  5. MarkyT

    MarkyT Established Member

    Messages:
    2,000
    Joined:
    20 May 2012
    Location:
    Torbay
    This is not a signallers workstation. It is an information screen on the desk of a controller or some other manager or administrator in a train company control office. These offices have absolutely no direct control over the signalling system. The login is an index number for the particular map being displayed which is legitimately viewable by anyone who is legitimately in the office so the generic password is not a security issue because all it does is give access to that information screen on that monitor. Much of the same information is available to public through real time information systems such as this: http://www.opentraintimes.com/maps/signalling/WAT
     
  6. SPADTrap

    SPADTrap Established Member

    Messages:
    1,962
    Joined:
    15 Oct 2012
    Quite but on reflection I wouldn't expect journalists to be aware of CCF.
     
  7. Yabbadabba

    Yabbadabba Member

    Messages:
    385
    Joined:
    23 May 2014
  8. CC 72100

    CC 72100 Established Member

    Messages:
    2,979
    Joined:
    23 Jan 2012
    You mean that when I'm playing Simsig, I don't actually get to control the trains! :o

    ;)
     
  9. rdeez

    rdeez Member

    Messages:
    301
    Joined:
    7 Apr 2013
    I was under the impression it was merely a local login for that workstation, and therefore of absolutely no use to anyone sitting at home or in the library or whatever!

    I've been in several station offices where login information is similarly attached to monitors. As long as the room itself is secure, while it's obviously not best practice, I don't see anything particularly worrying about it.
     
  10. Arctic Troll

    Arctic Troll Established Member

    Messages:
    7,860
    Joined:
    12 Sep 2013
    Location:
    Newcastle upon Tyne
    I'd hope that it was useless information, given it was recorded months ago and was on display. The Register isn't written by the average idiotic journalist, though, they do tend to know what they're talking about.
     
  11. Al_Smith

    Al_Smith Member

    Messages:
    16
    Joined:
    17 Dec 2012
    The Register article has now been updated, with a link back here!

    "Our story has generated a discussion thread among people on a rail interest forum, who know much more about how the system works than Reg staffers."
     
    Last edited: 1 May 2015
  12. Trainfan344

    Trainfan344 Established Member

    Messages:
    1,845
    Joined:
    13 Oct 2012
    I wondered why the world didn't stop when I hit the pause button...
     
  13. carriageline

    carriageline Established Member

    Messages:
    1,697
    Joined:
    11 Jan 2012
    As said, that is probably just a windows log in for that machine. The signalling workstations don't run on your normal windows, and thus don't "log in".

    And as said, Waterloo is controlled from Wimbledon ASC, which is controlled from panels, not signaller workstations.
     
  14. Zoidberg

    Zoidberg Established Member

    Messages:
    1,270
    Joined:
    27 Aug 2010
    Location:
    West Midlands
    A ridiculous situation.

    Surely, in this day and age, everyone should know that the sticky with the logon credentials should be affixed to the underside of the keyboard in order to keep them safe from casual observers.
     
  15. SPADTrap

    SPADTrap Established Member

    Messages:
    1,962
    Joined:
    15 Oct 2012
    That is very interesting! Fair play to them! :)
     
  16. whizzylizzy

    whizzylizzy Member

    Messages:
    18
    Joined:
    28 Jun 2011
    In order to get onto CCF you either need to be on the Network rail network, or access it via Network Rail's Gateway. This has two-factor authentication and you need an RSA token. This makes it more secure than what is implied.
     
  17. Sacro

    Sacro Member

    Messages:
    370
    Joined:
    20 Jan 2010
    Isn't it single factor and an RSA token? That makes it double (rather than triple) factor.
     
  18. sbt

    sbt Member

    Messages:
    201
    Joined:
    12 Oct 2011
    Regardless of the actual risk, two organisations showed poor 'Security Culture', and arguably Safety Culture.

    The TV producers should have noticed and 'smudged out' the password, just in case.

    The signalling centre showed bad 'Security Culture' by keeping login details on display. Many people do it and in this case it may not have been that serious, but its a very bad habit to get into. Its a bit like stepping on rails - Ok most of the time, except the one time its not a running rail but one with some power in it. Get in the habit of writing down login details to low risk systems and leaving them on view and one day you, or your staff, will do it for a high risk system.

    If you really, really, need all visitors to have access to login details, have them somewhere that they can't be overlooked. Ideally put them on something like a little badge that lives in the workstation draw and lock it away when the location is unstaffed. If you just need a reminder for emergencies and the inevitable forgetfulness around, put the details on a bit of paper in a sealed envelope kept somewhere secure - or arrange for the password to be reset by the Sysop or similar.

    BTW, if you are mandating hard to remember passwords (or username ids) that people need to type in regularly then you are eroding you own security. People WILL write them down, often in stupid places visitors or passers by can see. Put rules in place to force non-stupid passwords and allow people to come up with ones they can remember. And if you really don't need a password check at that stage on that system at all, don't design your system that way - excessive checks encourage people to simplify things by stuff like ... writing things sown in plain view.

    Oh, and with the slowly increasing overlap between IT Security and Safety, a poor Security Culture is evidence of a Safety Culture that is frayed around the edges.
     
    Last edited: 1 May 2015
  19. swills

    swills Member

    Messages:
    480
    Joined:
    15 Jan 2008
    there is not enough space under a keyboard for all the different paswords used, half of which are not needed anyway....and really CCF is one of them !
     
  20. PowerLee

    PowerLee Member

    Messages:
    35
    Joined:
    24 May 2014
    :lol: exactly the same password shown in the screen grab as my previous employer had the IT department force upon us :lol:
     
  21. EM2

    EM2 Established Member

    Messages:
    5,355
    Joined:
    16 Nov 2008
    Location:
    Northfleet, Kent
    It's not a signalling centre.
    It is never unstaffed.
     
  22. sbt

    sbt Member

    Messages:
    201
    Joined:
    12 Oct 2011
    My bad

    See above

    Basic points still stand however.
     
  23. Matt Taylor

    Matt Taylor Established Member

    Messages:
    2,171
    Joined:
    31 Aug 2008
    Location:
    Portsmouth
    Furthermore, the screen display of the track layout and trains etc is available in at least locations 5 locations around Waterloo, all of which are public areas and there is nothing to stop passengers looking at them even though they will be largely meaningless to almost all train users, there is nothing on that screen that would be a breach of security and in any case similar overviews are available to the public on the opentraintimes website.

    The reason these maps are on display in public areas are so that train crew can easily find their next working without having to phone control or go up to the raft to find out. It saves time and keeps the trains moving-particularly when disruption hits.

    Of course I could be part of the cover up, if so can someone please hack into the system and give me a 455 next time I'm booked for a Southampton fast. Thanks:D
     
  24. Mojo

    Mojo Administrator Staff Member Administrator

    Messages:
    15,500
    Joined:
    7 Aug 2005
    Location:
    0035
    I presently work, and have worked in the past, at locations with usernames/passwords stuck to the desk/VDU/nearby walls. The passwords only work on those units, and the systems do not get logged out, you only need the login details if it crashes and you have to reboot it, or if there has been a power failure of some sort. Why exactly there has to be a username and password is not really clear, I suppose it comes as default.
     
  25. duffield

    duffield Member

    Messages:
    245
    Joined:
    31 Jul 2013
    Some railway systems (not being specific, and not referring to the one being discussed here) used to have security based on 'terminal id' (i.e. the specific piece of equipment) but this came to be seen as inflexible - e.g. if the terminal/PC whatever blows up you have a problem. If you have security based on the userid instead, in the event of equipment failure you can immediately log the same userid in at a backup terminal, which could even be at different site, and be back up and running straight away (except if at different site the relevant trained person/s may need to physically get there of course).
    The railway systems I know about now tend to have a mixture of terminal and/or userid based security.

    So even if a given userid is 'always' used at a given terminal (etc.) and 'always' logged on there is (or at least may be) a good reason for having it.
     
  26. Clip

    Clip Established Member

    Messages:
    8,521
    Joined:
    28 Jun 2010

    Ok then. Can you please tell me what security issues you think could occur with this system itself given that it does nothing but tell you where something is?

    And the information that you can get from other websites?
     
  27. Hyphen

    Hyphen Member

    Messages:
    492
    Joined:
    17 Oct 2011
    Location:
    Swansea (previously Nottingham/Sheffield)
    Well the answer to that does tend to rather depend on the system in question. And just because something is only used in read-only mode doesn't mean that user account doesn't have write permissions to whatever backend system powers it.

    For example, at my place of work, a number of our employees only have supposed read-only access to our electronic patient records - that's something managed by the application's security model itself. In reality, that employee is still forced to have read-write access to the database, because the application writes login concurrency and a whole bunch of audit logs into it.

    If someone wrote their passwords down and stuck them to a monitor, I'd be pretty unhappy, even if there wasn't a lot the account could do directly with the application.
     
  28. NSEFAN

    NSEFAN Established Member

    Messages:
    2,826
    Joined:
    17 Jun 2007
    Location:
    Southampton
    This is the point. Whilst this particular system might not be safety critical and not capable of any harm, it is very poor practice to have passwords in plain view. If a system really doesn't need a password then don't have one.
     
  29. martynbristow

    martynbristow Member

    Messages:
    426
    Joined:
    15 Jun 2005
    Location:
    Birkenhead
    Does anyone actually know what the password was for.
    As this to me seems the only sensible explanation. Computers require some form of password as a check measure and you cannot disable them! If you have a windows machine with autologin you don't need a machine password to login unless you logout or somehow lock the screen. But you have to have to have a password. Other systems use a passkey to encrypt data.
    We authenticate on IP addresses at work to to reduce risks.
     
  30. carriageline

    carriageline Established Member

    Messages:
    1,697
    Joined:
    11 Jan 2012
    It would of been the windows login for that machine.

    Oh and CCF only reads information from train describers. EVEN if CCF could somehow be reverse engineered to write data, nothing will come of it.
     
Thread Status:
Not open for further replies.

Share This Page