"Major London rail station reveals 'signal system passwords' during TV documentary"

[Yabbadabba]

74 staff X 9 CCF terminals located around the various signalling panels/SSMs desks would require 666 individual passwords at our location and if that required an individual machine password as well then that raises it to 1332 passwords, totally impracticable for a generic read only system just to see how late the trains are running. All passwords are nice a handy as to save being on the phone to the IT department getting yet another password reset which happens to often as it is.

 

[Clip]

Well the answer to that does tend to rather depend on the system in question. And just because something is only used in read-only mode doesn't mean that user account doesn't have write permissions to whatever backend system powers it.

This is the point. Whilst this particular system might not be safety critical and not capable of any harm, it is very poor practice to have passwords in plain view. If a system really doesn't need a password then don't have one.

You both simply fail to grasp that this is a read only system with none of the security issues that so many have bleated on about.

quite simply we have 1 log in personal to us as a user. Then there is a generic one for everyone to use to enter this system - in large areas where many users have to use the same terminal or many terminals it is far simpler to just have it shown. Its called ease of use and people really shouldn't scaremonger if they don't know what they are on about.

All passwords are nice a handy as to save being on the phone to the IT department getting yet another password reset which happens to often as it is.

Also this. Or when you come back form leave and the password has been changed or has been through the night or day or wow many things.

You lot use real time trains and we use something different - unless of course you think there is going to be dire consequences through using RTT?

OMG call the cops.

 

[glbotu]

You both simply fail to grasp that this is a read only system with none of the security issues that so many have bleated on about.

quite simply we have 1 log in personal to us as a user. Then there is a generic one for everyone to use to enter this system - in large areas where many users have to use the same terminal or many terminals it is far simpler to just have it shown. Its called ease of use and people really shouldn't scaremonger if they don't know what they are on about.



Also this. Or when you come back form leave and the password has been changed or has been through the night or day or wow many things.

You lot use real time trains and we use something different - unless of course you think there is going to be dire consequences through using RTT?

OMG call the cops.

This particular instance of displaying a password to the wider public is probably fine. The problem lies in creating a culture in the company that suggests that it's OK to do this. Even if there are procedures, it's the sort of thing that gets looked over if everyone in the company is "fine" with it. The point is not to get people in the habit of doing this for non-critical systems, because they might one day work on critical systems and do the same thing.

Yes, the article is blown out of proportion, but what do you expect, the headline:

"Railways make available useless password information to the public, nothing is at risk".

 

[Clip]

This particular instance of displaying a password to the wider public is probably fine. The problem lies in creating a culture in the company that suggests that it's OK to do this. Even if there are procedures, it's the sort of thing that gets looked over if everyone in the company is "fine" with it. The point is not to get people in the habit of doing this for non-critical systems, because they might one day work on critical systems and do the same thing.

Yes, the article is blown out of proportion, but what do you expect, the headline:

"Railways make available useless password information to the public, nothing is at risk".

There is nothing 'wrong' with it though. and the culture certainly is not there to suggest it is with more sensitive programmes and systems. Everyone is well aware of keeping personal log ins to themselves - certainly within every department I have worked with and more secure within that framework is the fact that not everyone is allowed access to certain programmes or even folders that they may see within other folders.

This is the back door stuff which you don't see or even know about(though is probably there in your own workplace) which makes the high risk stuff only available to those who need it which is why the article should never have been written and why people shouldn't have got so outraged upon seeing it without even knowing about it.

 

[455driver]

So the thread title is wrong and 99% of the self righteous indignation is wrong, how unusual! :roll:

 

[dysonsphere]

Used to work for a certian TV station when a new it support company changed all the guest logins overnight. Result at 0600 next day total chasos as no freelancer could log in and there support didnt come to 0900. They didnt grasp the generic logins were there for a reason.

 

[NSEFAN]

You both simply fail to grasp that this is a read only system with none of the security issues that so many have bleated on about.

quite simply we have 1 log in personal to us as a user. Then there is a generic one for everyone to use to enter this system - in large areas where many users have to use the same terminal or many terminals it is far simpler to just have it shown. Its called ease of use and people really shouldn't scaremonger if they don't know what they are on about.

I know that this particular system cannot do any harm, but the point is about bad practice in general. It is unwise to become complacent about IT security and sticking passwords on computer screens shows a poor attitude. If a system really doesn't need a password then don't fit one. Sticking labels on monitors is a half-arsed solution that gets people into bad habits.

 

[GodAtum]

Quite but on reflection I wouldn't expect journalists to be aware of CCF.

What is CCF?

 

[Yabbadabba]

What is CCF?

It's the scaffold tower that TDACs hang signallers from lol

But in all seriousness it's just a tool that allows near realtime observations of train movements with a playback facility to allow mainly train delay clerks and managers post incident to check what went where and when, when working out either delays or incidents. Signallers and other use it as a rough guide for train running to aid regulating decisions. Control use it as part of their big picture to aid service recovery (lol). Quite often you will find that some of the maps aren't drawn correctly and have points in the wrong places until the next map update.

 

[Tomnick]

I know that this particular system cannot do any harm, but the point is about bad practice in general. It is unwise to become complacent about IT security and sticking passwords on computer screens shows a poor attitude. If a system really doesn't need a password then don't fit one. Sticking labels on monitors is a half-arsed solution that gets people into bad habits.

Some accounts have access to more things than others though - the generic accounts will just be able to access the routine stuff, information systems and generic email accounts etc., but some personal accounts (the details to which will, hopefully, be kept more secure) will have access to other things, or email accounts with confidential stuff and so on. At work, I need to be able to log on to the generic account at any one of fourteen signalling locations (so need to be able to find the login details quite quickly), but equally might need to use the same machine to access my personal account to sort something out that's not for all to see.

...with a payback facility...

Is that what drivers use when they've been stuck in a loop somewhere?

 

[cf111]

It's the scaffold tower that TDACs hang signallers from lol

But in all seriousness it's just a tool that allows near realtime observations of train movements with a payback facility to allow mainly train delay clerks and managers post incident to check what went where and when, when working out either delays or incidents. Signallers and other use it as a rough guide for train running to aid regulating decisions. Control use it as part of their big picture to aid service recovery (lol). Quite often you will find that some of the maps aren't drawn correctly and have points in the wrong places until the next map update.

Does it stand for "Control Centre of the Future" or is that something different?

 

[Yabbadabba]

Is that what drivers use when they've been stuck in a loop somewhere?

Opps typo lol
--- old post above --- --- new post below ---

Does it stand for "Control Centre of the Future"

Yes it does.

 

[Class377/5]

The idea that CCF would cause problems is laughable. Is a strictly limited system that shows where trains are.

For you to be logged in you either need a wired connection to the Network Rail internal systems or a key fob. Even with those you then need a piece of software installed on the computer (supplied to NR by the developers) and an account being made to allow you access. Only NR can create accounts and is fairly limited amount of people who are allowed to apply plus it's got a rather large figure sum cost per user. Hence the generic passwords used.

The theory that is signalling is hackable because of it is really pushing the truth so far is actually a lie. Its like saying your car crashed because you own a book.

 

[Iron Girder]

In a (non-rail) company I worked in IT for some years ago, it was routine for staff, if you asked them for their account name, to give you the account name and the password. Although it wasn't a safety-critical environment, it was a confidential one, and there was genuine potential for important information to be accessible by unauthorised people.

I don't know how the habit began, though I imagine it was something quite innocuous, but it was the devil's own job getting them to break it.

And, as has already been observed, enforcing excessively stringent requirements on password construction generally makes it far more likely that passwords will get written down on scraps of paper.

What we IT types forget is that it's actually all about the people: we may be able to cryptographically demonstrate that a minimum ten-character password of mixed case and containing at least one digit and punctuation symbol is far more secure than a "letmein" type password, but it's irrelevant if people can't remember it, and even worse if they are forced to select a new incomprehensible password every six weeks (per my last employer!).

Systems that don't need logins shouldn't have passwords - even Windows has a way of allowing an automatic login on power-up. Systems that do need passwords should have policies that balance the need for password strength and security with ease of remembering. And, if that's too hard, there are any number of two-factor gadgets and tools around that will let people authenticate using a simple password and a cryptographic token.

 

[martynbristow]

Systems that don't need logins shouldn't have passwords - even Windows has a way of allowing an automatic login on power-up. Systems that do need passwords should have policies that balance the need for password strength and security with ease of remembering. And, if that's too hard, there are any number of two-factor gadgets and tools around that will let people authenticate using a simple password and a cryptographic token.

Windows systems ALWAYS require a password as do all systems. This can be automatically skipped but there are occasions when its needed. On windows 2000 systems you could autologin but still lock the system and log off. Basically if the system is not setup or built to avoid it you can still get stuck.
We used to have a very common password used to send off-site emails. The purpose make people double check before an email leaves the local network. They can also have there uses without being secret.

 

[Iron Girder]

Windows systems ALWAYS require a password as do all systems. This can be automatically skipped but there are occasions when its needed. On windows 2000 systems you could autologin but still lock the system and log off. Basically if the system is not setup or built to avoid it you can still get stuck.

Ah, yes, that's true. If a little unfortunate, because it immediately blurs that distinction between secure and non-secure passwords.

We used to have a very common password used to send off-site emails. The purpose make people double check before an email leaves the local network. They can also have there uses without being secret.

I guess, in an ideal world, there'd be a way of doing that which didn't require something called a password. Because once you start using "public" passwords, you've started down the slippery slope.