This time TFL - operating London's public transport network that covers undergound, overground, DLR, buses and whatever else comes.
During one of the Security Now! podcasts (#193 was about Conficker so it was somewhere between #194 and #196) one of the main discussion topics was (to no surprise) why Windows shouldn't be used in places like ATMs, hospital equipment (MRI scanners, heart monitors, etc) and most of other control
systems we have and use today.
In fact it's really hard not to agree with that. The arguments were very clear and sound:
- Most if not all of those systems are "consumer grade", not any kind of "industry type" things
- They are connected to the network
- They are not patched in general (it works so don't touch it)
- Most don't run any antivirus/firewall (not related to business function?)
- Many were not planned to be put on-line in any way (but we know they are)