2024 is underway, gems will surface.

• Andrew Lemon, redthreatsec.com:

  • Give Me the Green Light Part 1: Hacking Traffic Control Systems

    I’d love to write a long detailed blog about getting a root shell via UART or extracting the firmware via JTAG and then reversing it, but the honest truth is I found a vulnerability in the webapp in the first 15 minutes of having the unit online and it was the first thing I tried.

  • Give Me the Green Light Part 2: Dirty Little Secrets

    My initial thought was there is NO WAY the web interface is just a front end to configuring the controller via SNMP. Some google searches led me learning about the NTCIP protocol.
    […]
    NTCIP isn’t just limited to traffic controllers but all things in the transportation world.

I must note that, much like 2023 saw a dearth of anything interesting after October, 2024 hasn’t seen anything interesting at all (as of February 8th). This isn’t to say that interesting things aren’t being written, but more to say that I’ve mostly stopped looking. I can only read so much of, “People Are Dying More Than Ever and Scientists Are Baffled”, “Another Manufactured War: 10 Reasons to Care”, “Currency is Worthless; Government Prints More Money”, “Man Wins in Women’s Sports”, “Public Education Vetoes Parents” and so on.

I understand that people are waking up, however, I still doubt that people are going to win. Anyway, the RAIL continues; we’ll see what happens. Good luck to you and yours.