Yesterday the eNaTIS web site was hacked twice. This morning a defiant message has been posted on the eNaTIS web site. Unfortunately the message is not in the least bit reassuring, and is clearly on the defensive. It reads:eNaTIS "Hackers" on wrong trackNow for the hard truth about eNaTIS: the web site was hacked twice because the people responsible for the web site are incompetent.
Some media hype has suggested that the eNaTIS system was hacked recently[most of the reports specified the web site]. This was apparently due to someone leaving a comment on a page of a section of the eNaTIS public web site (this site)[So that's how they did it]. The suggestion that eNaTIS was hacked is actually laughable. The eNaTIS public web site is in no way connected at all to the eNaTIS system. [Not yet, but on-line transactions will be possible "later this year"] This choice was a deliberate design choice.The eNaTIS system and database is still secure and cannot be accessed via this web site.
It's reassuring that access to the eNaTIS database cannot be gained via the web site yet, but the facility for on-line transactions has been promised "later this year" according to the same web site.Hopefully this security wake-up call will be correctly interpreted as such, but judging by the tone of the statement posted they have completely missed the point: the security of the web site is as important as the security of the rest of the system. Judging by the reports in Beeld, the rest of the system is not secure either.Bad, Worse, eNaTIS | News article in the Times | MyADSL story | More bad news on the eNatis traffic system | ITWeb: Arivia sale pushed back to next year
No comments:
Post a Comment