[AccessD] 2010 Bug hits Germany

Gustav Brock Gustav at cactus.dk
Wed Jan 6 02:26:47 CST 2010


Hi Max

It happens when one system using decimal numbers (10) sends data to another expecting hexadecimal values (0A for ten). Thus 10 dec -> 10 hex = sixteen.

This is a bug in some Siemens automation equipment reading data from card readers. These units are designed to be driven by solar power as, for example, seen in parking ticket machines many places in Europe. The firmware programmers for some reason believed that, first, skipping 2000 and go with two digits only (00-99) and, second, using hexadecimal numbers to save two bytes would help keep power consumption at a minimum. 
This is hard to believe but nevertheless the official explanation from Siemens in Denmark. The spokesman admitted that the issue has revealed that testing of the equipment has been inadequate. The firmware has been updated and the issue resolved in a few days.

/gustav


>>> max.wanadoo at gmail.com 05-01-2010 21:33 >>>
http://www.msnbc.msn.com/id/34706092/ns/technology_and_science-security/ 

Why would this happen?

Max






More information about the AccessD mailing list