8 votes

San Francisco city leaders look to bring back emergency sirens by end of 2024

Posted by skybrian
Tags: usa.ca.san francisco, hacking, preparation.disaster, safety.public, sirens, politics, government.local, cities, author.max darrow, source.cbsnews
https://www.cbsnews.com/sanfrancisco/news/san-francisco-city-leaders-look-to-bring-back-emergency-sirens-by-end-of-2024/

Link information

This data is scraped automatically and may be incorrect.

Published
Sep 6 2023
Word count
487 words

2 comments

  1. [2]
    skybrian
    Link
    Apparently they've been offline since 2019. From the article: ...

    Apparently they've been offline since 2019.

    From the article:

    "It was on the perennial list of things to be rehabilitated. It kept falling to the bottom of the list," said Board of Supervisors President Aaron Peskin.

    ...

    "After the Lahaina tragedy, everybody at City Hall realized this was not a want to have it was a need to have," he said.

    There are 119 emergency warning sirens placed all throughout San Francisco.

    "It's really a critical part of communicating with people on the streets in San Francisco," Peskin said. "In the event of an earthquake, if we can tell people not to go to the Bay Bridge but use the Golden Gate Bridge – if we want to tell people that the right thing to do, which is usually the right answer, is to shelter in place."

    "As long as they can do it without spending too much money, then yeah, go for it," McNally said.

    Peskin estimates it'll cost around $5.5 million to get the sirens back online and anticipates they'll be up and running by the end of 2024.

    4 votes
    1. skybrian
      Link Parent
      Here's a blog post with more detail and speculation: Apparently there is a CVE.

      Here's a blog post with more detail and speculation:

      I keep seeing articles asking what happened to the sirens, and then answering themselves that they "are antiquated" and "need repairs", which sounds like they're rusty or something. But what really happened was, in 2018 the siren network was hacked because it had no encryption.

      The vendor claimed to have immediately rolled out a fix, and then in 2019, San Francisco shut the entire system down for what they believed at the time would be two years. For "upgrades". So, upgrading this system, which had been going off weekly since 1945 necessitated shutting the whole thing down immediately. Not, like, acquiring the budget and the equipment; testing it; staging it; and then shutting down the old system, no. Something was so badly wrong with it that they decided to completely scrap this piece of security infrastructure. Keeping it running at all was judged to be more dangerous than not having it at all.

      That sounds like an active exploit in the wild, to me.

      Apparently there is a CVE.

      11 votes