road toll transponder hacked
Matt Blaze
mab at crypto.com
Tue Aug 26 10:52:58 EDT 2008
On Aug 26, 2008, at 10:15, mheyman at gmail.com wrote:
> On Tue, Aug 26, 2008 at 9:24 AM, Perry E. Metzger
> <perry at piermont.com> wrote:
>>
>> http://www.technologyreview.com/Infotech/21301/?a=f
>>
>> From the article: "other toll systems, like E-Z Pass and I-Pass, need
> to be looked at too"
>
> A couple years ago I got a letter from E-Z Pass a few days after I
> used my transponder in my new car without registering my new car. They
> gave me a grace period to register before making me pay some sort of
> penalty.
>
> So, I believe, at least for E-Z Pass, the attack would have to include
> cloning the license plate and pictures may still be available whenever
> a victim realizes they have been charged for trips they did not take.
I believe that's correct. In fact, the plate recognition technology
they
use seems to be good enough to make the transponder itself redundant.
I know several people with E-Z Pass who disconnected the internal
battery of their transponder (out of concern that there might be
hidden readers around town that track vehicles at places other than
toll gates). Even with dead transponders, their accounts are still
charged accurately when they pass toll gates. (The sign displays "EZ
Pass
not read" or some such thing, but the account is debited within a day
or two anyway).
-matt
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list