Hackers Get Free Parking In San Francisco 221
Hugh Pickens writes "PC World reports that at the Black Hat security conference this week, security researchers say that it is pretty easy for a technically savvy hacker to make a fake payment card that gives them unlimited free parking on San Francisco's smart parking meter system. 'It wasn't technically complicated and the fact that I can do it in three days means that other people are probably already doing it and probably taking advantage of it,' says Joe Grand. 'It seems like the system wasn't analyzed at all.' To figure out how the payment system worked, Grand hooked up an oscilloscope to a parking meter and monitored what happened when he used a genuine payment card. Grand discovered the cards aren't digitally signed, and the only authentication between the meter and card is a password sent from the former to the latter. Examining the meters themselves could yield additional vulnerabilities that might allow someone to conduct other kinds of attacks, such as propagating a virus from meter to meter via the smart cards or a meter minder's PDA."
Parking Meter Botnet (Score:5, Funny)
Examining the meters themselves could yield additional vulnerabilities that might allow someone to conduct other kinds of attacks, such as propagating a virus from meter to meter via the smart cards or a meter minder's PDA."
I, for one, welcome our new parking meter botnet overlords.
Re:The usual solution (Score:5, Funny)
Re:The usual solution (Score:3, Funny)
Sir! Put down the oscilloscope and back away....slowly....
Re:The usual solution (Score:5, Funny)
Sir, do you have a concealed oscilloscope permit?
Re:Parking Meter Botnet (Score:1, Funny)
Well, you are easily upset.
Re:The usual solution (Score:5, Funny)
in a sinusoidal manner
Re:The usual solution (Score:4, Funny)
Re:Free parking! Just uh.. oh crap. (Score:5, Funny)
He was probably wearing a high-vis jacket and wearing heavy leather gloves. He'd have looked like an ordinary electrician. If anyone asks he was 'reparing' the meter.
San Francisco may be different, but I'd imagine that in most cities, if someone was seen beating a parking meter with a baseball bat, people passing by would nod approvingly, or perhaps cheer.
10 spaces away (Score:5, Funny)
In Monopoly just remember what is 10 spaces away from free parking (actually, in either direction). Something tells me that those who try this "Free Parking" trick may well end up rolling a pair of fives on their next move.
Do not pass go, do not collect $200.
Re:Free parking! Just uh.. oh crap. (Score:2, Funny)
Re:Portable Oscilloscope? (Score:1, Funny)
Saves a lot of money until you get caught with the counterfeiting equipment.
I'm sure eventually the city will notice the discrepancy and figure out what's going on and investigate.
Guess where will the money come to pay to fix the meters (even if it's just changing a couple lines of code it will not be inexpensive).
Also script kiddies, don't forget what will happen to your asshole.
Of course some of you might be looking forward to that.
Not that there's anything wrong with that.
To each his own.
Drawing attention to the problem (Score:5, Funny)
So the hackers, having figured out how to rig the meters, set up their own meters at a few places in the city. With them they place large signs "Hacker Parking Only, Everyone Else $1,000,000". One day they notice a Porsche 959 pull up to the meter. A somewhat geeky looking man in his mid-50s gets out, looks at the sign, places a card in the meter, and it flips over to "2 hours paid". One of the hackers then walks up to the man and says "Hey, Bill Gates! I knew you started out as a hacker but I didn't know you still kept in the game!". And Gates says "What hack? I just paid the meter".
Re:Parking Meter Botnet (Score:3, Funny)
>> Yes, but do they run Linux?
Yes, but does it blend?
disappointed (Score:2, Funny)
Hackers Get Free Parking In San Francisco
I thought they were just going to start letting us park for free because we're so cool.