Researchers Find Easy To Exploit Bugs In Traffic Control Systems 50
Trailrunner7 (1100399) writes "It has been a running joke in the tech industry for years that the hacking scenes in movies are, well, a joke. Hackers in hoodies pushing a few keys and taking down the power grid or causing massive traffic pileups by turning all the stoplights green at once. While those scenes provide endless entertainment for security folks, it turns out some of those attacks aren't so far-fetched. Cesar Cerrudo, a researcher and CTO at IOActive, decided to take a look at the security of some of the devices that control traffic lights and electronic signs in many cites around the world, and found that not only were the devices vulnerable to a number of attacks, but they could be exploited quite easily and perhaps could be used to spread malware from device to device. Cerrudo said that the vulnerabilities he identified can be exploited from up to a mile or two away with the right equipment."
LAX (Score:3, Funny)
Re: (Score:3, Funny)
Never attribute to malice that which is adequately explained by incompetence.
Re: (Score:2)
Never attribute to malice that which is adequately explained by incompetence.
Why not? Because you like the sound of that quote?
Re: (Score:3)
No, because it turns out that the quote is right most of the time.
malice vs. incompetence fight! (Score:3)
Re: (Score:1)
Never attribute to LAXatives that which is adequately explained by incontinence.
Re: (Score:2)
The security model is on a level that match the daily users of the system. When high tech is placing out cones and operating a shovel then a password more complicated than ABC123 will just result in a temporary sign not being used, it's easier to put up more cones instead. Or park a truck in the lane you want to block.
Re:LAX (Score:4, Funny)
ZOMBIES AHEAD! (Score:2)
Most traffic light controllers used to be relatively immune to hacking; if they weren't the dumb relay versions, they had at most a 4-bit microcontroller. Some of the newer systems can do a lot more, coordinating timing and the like, but with the older ones, the most you could do was emulate the emergency vehicle "make the lights green in my direction" feature.
But signs? Yeah, they've got potential. I've never been tempted to change them significantly, but some days I've really wanted to shorten 3-panel
Re: (Score:2)
Whoever programmed such a 3-panel message is irresponsible. There is long-established research (mostly by a researcher at Texas A&M named Conrad Dudek) that gives guidelines for how to design CMS messages, and one of the most basic guidelines is "motorists don't have time to read 3 screens worth of information."
(Some of t
Easy peasy (Score:5, Informative)
Easy but regulated by federal law.
See:
http://en.wikipedia.org/wiki/T... [wikipedia.org]
http://www.themirt.com/ [themirt.com]
http://boingboing.net/2006/04/... [boingboing.net]
http://www.advancedtraffic.com... [advancedtraffic.com]
There are several standards in use - ~10Hz, ~12Hz, and ~15KHz
Re: Easy peasy (Score:2)
This just in... (Score:1, Insightful)
Things that can be hacked:
Your front door: battering ram, sledgehammer, or even less for most doors. How often is nobody home and your home vulnerable to this simple attack?
All glass windows, especially those thin ones on residential homes.
Banks, bring a gun and a note.
Why aren't these things a problem? Because: a) most people aren't schmucks, and b) for those who are, there are police who enforce laws and generally keep order - find people who cause mayhem, arrest them and remand them for judgement.
Incas
Re: (Score:2, Insightful)
Duh... (Score:2)
Anybody who saw the Hackers movie would've noticed that...
HACK THE PLANET!!
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re:low impact (Score:4, Informative)
It is unlikely that the controller is able to set multiple cross signal lights to green at the same time. I did some work on one these systems about 20 years ago, and it contained circuitry (and physical switches to set the system) to lock out that kind of thing from happening (due to either a bug in the code, a failed code update, or in this case a hack). I assume newer units would have a small supervisory microcontroller to detect other anomalies, but either way if something went wrong the circuitry forced all light stacks to flash orange.
This doesn't mean there aren't safety critical systems out there that have been designed by cowboy or non-embedded coders (like the current crop of ATMs that are far slower and unresponsive than previous models and probably have never felt the touch of an embedded systems expert).
But, it is unlikely that a hack can cause accidents, beyond frustrating motorists by setting the lights red, or forcing one set continuously green.
Re: (Score:1)
Re:low impact (Score:4, Informative)
I would be surprised if real traffic light controllers did not have such a safety module.
They do. I worked for a company in 2005 that designed and manufactured traffic light controllers. We bought a standard module from a different company that just watched for conflicting signals, and switched the intersection to all flashing red if it ever saw one. Of course, it was a micro-computer, not an Electrical Engineering class project, but it wasn't connected to the internet and it didn't have any wireless communications ability, so it couldn't be hacked by anything short of physical presence and hand tools.
~Loyal
Re: (Score:1)
Re: (Score:2)
I worked in this area 5 year ago. The switches have been replaced by a 2nd CPU which handles safety, and cannot be overridden from the main CPU.
So, all-green cannot happen. But the systems are far from safe. System I worked on was based on Linux, had pretty much an open-telnet server running. But is intended to run on a private network, not connected to the internet. However, connecting to this network you could own all the lights in seconds.
But, as you say, the value of this would be low. You could disrupt
Re: (Score:3)
Most folks pay attention to more than just what the light says
Lots of people don't pay any attention at all. That's why defensive driving is so important; someone must be paying attention, and assuming the other person isn't.
Sign story (Score:5, Funny)
He set up a scroll for sometime late one particular evening saying "CALL DEMENTED DATA SYSTEMS - 555-5555 (insert real phone number). So that evening after many beers, the band of drunken ~18 year old geeks went out to the street corner across the road and watched. Sure enough, after what seemed like ages of waiting, there it was scrolling across the screen.
So, yeah, in the olden days some crap was pretty easy to play with.
Re:Sign story (Score:5, Insightful)
Re: (Score:1)
Apparently the moderators are newfags and aren't old enough to understand the term war dialing. There's absolutely no reason your post should have been moderated as trolling. It's sad how often the children here attack things they don't understand.
Re:Sign story (Score:4, Insightful)
They still have wardialling, it's called nmap.
The issue with movies isn't what gets hacked (Score:4, Insightful)
Real havoc takes work. It takes hours of looking through the output of a debugger and disassembler, running a fuzzer, etc, etc.
Sneakers movie was good with how stuff really work (Score:3)
Sneakers movie was good with how stuff really worked
Re: (Score:2)
Re: (Score:2)
can you link to the actual story please? (Score:1)
We have here a post with a summary linked to a summary that is linked to the actual article. Imagine the number of Facebook and Twitter shares Of this /. piece that will end up being summaries linking to a summary linking to a summary linking to the article. Silliness.
Right Angle Horror Show (Score:1)
Although the design of newer signals in 1970 took great pains to avoid green lights on all sides of a signal it actually happened in Ft.Lauderdale about 1970 and the consequences were dramatic and involved injuries. Payment to victims was avoided as the company that installed the light pointed at the company that built the equipment who pointed at the company that shipped the light and then they pointed at the city as the city owned the light. They turned it into a game of being unable to point to t
Re: (Score:1)
In some states cities have immunity from being sued, so you don't even have to play the "blame each other game" - just make sure the city winds up with the blame.
Jams, yes, all-green-lights, probably not (Score:3, Insightful)
I can see a hack that messed up the timing of traffic lights to create a traffic jam, but unless things have changed in the last decade or two, traffic lights in my country have "both way green light detectors" safeties.
If a light detects that it is green and a "conflicting" light is also green, the whole system will reset to a "safe mode" such as a 4-way flashing-red-light.
So, yeah, I think scenarios where a hacker or evil-computer-that-takes-over-the-city that turns the lights to green-in-all-directions is a bit far-fetched.
If I'm wrong, either the traffic engineer who didn't order the safeties put in, the installer who put the wrong thing in, or the manufacturer who didn't build the safeties safe enough needs to be called on the carpet.
Re: (Score:2)
As one who works with these currently, I can confirm.
The main CPU has its software written in such a way, that you can't force green on two conflicting directions. Simply, the traffic program won't allow them, not through some emergency modes but just not starting a conflicting green until the prior one is lit and sufficient time after it went off was elapsed.
You could try to override it, say, redefining signal color definitions, "green is the new red", or even try to short-circuit the wires. But that is de