http://www.theregister.co.uk/2011/05/03/cop_car_hacking/ By Dan Goodin in San Francisco The Register 3rd May 2011 As a penetration tester hired to pierce the digital fortresses of Fortune 1000 casinos, banks and energy companies, Kevin Finisterre has hacked electronic cash boxes, geologic-survey equipment, and on more than one occasion, a client's heating, ventilation, and air-conditioning system. But one of his most unusual hacks came during a recent assignment testing the security of a US-based municipal government. After scanning several IP addresses used by the city's police department, he soon discovered they connected directly into a Linux device carried in police cruisers. Using little more than FTP and telnet commands, he then tapped into a digital video recorder used to record and stream audio and video captured from gear mounted on the vehicle's dashboard. He was shocked by the resulting live feed that eventually appeared on his computer screen “There was an officer in his vehicle heading somewhere in traffic in the middle of the day,” said Finisterre, who is principal of security consultancy Digital Munition. “He was clearly trying to respond to an incident or go where he was told to go, and I was able to see this in real time.” The account (PDF), which Finisterre published on Tuesday, underscores the overlooked risks that come with technology designed to give authorities minute-by-minute “situational awareness” about the emergencies to which their officers are responding. While real-time audio and video from cars often provides police brass with crucial information about what's happening during traffic stops, the devices often make that intelligence available to anyone with an internet connection. [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Tue May 03 2011 - 07:52:52 PDT
This archive was generated by hypermail 2.2.0 : Tue May 03 2011 - 08:04:02 PDT