CNet News reports a FasTrak/EZPass exploit from the Black Hat security conference in Las Vegas. Millions of older transponders in use have unencrypted RFID chips, allowing a malicious individual to steal ID's and use those accounts to get free tolls using a "cloned" transponder. Transponders can also be reprogrammed on the fly, wreaking all sorts of havoc down at Billing Central. Also, an "electronic alibi" could be created that could have a miscreant listed in the system has having paid a toll at a particular place and time when they were elsewhere. Newer transponders do have some security to prevent reprogramming, although this was also defeated. The hacker involved suggests inserting a switch to the keep the transponder from automatically activating, the less convenient alternative being the bag the unit came in or an aluminum foil wrap.
Find Reviews by Make: