FasTrak Toll Hacking: Dangerous Or Ridiculous?

A "Black Hat security researcher" claims he has discovered security flaws in the FasTrak toll transponder used by drivers in California and Colorado. However, the story is quickly dismantled as "baloney" by a toll road industry insider.

From the original article on the "Dark Reading" website:

"A Black Hat researcher recently reverse-engineered the popular RFID-based FasTrak toll tag that some drivers in the San Francisco Bay Area affix to their windshields for pre-paying highway tolls, and discovered some gaping security holes that leave these transponders vulnerable to sniffing, cloning, and surreptitious tracking of a driver's comings and goings. Nate Lawson, principal with Root Labs, will demonstrate at Black Hat USA next month in Las Vegas what he found inside those toll tags (hint: no encryption), and he will release an open-source tool for users to protect their toll tags from abuse."

From the evaluation by Toll Roads News, which concludes that the charge is dubious:

"Dark Reading reports: 'Lawson is also researching whether malware could be planted on a FasTrak transponder.' That sentence makes us think this guy Lawson is an amateur. The only "research" needed to establish whether anything could be planted on the FasTrak transponder is a visit to the website of the manufacturer...

If you cloned someone else's transponder account number you might put some tolls on someone else's account for a month or so, until the account holder saw the anomalous toll charges. Once notified, all the toll authority would have to do to catch you would be to program the violation cameras to retain pictures of the transactions on that account number, and they'd have you for fraud."

Full Story: FasTrak hacking claim - we suspect it's baloney

Comments

Comments

Fastrak is not doing anything, and doesn't care about security

"Once notified, all the toll authority would have to do to catch you would be to program the violation cameras to retain pictures of the transactions on that account number, and they'd have you for fraud"

Well, that's the key issue. Fastrak is NOT doing anything to catch criminals - even though it is actually very easy, given they already have HD cameras and systems already in place to catch any person's face and license plate associated with a specific transponder ID.

And I love how your article source speaks with such skepticism that an RFID device ID could either be copied from a legitimate Fastrak device owner, or outright created at random if the criminals know the ID pattern. It's a fact. Get over it. And it's not just RFID. I know people on Vonage (internet phone service through a uniquely ID's device you install between your internet connection and the phone) who have experienced the issue of random ID generation, combined with $10 in radio-shack hardware - and viola - some jerk gets free phone service through a vonage-emulating box he bought off the techie criminal for $50.

Someone is using my Fastrak ID right now - and has been for almost 6 months. I've reported it and documented the cases to Fastrak numerous times. The response? None.

I have to report the issue on PAPER (no email or online form to report possible security issues with a system used millions of times every day), EVERY TIME I see the fraudulent tolls on my statement.

The person using my transponder ID drives through the same road every few days in fact... I could probably stand by the side of the road and catch him faster than Fastrak ever will - even though they could enter the transponder ID in their systems, and get a nice photo of the criminal, his vehicle and license plate, all in just a few days, and without any law enforcement time or resources necessary - other than to arrest the jerk where he works.

And here's the real kicker: I finally got fed up with the run around, and went to report the device stolen on the Fastrak site... Even though I have the device, someone has stolen the ID to it - which is effectively the same thing as theft in my mind. How does Fastrak help me report a crime? I have to send them a paper form by snail mail (again), AND THEN they'll charge my account $20 for the device.

Nice. My tax dollars were used to give Fastrak toll lanes on bridges my tax dollars built. The city and state gave them those lanes to generate easy revenues for themselves, while Fastrak takes a big cut...

And this is how they protect their own customers?

Prepare for the AICP Exam

Join the thousands of students who have utilized the Planetizen AICP* Exam Preparation Class to prepare for the American Planning Association's AICP* exam.
Starting at $199
Planetizen Courses image ad

Planetizen Courses

Advance your career with subscription-based online courses tailored to the urban planning professional.
Starting at $14.95 a month

City Coasters

Hand-drawn engraved maps of your favorite neighborhoods are divided up across 4 coasters making each one unique.
$36.00

Stay thirsty, urbanists

These sturdy water bottles are eco-friendly and perfect for urbanists on the go.
$19.00