E-Z Pass Takes a Toll on our Security

I had a long drive back to Florida after a visit to Utica, New York, in January 2014 and was listening to the radio. A report came on about Google, Hyundai, Audi, and some other companies getting together to develop new transportation connectivity. It got me thinking about how vulnerable we are everywhere: even in our car. Coincidentally, when I returned home, my new transponder from SunPass (Transponder-based Electronic Toll Collection) was waiting for me. SunPass is Florida’s automatic toll-pay system similar to New York’s E-Z Pass and others.

Like many people, I slap the device on my windshield, set up my user account, and take off on the not-so-freeways with nary a thought. As it turns out, I might not be as alone in my Prius as I thought.

“Puking Monkey,” a New Jersey electronics tinkerer, conducted a test by rigging his transponder to emit a mooing sound every time it was tracked. In his drive around New York City, Puke’s transponder mooed several times—but not near any tolls. He reports that the New York Department of Transportation claims the data is not stored—but that could not be verified. PBS’ Nova program reported, in 2009, that the NSA was using E-Z Pass records (along with other sources) to keep tabs on people. At BlackHat 2008, it was reported that California’s FasTrack was vulnerable because its readers didn’t perform any authentication. And, although FasTrack claims the data is anonymized, the courts still seem interested in that data for some reason.

On January 7, 2014, the New York Civil Liberties Union requested records from the NYPD and transportation agencies for city and state records to determine if E-Z Pass readers are being used to track motorists in areas not near toll booths. These readers are being deployed in places you would not expect a toll-reader: on residential buildings, for instance. According to notbored.org, the State of New York has been high-speed readers to collect data on unsuspecting motorists—since 1993!

According to one BlackHatter, Nate Lawson, California’s FasTrak could be susceptible to passive and active cloning. Just last year, the Golden Gate Bridge, in San Francisco, went to an all-electronic pay system, either through license plate readers or ETCs.

The case could be made that ETCs save lives, by helping law enforcement track missing people, stolen property, help prosecutor make a case against adulterers, kidnappers, and such. However, we are now willingly giving up one of the last few places a person can be alone with his thoughts while also being out in public.

References
http://hackaday.com/2013/09/16/modified-e-zpass-detects-reads-far-from-toll-booths/

http://www.notbored.org/EZ-Pass.html

http://www.root.org/talks/BH2008_HackingTollSystems.pdf

http://sallyannfredericktudor.wordpress.com/category/cyber-security/

http://www.amny.com/urbanite-1.812039/nyclu-requests-e-z-pass-tracking-records-amid-privacy-concerns-1.6752137

http://www.pbs.org/wgbh/nova/military/nsa-police.html