Hackers Jailbreak Digital Plates to Make Others Pay Tolls, Tickets
Security Risks of Digital License Plates Revealed
Digital license plates, marketed for their customization and convenience, have been found to be vulnerable to hacking, raising significant security concerns.
Key Findings
- Jailbreaking Vulnerability: Josep Rodriguez of IOActive demonstrated that Reviver’s digital plates can be “jailbroken” by attaching a cable to internal connectors and rewriting firmware, enabling unauthorized changes to the plate’s display.
- Potential Misuses:
- Drivers could evade tolls, traffic tickets, or speed cameras.
- License plate numbers could be altered to implicate other drivers in violations.
- Subscription fees could be bypassed.
- Hardware-Level Issue: The vulnerability stems from Reviver’s chips, requiring hardware replacement for a fix, which is impractical for the 65,000 plates already sold.
Additional Risks
- Jailbroken plates could be exploited remotely if a hacker installs malicious firmware.
- Tools developed for jailbreaking could be sold online, making the process accessible to non-experts.
Company Response
- Reviver downplayed the risk, citing the need for physical access and specialized tools, though Rodriguez disputes this, arguing the process is simpler once reverse-engineered.
- The company plans to redesign its plates with more secure chips but cannot patch existing vulnerabilities.
Implications
- Digital license plates are currently legal in a few states, with more states considering adoption.
- Security researchers warn that reliance on digital plates could lead to systemic vulnerabilities, necessitating robust safeguards from manufacturers, regulators, and law enforcement.
Conclusion
As digital license plates become more widespread, their security challenges highlight the need for careful oversight and improved safeguards to prevent misuse and ensure trust in the technology.