[Noisebridge-discuss] Report from Black Hat and Defcon about a new Noisebridge/L0pht/FlyLogic project
Jacob Appelbaum
jacob at appelbaum.net
Sat Aug 1 23:41:34 UTC 2009
Hi,
I'm happy to report that Joe Grand, Chris Tarnovsky and I successfully
gave our talk at Black Hat about Smart Parking meters. We purchased
various parking meters on eBay, we did some various hardware probing and
we decided to perform a case study. We had some pretty good feedback
from the results! Early today Joe and I gave our talk again at Defcon
17. A lot of Noisebridge people came out and we packed the room at both
conferences. Thanks to those that came!
One of our goals was to discuss general "smart" parking meter issues and
to show how this is an industry wide problem. Furthermore, we wanted to
show that specific machines are far from perfect. You should be able to
dispute tickets, these things are a joke; they're designed to withstand
attacks by vandals with metal foil, not anyone targeting the system. The
city and it's people should very strongly reconsider their desire to
install over 300,000 meters into every corner of our city.
To be explicit (so please don't ask for secret codes):
We had no intention of defrauding the SF meter system and so we've
sanitized the emulator that we've released. It's basically just a
partial ISO7816 smart card emulator. Nothing too special!
Our specific case study was covering the San Francisco parking meters.
We decapped the two different kinds of payment smart cards and imaged them:
http://crypto.nsa.org/f-21/silicon-die-analysis-slide-shot.png
We were able to successfully breach the smart card payment system. We
did so by treating it as a simple black box - we didn't require a meter
and we simply had to intercept the communications between the card and
the meter. It only took three days to reverse and emulate everything.
The emulator is loadable onto a normal silver card. Here's the money shot:
http://crypto.nsa.org/f-21/parking-meter-ffffff.png
Here's two quick write ups about the talks:
http://ioerror.livejournal.com/511553.html
http://www.grandideastudio.com/portfolio/smart-parking-meters/
Here's our slides:
http://grandideastudio.com/wp-content/uploads/smart-parking-meter-slides.pdf
Here's our emulator code:
http://grandideastudio.com/wp-content/uploads/smart-parking-meter-sanitized-src.zip
Best,
Jake
More information about the Noisebridge-discuss
mailing list