Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Communications Encryption Transportation

Tapping Data From Radio-Controlled Bus Stop Displays 75

Posted by timothy from the how-to-get-hypnotized dept.
jones_supa writes "A couple of weeks ago hacker Oona Räisänen told about finding a 16 kbps data stream on FM broadcast frequencies, and her suspicion was that it's being used by the public transit display system in Helsinki, Finland. Now it's time to find out the truth. She had the opportunity to observe a display stuck in the middle of its bootup sequence, displaying a version string. This revealed that the system is called IBus and it's made by the Swedish company Axentia. Sure enough, their website talks about DARC and how it requires no return channel, making it possible to use battery-powered displays in remote areas. Other than that, there are no public specs for the proprietary protocol. So she implemented the five-layer DARC protocol stack in Perl and was left with a stream of fully error-corrected packets on top of Layer 5, separated into hundreds of subchannels. Some of these contained human-readable strings with names of terminal stations. They seemed like an easy starting point for reverse engineering..."
This discussion has been archived. No new comments can be posted.

Tapping Data From Radio-Controlled Bus Stop Displays More

Tapping Data From Radio-Controlled Bus Stop Displays

Comments Filter:

  • The roots of hacking (Score:2, Interesting)

    by Anonymous Coward on Sunday November 24, 2013 @10:40AM (#45506813)

    This, my friends, is true hacking. While this sort of stuff has become less common over the years, it is people such as this that provide real value to the community in terms of improving security for the masses. I wish that I had more time (and equipment...and hand't forgotten so many of my skills) as there are a few projects like this that I'd like to dig into. For instance, I have a home security/automation system out at my farm. I am fully cognizant that the security provided by it is a joke, as any insider at the alarm company could turn off my alarm without my known, but that's beside the point. What I'm really interested in is the link between the alarm company and my system. I log into their super secure website (tongue in cheek here) and issue a command either from my computer or phone. The alarm company sends that command to my system via the local GSM network (2g or 3g). There's no documentation on this portion of the system. Is it secure? Encrypted? Could it be readily spoofed? Even if it is encrypted, is there sufficient proof of authority on the system issuing commands? Anyway, love this stuff!

  • See, this is kinda what I meant (Score:4, Interesting)

    by 50000BTU_barbecue ( 588132 ) on Sunday November 24, 2013 @10:43AM (#45506821) Journal
    when I said you don't need an oscilloscope anymore. Probably a SDR receiver that goes to a PC. What possible interest is there in looking at the raw RF at the antenna, which you won't see with an oscilloscope anyways (because I don't know any scopes with nV/cm settings yet), or the countless undocumented signals inside the receiver, which you won't access anyways because it's all on one chip?

    You're better off just finding what's already done and buy it. I myself have looked at the FM band on my old analog spectrum analyzer to look for SCA signals. http://en.wikipedia.org/wiki/Subsidiary_Communications_Authority [wikipedia.org]

    It's all wonderful fun, but when you can do the same with a 15$ USB receiver and some software, it all starts to look rather silly, no?

  • Recieve only, do not transmit. (Score:4, Interesting)

    by VortexCortex ( 1117377 ) <VortexCortex AT ... trograde DOT com> on Sunday November 24, 2013 @02:19PM (#45507901)

    That which can be received unsecured, can be broadcast as such. Only a matter of time now before the displays feature zombie attack warnings.

Slashdot Top Deals

BLISS is ignorance.

Close