Follow Slashdot stories on Twitter


Forgot your password?
Transportation Security

It's Easy To Hack Traffic Lights 144

An anonymous reader notes coverage of research from the University of Michigan into the ease with which attackers can hack traffic lights. From the article: As is typical in large urban areas, the traffic lights in the subject city are networked in a tree-type topology, allowing them to pass information to and receive instruction from a central management point. The network is IP-based, with all the nodes (intersections and management computers) on a single subnet. In order to save on installation costs and increase flexibility, the traffic light system uses wireless radios rather than dedicated physical networking links for its communication infrastructure—and that’s the hole the research team exploited. ... The 5.8GHz network has no password and uses no encryption; with a proper radio in hand, joining is trivial. ... The research team quickly discovered that the debug port was open on the live controllers and could directly "read and write arbitrary memory locations, kill tasks, and even reboot the device (PDF)." Debug access to the system also let the researchers look at how the controller communicates to its attached devices—the traffic lights and intersection cameras. They quickly discovered that the control system’s communication was totally non-obfuscated and easy to understand—and easy to subvert.
This discussion has been archived. No new comments can be posted.

It's Easy To Hack Traffic Lights

Comments Filter:
  • Old news (Score:4, Informative)

    by neglogic ( 877820 ) on Friday August 22, 2014 @08:52AM (#47728255)
    This was central to the plot of the Italian Job. The real Napster took care of it.
  • by Mr D from 63 ( 3395377 ) on Friday August 22, 2014 @09:07AM (#47728393)
    From TFA,

    In fact, the most upsetting passage in the entire paper is the dismissive response issued by the traffic controller vendor when the research team presented its findings. According to the paper, the vendor responsible stated that it "has followed the accepted industry standard and it is that standard which does not include security."

    Don't blame the vendor, blame the standard. The vendor that includes security in his bid will have a higher price and lose to the vendor that doesn't.

The world is coming to an end--save your buffers!