On Aug 26, 2008, at 10:15, [EMAIL PROTECTED] wrote:

On Tue, Aug 26, 2008 at 9:24 AM, Perry E. Metzger <[EMAIL PROTECTED]> wrote:

http://www.technologyreview.com/Infotech/21301/?a=f

From the article: "other toll systems, like E-Z Pass and I-Pass, need
to be looked at too"

A couple years ago I got a letter from E-Z Pass a few days after I
used my transponder in my new car without registering my new car. They
gave me a grace period to register before making me pay some sort of
penalty.

So, I believe, at least for E-Z Pass, the attack would have to include
cloning the license plate and pictures may still be available whenever
a victim realizes they have been charged for trips they did not take.


I believe that's correct. In fact, the plate recognition technology they
use seems to be good enough to make the transponder itself redundant.
I know several people with E-Z Pass who disconnected the internal
battery of their transponder (out of concern that there might be
hidden readers around town that track vehicles at places other than
toll gates).   Even with dead transponders, their accounts are still
charged accurately when they pass toll gates. (The sign displays "EZ Pass
not read" or some such thing, but the account is debited within a day
or two anyway).

-matt

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to