Speakers expose virtualization, OS security gaps

Speakers expose virtualization, OS security gaps

Virtualization, rootkits and highway-tool systems were hot topics on the first day at Black Hat

Toll evaders

Not even highway electronic-toll systems got a pass at Black Hat.

Nate Lawson, founder of Root Labs, spoke at a session titled "Highway to Hell" that offered evidence of how it's possible to tamper with the commuter-toll system FasTrak by manipulating the radio-frequency-based equipment used by commuters in the San Francisco Bay Area and elsewhere to compromise data integrity and user privacy.

In a detailed technical presentation, Lawson said he had evidence he's willing to provide for free to local-area authorities and FasTrak equipment manufacturers to show them how it's fairly simple to alter the transponders used in FasTrak to come up with criminal attacks that would change electronic records-keeping, switch user IDs and undermine the system in other ways.

Lawson, a long-time researcher who now owns his own security firm in the Bay area, said his efforts to gain attention about security issues with FasTrak have been ignored to date by equipment vendors and local authorities.

Lawson said one step to take would be adding strong encryption to the electronic-toll system.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.


Show Comments