Not even highway electronic-toll systems got a pass at Black Hat.
Nate Lawson, founder of Root Labs, spoke at a session titled "Highway to Hell" that offered evidence of how it's possible to tamper with the commuter-toll system FasTrak by manipulating the radio-frequency-based equipment used by commuters in the San Francisco Bay Area and elsewhere to compromise data integrity and user privacy.
In a detailed technical presentation, Lawson said he had evidence he's willing to provide for free to local-area authorities and FasTrak equipment manufacturers to show them how it's fairly simple to alter the transponders used in FasTrak to come up with criminal attacks that would change electronic records-keeping, switch user IDs and undermine the system in other ways.
Lawson, a long-time researcher who now owns his own security firm in the Bay area, said his efforts to gain attention about security issues with FasTrak have been ignored to date by equipment vendors and local authorities.
Lawson said one step to take would be adding strong encryption to the electronic-toll system.