Bad news for California drivers (me) that use Fastrak (me) to get past toll roads and bridges fast (me). Hackaday reports that a security researcher named Nate Lawson presented information at the Black Hat conference in Vegas that demonstrated that the tags perform no authentication whatsoever, meaning a dude with a reader can go around a parking lot and read the IDs of every Fastrak transponder there. Even worse, there's unsecured over-the-air upgrades, so that same guy can overwrite tags at will, messing things up for everyone.
How do we fix this system? Here's the problem: the system is defined by California law. An update to the way things are done would take legislative action. [Nate] suggested one possible check that could be implemented to determine if the system was being exploited at this time: When a tag read fails now, the system takes a picture of your license plate so a human can determine what account it belongs to. The system could be updated to randomly take photos of cars that were reading correctly just to make sure the ID belongs to the car pictured.
And from the sound of it, it's pretty difficult to fix. [Hackaday]