Are they worth it as a target? With an RPI and openalpr I can easily build my own license plate reader in one evening. This technology is so far out of the bag already.
I’m critical of people like me (millennial, working in tech) and I think I have good reason. I hear so many bizarre technological “solutions” to what are ultimately policy issues. If we spent half that time instead lobbying our representatives we would be in a much better place as a society. Can you name your state rep? How about you write them a little today rather than succumb to cynicism or spitballing tech.
Reading the license plate is trivial, its processing, and doing the advanced queries that make ALPR solutions real.
Sure you could create a bunch of pi cams able to handle a few reads per second, but then say you want to know what plates have traveled with your target plate between multiple camera sets to see if someone is being followed, or you have cell phone pings and want to search all cameras in the radius of that tower for a plate.
The reading isn't hard, its fully solved, the economical and real-time searching of plates and evidence compilation is the much harder problem.
> I hear so many bizarre technological “solutions” to what are ultimately policy issues.
Tech is empowering, much moreso than playing politics.
Consider something like the Kafkaesque nightmare that is applying for (and keeping) food stamps. It doesn't need to be complicated (nor should it be!), but you can either try to convince elected officials to make the poor a priority and fix the process or roll up your sleeves and write a script to complete the forms in triplicate, generate mailing labels with delivery confirmation, remind users of deadlines and pull phone records to prove the social worker never called like they said they did in the denial letter.
Or you could petition, harass, bribe and cajole your way into enacting change, and have it all overturned with a change in administration.
In some part these technical solutions exist to fix people problems. Look at the internet itself-- where problems exist (a country's politicians/dictator makes the nation unroutable), you don't wait for a coup, you route around it.
But also in some part these solutions are just modern rent-seeking, so...
> Are they worth it as a target? ... This technology is so far out of the bag already.
The point is that if you have access to their systems you can affect what is reported. For example you could add a bogus plate to the data stream, or remove one, or perform a substitution. I think we can all imagine cases were doing such a thing might be useful to someone.
Others have also pointed out that it’s possible that this company has some particularly interesting recognition technology, but I agree with you that this is really a second order issue.
Politics is about convincing as many people as possible to vote your way, and to make a big difference, you have to do it at scale. Changing people's minds is hard. Much like sales, it also has downsides like making a pest of yourself.
It's important, but I am a bit frustrated by shallow encouragement that makes politics sound like it's easy. It's like saying "get a job" rather than providing actually helpful resources and training to find a job.
I think the reason why this is significant is not so much that the proprietary files were leaked, rather the amount and breadth of personal information exposed along with the insinuation that this company's network (who maintains large amounts of personal data of unwitting participants) is not secure.
I bet a little digging and we will discover that this network was hopelessly undefended and their software is horribly riddled with holes and poor security practices.
It was obviously done to impact the company as an entity rather than to target individuals or the government. It's quite obvious, to me, that the attackers wanted to dump a large liability in someones lap and perhaps for good reason. If this company can't secure the data it collects about innocent civilians then it shouldn't be allowed to collect it.
Perceptics is a pretty big player in the license plate camera market. This breach is extremely embarrassing for them and will doubtless put their future work with government in jeopardy as they become a political target. I wonder if this hack was perpetrated by China as retribution for the Huawei blockade? The Chinese perhaps have an arsenal of such breaches ready for release when the right politician needs a nudge.
>> Can you name your state rep? How about you write them a little today rather than succumb to cynicism or spitballing tech.
Yes I can name (all) of my state's representatives. No I'm not going to write them. Your letter and sending information get filed under an equivalent of "dissenters". That's kind of the entire point here.
I would be more interested in the security implications. Hackers now have access to the source code; what kind of attack surfaces does this yield against customers who purchased the compromised software?
Related to this, I'd love to see some in-depth wire brushing done on how the US got blanketed with 4 way cameras at every intersection and how this data is used/kept, and by whom.
I first noticed it in major centers years back, but now it seems even small towns have cameras at every intersection.
From an IT perspective it's a pretty interesting project, but from a tin-foil-hat perspective it's astonishing when you imagine the ability to link all these cameras together in real-time.
We have them all over the place in Michigan. I specifically asked my friend who's a civil engineer with the county road commision when some were being installed just down the road from my house why they were being added. I was personally concerned at the prospect of red light cameras, which are currently banned in the state.
The explanation was that they were updating the stoplight controls. One of the inductive sensors in the road had failed, and it was cheaper to have a guy in a bucket truck stick a couple cameras on the pole than to rip up the road.
The cameras are used to see the volume of vehicles in each lane and dynamically adjust light timings. And since I drive through the intersection multiple times a day, I have noticed an improvement. They skip the left turn sequence if no one is waiting, and rarely have a big backup when volume is high in one direction for the commute. Also, the left turn timer used to be very short (like 2 cars making it through on green, one on yellow, and the 4th car often took control and went on red), which was nice when there was only one car and you wanted to go straight, but annoying when you were one of 6 or 7 cars in line and an extra five seconds would let everyone make the turn but instead you had to wait through multiple light cycles. Now it seems to often hold the turn cycle long enough to let the whole line empty out.
But I totally agree that the idea of a soft update to either issue red light tickets or track license plate activity is extremely concerning. Might end up with a stray paintball from my backyard accidentally hitting the lens if they make that a policy change.
My 2016 car came with three cameras. My phone has two.
Cameras are already everywhere. As they become even more dirt cheap, that will only hyper-increase, even if governments somehow completely stays out of it.
Sometimes you enter into a new technological era, and you have to accept that things have changed.
Sometimes I ask people about the cameras and the white boxes (those ubiquitous white boxes on poles, often solar-powered, along highways pointing perpendicular to moving traffic). I ask what they think - who put them up, what data they collect, where that data goes.
I am routinely met with blank stares and "I don't know what you're talking about". It baffles me.
Good job vetting your vendors Uncle Sam! Somehow, we'll end up paying (taxpayers) to clean this up - just like we paid to deploy it. Sure would be nice if we had any voice/vote in these things...
If you are a citizen and have not been disenfranchised, and I grant you that many fall outside of these buckets, you absolutely have a say. That say is that you can elect whomever you want to decide these things for you. It is the central mechanism in a representative democracy.
This is a flawed viewpoint. The idea that any single company can stand up to a nation state is absurd. The level of resources that Russia or China brings to bear for a single hack is far beyond what any company or even groups of companies could defend against.
This is the unfortunate weakness of the Western style democracies in the face of totalitarian states. We have a much more obvious divide between private and public entities. In China and Russia, the lines are blurred and often they get much better support from the government to defend and hack the opposition. Even to the point where China will hack US companies and just give the IP to Chinese companies.
> The files also include .mp3 files, presumably from someone's desktop or laptop PC. Among the songs: Superstition, by Stevie Wonder, and Wannabe by Spice Girls, and a variety of AC/DC and Cat Stevens songs.
Quite an odd detail to add to the article, why was this seen as relevant?
This is dystopia, but this is not just any dystopia, this is dystopia with 'justification', this dystopia is 'legal' and for many that word somehow makes everything ok, but for the rest of us trivializes everthing of value.
There is so much cognitive dissonance and denial in the tech community and their role not just in building but also defending and whitewashing narratives that its becomes difficult to see movies and read about surveillance dystopia and be expected to feel creeped out and then return to current reality where its sort of normalized and ok.
Looks like Russians (disclaimer: am Russian, work in infosec).
Some previous hacks that were attributed to Russians, like Shadow Broker leak, actually were executed by somebody else, I think. This one is more suspicious, in my opinion.
Wouldn't the first thing a good hacker would do is to make sure he doesn't get cought? A good start would be to make it look like someone else did it, especially a entity that can't be checked or would cooperate to catch the actual hacker like the Russians or Chinese.
[+] [-] dev_dull|6 years ago|reply
I’m critical of people like me (millennial, working in tech) and I think I have good reason. I hear so many bizarre technological “solutions” to what are ultimately policy issues. If we spent half that time instead lobbying our representatives we would be in a much better place as a society. Can you name your state rep? How about you write them a little today rather than succumb to cynicism or spitballing tech.
[+] [-] jermaustin1|6 years ago|reply
Sure you could create a bunch of pi cams able to handle a few reads per second, but then say you want to know what plates have traveled with your target plate between multiple camera sets to see if someone is being followed, or you have cell phone pings and want to search all cameras in the radius of that tower for a plate.
The reading isn't hard, its fully solved, the economical and real-time searching of plates and evidence compilation is the much harder problem.
[+] [-] jstarfish|6 years ago|reply
Tech is empowering, much moreso than playing politics.
Consider something like the Kafkaesque nightmare that is applying for (and keeping) food stamps. It doesn't need to be complicated (nor should it be!), but you can either try to convince elected officials to make the poor a priority and fix the process or roll up your sleeves and write a script to complete the forms in triplicate, generate mailing labels with delivery confirmation, remind users of deadlines and pull phone records to prove the social worker never called like they said they did in the denial letter.
Or you could petition, harass, bribe and cajole your way into enacting change, and have it all overturned with a change in administration.
In some part these technical solutions exist to fix people problems. Look at the internet itself-- where problems exist (a country's politicians/dictator makes the nation unroutable), you don't wait for a coup, you route around it.
But also in some part these solutions are just modern rent-seeking, so...
[+] [-] gumby|6 years ago|reply
The point is that if you have access to their systems you can affect what is reported. For example you could add a bogus plate to the data stream, or remove one, or perform a substitution. I think we can all imagine cases were doing such a thing might be useful to someone.
Others have also pointed out that it’s possible that this company has some particularly interesting recognition technology, but I agree with you that this is really a second order issue.
[+] [-] xrd|6 years ago|reply
[+] [-] skybrian|6 years ago|reply
It's important, but I am a bit frustrated by shallow encouragement that makes politics sound like it's easy. It's like saying "get a job" rather than providing actually helpful resources and training to find a job.
[+] [-] zelon88|6 years ago|reply
I bet a little digging and we will discover that this network was hopelessly undefended and their software is horribly riddled with holes and poor security practices.
It was obviously done to impact the company as an entity rather than to target individuals or the government. It's quite obvious, to me, that the attackers wanted to dump a large liability in someones lap and perhaps for good reason. If this company can't secure the data it collects about innocent civilians then it shouldn't be allowed to collect it.
[+] [-] ttul|6 years ago|reply
[+] [-] module0000|6 years ago|reply
Yes I can name (all) of my state's representatives. No I'm not going to write them. Your letter and sending information get filed under an equivalent of "dissenters". That's kind of the entire point here.
[+] [-] unknown|6 years ago|reply
[deleted]
[+] [-] anigbrowl|6 years ago|reply
[+] [-] craftinator|6 years ago|reply
[+] [-] threatofrain|6 years ago|reply
[+] [-] 8note|6 years ago|reply
[+] [-] canada_dry|6 years ago|reply
I first noticed it in major centers years back, but now it seems even small towns have cameras at every intersection.
From an IT perspective it's a pretty interesting project, but from a tin-foil-hat perspective it's astonishing when you imagine the ability to link all these cameras together in real-time.
[+] [-] LeifCarrotson|6 years ago|reply
The explanation was that they were updating the stoplight controls. One of the inductive sensors in the road had failed, and it was cheaper to have a guy in a bucket truck stick a couple cameras on the pole than to rip up the road. The cameras are used to see the volume of vehicles in each lane and dynamically adjust light timings. And since I drive through the intersection multiple times a day, I have noticed an improvement. They skip the left turn sequence if no one is waiting, and rarely have a big backup when volume is high in one direction for the commute. Also, the left turn timer used to be very short (like 2 cars making it through on green, one on yellow, and the 4th car often took control and went on red), which was nice when there was only one car and you wanted to go straight, but annoying when you were one of 6 or 7 cars in line and an extra five seconds would let everyone make the turn but instead you had to wait through multiple light cycles. Now it seems to often hold the turn cycle long enough to let the whole line empty out.
But I totally agree that the idea of a soft update to either issue red light tickets or track license plate activity is extremely concerning. Might end up with a stray paintball from my backyard accidentally hitting the lens if they make that a policy change.
[+] [-] BurningFrog|6 years ago|reply
Cameras are already everywhere. As they become even more dirt cheap, that will only hyper-increase, even if governments somehow completely stays out of it.
Sometimes you enter into a new technological era, and you have to accept that things have changed.
[+] [-] 24bug47|6 years ago|reply
[+] [-] module0000|6 years ago|reply
[+] [-] azinman2|6 years ago|reply
[+] [-] wbronitsky|6 years ago|reply
[+] [-] jorblumesea|6 years ago|reply
This is the unfortunate weakness of the Western style democracies in the face of totalitarian states. We have a much more obvious divide between private and public entities. In China and Russia, the lines are blurred and often they get much better support from the government to defend and hack the opposition. Even to the point where China will hack US companies and just give the IP to Chinese companies.
[+] [-] UncleSam|6 years ago|reply
[+] [-] glitcher|6 years ago|reply
Quite an odd detail to add to the article, why was this seen as relevant?
[+] [-] sct202|6 years ago|reply
[+] [-] kabwj|6 years ago|reply
[+] [-] nikisweeting|6 years ago|reply
[+] [-] throw2016|6 years ago|reply
There is so much cognitive dissonance and denial in the tech community and their role not just in building but also defending and whitewashing narratives that its becomes difficult to see movies and read about surveillance dystopia and be expected to feel creeped out and then return to current reality where its sort of normalized and ok.
[+] [-] blibble|6 years ago|reply
same as my local supermarket's car park?
[+] [-] atemerev|6 years ago|reply
Some previous hacks that were attributed to Russians, like Shadow Broker leak, actually were executed by somebody else, I think. This one is more suspicious, in my opinion.
[+] [-] sschueller|6 years ago|reply
[+] [-] Cakez0r|6 years ago|reply
[+] [-] samstave|6 years ago|reply
[deleted]