Michigan team finds security flaws in traffic lights
What if attackers could manipulate traffic lights so that accidents would happen with mayhem as the result? That is a question many would rather put off for another day but authorities feeling responsible for road safety are generally willing to consider all the what-ifs, assess their impact, and look for protective measures. According to a detailed report in Tuesday's MIT Technology Review, a road agency gave Michigan researchers permission to hack into almost 100 wirelessly networked traffic lights. The real news is what this electrical engineering and computer science team from the University of Michigan discovered. They saw three troubling weaknesses in the traffic light system they studied: unencrypted wireless connections, the use of default usernames and passwords that can be found online, and a debugging port easy to attack. Who is to blame? In their paper, "Green Lights Forever: Analyzing the Security of Traffic Infrastructure," which they will present...