Full Disclosure mailing list archives
Motorist wins case after maths whizzes break speed camera code (fwd)
From: "J.A. Terranson" <measl () mfn org>
Date: Wed, 10 Aug 2005 22:07:19 -0500 (CDT)
---------- Forwarded message ---------- Date: Wed, 10 Aug 2005 14:29:38 -0400 From: brucee () chunder com To: cryptography () metzdowd com Subject: Motorist wins case after maths whizzes break speed camera code The facts are very scrambled but I like it. The brief TV reports from lawyers were more factual. Motorist wins case after maths whizzes break speed camera code Sydney Morning Herald By Andrew Clark August 11, 2005 A team of Chinese maths enthusiasts have thrown NSW's speed cameras system into disarray by cracking the technology used to store data about errant motorists. The NRMA has called for a full audit of the way the state's 110 enforcement cameras are used after a motorist escaped a conviction by claiming that data was vulnerable to hackers. A Sydney magistrate, Laurence Lawson, threw out the case because the Roads and Traffic Authority failed to find an expert to testify that its speed camera images were secure. The motorist's defence lawyer, Denis Mirabilis, argued successfully that an algorithm known as MD5, which is used to store the time, date, place, numberplate and speed of cars caught on camera, was a discredited piece of technology. Mr Mirabilis yesterday said he had received more than 100 inquiries from motorists anxious to use the same defence. "People have shown it [the algorithm] has been hacked and it's open to viruses." Designed in the early 1990s by an American academic, MD5 safeguards against tampering by turning information into a 128-bit sequence of digits. However, researchers from China's Shandong University have proved it is possible to store conflicting pieces of information as the same MD5 sequence. Nick Ellsmore, an encryption expert at the consultancy SIFT, said this theoretically meant the RTA could change the speed at which a car was recorded and retain the same code. "Since the research came out, we've been recommending that clients move away from MD5 and we've certainly recommended that people don't use it for new applications," he said. The NRMA said it was crucial the public had confidence in convictions. Its policy specialist, Lisa McGill, said: "We want a full audit and a review of the system to ensure that it is working appropriately." The RTA's spokesman, Paul Willoughby, rejected the decision as a one-off: "No one, in relation to court cases, can be a hundred per cent sure they're going to win a hundred per cent of the time." NSW's weekly take from the cameras is more than $1 million. Meanwhile, the RTA denied reports that cameras catching toll evaders in the Harbour Tunnel are routinely turned off. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo () metzdowd com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Motorist wins case after maths whizzes break speed camera code (fwd) J.A. Terranson (Aug 10)
- Re: Motorist wins case after maths whizzes break speed camera code (fwd) James Longstreet (Aug 11)
- Re: Motorist wins case after maths whizzes break speed camera code (fwd) Valdis . Kletnieks (Aug 11)