Digital license plates sold by Reviver have recently been hacked to allow their displays to show any characters or images – which could permit them to evade traffic regulations, law enforcement or even to charge their tolls and tickets to other drivers. The benefits of a digital license plates have become popular for their ability to be changed to a novelty message or even be flagged when a car has been stolen.
As reported by Wired, the jailbreak was demonstrated by security researcher Josep Rodriguez from the security firm IOActive, who removed a sticker on the back of the plate and attached a cable to the internal connectors to rewrite the firmware. The plate can then be commanded via Bluetooth from a smartphone app to change the display and what it shows.
Digital license plates are currently legal to buy in California, Arizona and Michigan, and commercially legal in Texas; they’re legal to drive with nationwide though. Reviver is a leading seller of digital plates and has sold roughly 65,000 of them – because the security flaw that Rodriguez used to jailbreak the plates exists on a hardware level in the chips themselves, Reviver cannot resolve the issue with a simple software update.
The plates will remain vulnerable despite the warning of the flaw, which could allow bad actors to evade any system that uses license plate numbers for enforcement or surveillance from speeding to parking tickets to tracking criminal suspects. It would also allow hackers to use the plates’ features, like the built-in GPS tracking, without paying the $30 a month subscription fee.
Reviver has stated that the jailbreaking activity would “be a criminal act subject to prosecution by law enforcement and the jailbreak technique identified by IOActive requires physical access to the vehicle and plate, plate removal, specialized tools, and expertise,” and that “this scenario is highly unlikely to occur in real-world conditions limiting it to individual bad actors knowingly violating laws and product warranties.”
While the plate removal does require side stepping a notification to the owner when the plate becomes detached from the vehicle, which would mean the hacker would have to jam the plates’ radio communications while tampering with it, Rodriguez says that his overall reverse engineering method doesn’t require technical complexity and would be as easy as jailbreaking one of the best iPhones.
Regardless, Reviver is still redesigning its future license plates to avoid using chips that are vulnerable to this technique in the future.
.jpg "How Traveling With Family Made a Familiar Route in France Feel New Again")
