A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


E-ZHack: An Update on SDR and Toll Booth Reverse Engineering - Kyle Westhaus BSides Columbus Ohio 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

E-ZHack: An Update on SDR and Toll Booth Reverse Engineering
Kyle Westhaus
BSides Columbus Ohio 2019

Upon release of the RTL-SDR in 2012, the entry barrier to the world of recording and analyzing radio communications with software defined radio was reduced to a mere $25 for a widely available over-the-air TV dongle. Since then an amateur community has developed, focused on inspecting the devices around us and the signals they produce. In the past, toll booths have attracted some attention from the security community. At Defcon 21, Pukingmonkey discussed toll booth transponders in terms of noticeable privacy violations, and at Blackhat 2008, Nate Lawson dissected a FasTrak transponder both in terms of its radio protocol and microcontroller. However, the E-ZPass transponders have avoided the same radio analysis until now. In April 2018, Steve Markgraf, involved in the original RTL-SDR release, gave a presentation about discovery of the transmit-side twin of the RTL-SDR: the Osmo-fl2k. This presentation will discuss the above topics and the security concerns that arise when they combine. I will cover relevant introductory RF information and the analysis of the E-ZPass system similar to Lawson’s analysis of the FasTrak system before moving on to discussion of new attacks unleashed by low-cost raw transmit capability.

Kyle Westhaus is currently a Computer Science Engineering student at THE Ohio State University. Since the age of 11, his curiosity has driven his self-taught skills in computer science and security. Kyle is an active member of the Cybersecurity Club at Ohio State.

Back to BSides Columbus Ohio 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast