{"id":692,"date":"2009-02-06T01:05:01","date_gmt":"2009-02-06T09:05:01","guid":{"rendered":"http:\/\/cubist.cs.washington.edu\/Security\/?p=692"},"modified":"2009-02-06T01:05:01","modified_gmt":"2009-02-06T09:05:01","slug":"current-event-rigged-red-lights","status":"publish","type":"post","link":"https:\/\/secblog.cs.washington.edu\/Security\/2009\/02\/06\/current-event-rigged-red-lights\/","title":{"rendered":"Current Event: Rigged Red Lights"},"content":{"rendered":"

Summary<\/strong><\/p>\n

In Italy, public officials have been abusing their authority to make more money from the public by making reds come earlier<\/a> than they are supposed to (a shorter duration yellow than legally allowed).\u00a0\u00a0 This means that, since they use cameras to automatically give tickets to people running red lights (see security review of automated traffic cameras<\/a> for a different look at that aspect of it), they can make money off residents who are given inadequate time to come to a stop, and thus must run a red.<\/p>\n

Who Was Hurt By It
\n<\/strong><\/p>\n

Drivers have been economically affected, with 1439 people caught over two months (the fine is 150 Euros, or roughly $190 at current exchange rate).\u00a0 Prior to that, at most 900 people would have been expected to be caught assuming the maximum number of tickets normally given were given out per day (this means a 50% increase over a value previously considered unrealistic to obtain!).<\/p>\n

The public has also suffered a reduced amount of trust in the transparency and honesty of their government–a system which was out of their control and which they were mostly powerless to oppose or investigate was found to have been compromised in such a way that people were labelled as both criminals and charged unfair money.<\/p>\n

Who Did It<\/strong><\/p>\n

109 officials are being investigated with regards to it, although the programmer himself is the current person taking most of the blame in the news.\u00a0 Also involved were: police, local government officials, and the heads of seven different companies. Roughly 300 municipalities and a host of different companies were profiting from this scheme.<\/p>\n

What’s Being Done<\/strong><\/p>\n

Currently a criminal case is being pursued against those responsible.\u00a0 However, this does not really address the problem–the faulty systems are still in use, and ultimately fixing them should be the first priority.\u00a0 Although the programmer responsible has a lawyer proclaiming his innocence, ultimately a review of the cameras themselves will need to be done.<\/p>\n

Long Term View<\/strong><\/p>\n

This adds yet another complaint against automated traffic cameras.\u00a0 Many object on privacy reasons, but this also adds concerns about faulty software, either maliciously or through incompetence.\u00a0 Although it is unlikely that Italy will suddenly abandon automated traffic cameras, it may cause them to take a second look at them, at the least, and hopefully be more open in the future.\u00a0 In all likelihood, however, they will continue to use a closed source solution, and will merely (hopefully) patch this problem.<\/p>\n

Finally, this also adds another potential weakness to the list in the security review–corrupt officials who view it as a way of making more money.<\/p>\n

Source: http:\/\/arstechnica.com\/tech-policy\/news\/2009\/02\/italian-red-light-cameras-rigged-with-shorter-yellow-lights.ars<\/a><\/p>\n

See also: http:\/\/cubist.cs.washington.edu\/Security\/2009\/02\/05\/security-review-automated-traffic-enforcement<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Summary In Italy, public officials have been abusing their authority to make more money from the public by making reds come earlier than they are supposed to (a shorter duration yellow than legally allowed).\u00a0\u00a0 This means that, since they use … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":119,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,7,10],"tags":[],"class_list":["post-692","post","type-post","status-publish","format-standard","hentry","category-current-events","category-ethics","category-integrity"],"_links":{"self":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/692","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/users\/119"}],"replies":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/comments?post=692"}],"version-history":[{"count":2,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/692\/revisions"}],"predecessor-version":[{"id":694,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/692\/revisions\/694"}],"wp:attachment":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/media?parent=692"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/categories?post=692"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/tags?post=692"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}