Read more at source.
Read more at source.
The flaw was discovered by Matt Brown, who bought an ALPR camera on eBay and reverse engineered it. He found that more than 150 Motorola ALPR cameras have exposed their video feeds and leaked data in recent months. The exposed video feeds each cover a single lane of traffic, with cars driving through the cameras view. Brown found two streams for each exposed camera system, one in color and another in infrared.
The scale of the exposure is staggering. WIRED reviewed video feeds from several of the cameras, confirming vehicle data including makes, models, and colors of cars have been accidentally exposed. In just 20 minutes, the cameras recorded the make, model, color, and license plates of nearly 4,000 vehicles. Some cars were even captured multiple times, up to three times in some cases, as they passed different cameras.
ALPR systems are widely used by law enforcement. The cameras automatically take pictures when they detect a car passing by. The system uses machine learning to extract text from the license plate, storing this information alongside details such as where the photograph was taken, the time, and metadata such as the make and model of the vehicle.
Motorola confirmed the exposures, stating it was working with its customers to close the access. The incident serves as a reminder of the importance of proper security measures in the deployment of such surveillance technologies. It also raises questions about privacy and data protection in the age of widespread surveillance.
Every one of them that I found exposed was in a fixed location over some roadway. It's been misconfigured. It shouldn't be open on the public internet - Matt Brown, Security Researcher
