Watch Dogs Now Proactively Being Blamed For Traffic Sign Hacking By Apparent Pre-Crime Division
from the the-future-is-now dept
Blaming stuff is becoming something of a fad, I guess. If recent reports are to be believed, it’s not all hip and whatnot to blame ghost stories for violence, video games for everything, and specifically Watch Dogs for teaching children how to hack Glenn Beck’s iPad. And speaking of Watch Dogs, the game du jour, it apparently has such a target on its back these days that it’s being blamed for pre-crime. Confused? Let me explain.
Earlier this week, news media in North Carolina reported that at least three highway signs there had apparently been compromised and re-worded to read “Hack by Sun Hacker.” Similar incidents were reported between May 27 and June 2, 2014 in two other states, which spotted variations on that message left by the perpetrator, (including an invitation to chat with him on Twitter).
Now, the article then goes on to note that the blame for this hack in part falls on the way the signs were set up to use SNMP, allowing for a fairly simple password hack to give the hacker control of the signage. The hacker is described as a Saudi that is essentially a tinkerer, not to be counted amongst the more nefarious types of international bad actors. The Multi-State Informational Sharing and Analysis Center report responsible for the above, however, also lets loose with this gem:
“…likely coincides with the May 27, 2014 release of the video game ‘Watch Dogs,’ in which game play revolves around ‘hacking,’ with a focus on hacking critical infrastructure-based electronic devices in particular. Watch Dogs allows players to hack electronic road signs, closed-circuit television cameras (CCTVs), street lights, cell phones and other systems. On May 27, 2014, the malicious actor posted an image of the game on his Twitter feed, demonstrating his interest in the game, and the compromise of road signs occurs during game play. CIS believes it is likely that a small percentage of Watch Dog players will experiment with compromising computers and electronic systems outside of game play, and that this activity will likely affect SSLT [state, local, tribal and territorial] government systems and Department of Transportation (DOT) systems in particular.”
If you didn’t just throw up, shame on you. What the report does is take a low-level script junkie and website defacer, who was already doing these things over the course of the past couple of years, and blamed his latest prank on Watch Dogs. Then, without missing a beat, it postulates that some unknown percentage of Watch Dogs players will put their controllers down just long enough to go out and try to hack all the things themselves. It’s insane on its face. I don’t recall any percentage of Nintendo players seeking out lines of turtles upon which to leap, nor do I recall any number of children or adults buying up all the hedgehogs at Pet Smart and then rolling them down long and complicated loop-to-loops to see how many rings they could collect. These are the kinds of allegations that only sound like they should make sense because games have become more realistic, but that doesn’t mean they actually do make sense.
And in the end, the focus should be on improving the security of the systems in question, not demonizing entertainment as a scapegoat. The attempt to shift blame is a distraction from the real story: whoever put those road signs in place couldn’t manage to protect them from a prankster. That’s the entire tale, period, paragraph.
Filed Under: blame, game, hacking, watch dogs
Comments on “Watch Dogs Now Proactively Being Blamed For Traffic Sign Hacking By Apparent Pre-Crime Division”
'Where's the freakin' X button on this thing?!'
Then, without missing a beat, it postulates that some unknown percentage of Watch Dogs players will put their controllers down just long enough to go out and try to hack all the things themselves.
… only to go right back to their game five minutes later, after they find out that you can’t in fact take control of an ATM, camera, or security system by pushing a single button and/or completing a short mini-game on their tablet/phone.
Re: 'Where's the freakin' X button on this thing?!'
Actually road signs were usually pretty easy, as they tended to use the default password. Jalopnik article with the default password listed in 2009. But I guess this is something new…
Back in the 90s
Back when I was in high school someone “hacked” one of the highway signs and changed it to “Fuck you Wiecker”. Weicker was governor of Connecticut at the time. He would have gotten away with it too if he hadn’t gone back in and changed it to “Nice try DOT”. I knew it had to be someone I knew because the way you got into this sign was by calling a phone number with a computer modem. It didn’t have any password protection at all. After they changed it the first time they must have put on a trace because they got him the second time. And sure enough, it was a friend of mine from the local chat system.
But I still contend that the game Hacker taught him how to do it. Or maybe Wargames.
These hacks have been going on for a long time. How do they explain all the past sign hackings before Watch Dogs was released?
Re: Re:
Time travelling hacker. I blame Back to the Future.
Re: Re:
You’re assuming far more rationality than they have. After all, violence has been depicted, and often-times glorified, long before video-games ever came about, but that hasn’t stopped them from blaming video-games for violence.
Re: Re: Re:
I wonder what they blame the conquest by the Romans on or the Medieval Crusades or Putin’s adventure into the Ukraine? Yeah, must have been all those video games.
When you put little into the belief that security is needed at all, sooner or later someone is going to try it and find out just how little it was thought of.
There’s a simple cure to all this. Try requiring security as part of the system at the start. Just because no one has thought of it today doesn’t mean no one ever will. Even rudimentary security would have helped.
Re: Re:
Facts don’t matter in these cases. They just need to use the latest scare tactic to get viewers/readers/ad revenue.
If that's the only thing that happens....
Then they’re fortunate.
Having a bunch of kids “testing” your secure systems for you and doing mostly-non-harmful stuff with them is probably the best outcome.
The real problem is when the bad guys (who don’t bother playing stupid hacking games), already know how to use them for nefarious purposes, and just haven’t done so yet.
So let’s hope these harmless hacks spur government agencies into fixing the problems before worse happens.
They could blame LA Story
http://vimeo.com/20401910
ht to https://twitter.com/normative/status/477186015288111104 for reminding me…
Re: They could blame LA Story
I immediately thought of that movie too.
But, the signs in L.A. Story were changed by some sort of ethereal force or being.
Maybe they will now combine all of this and bring us back full circle so Slender Man could be blamed for this too.
what about FTL?
With the new update to FTL, there is a hack subsystem for disabling a subsystem on an opponent’s ship. Maybe FTL is to blame, too. I’m just sayin’.
On a serious note, I’m still in awe over how much the developers put into this new update. I don’t think I’ve ever seen so much new content go into a game without it being a non-free expansion pack or version. That team ROCKS!
Default passwords, and connected to the Internet without any encryption. The manufacturer and users of these devices are to blame if they are hacked.
I would also suggest that the default approach for devices like road signs and cameras, especially if they cannot support encryption, is that they make the connection to their control system, rather than accepting incoming connections, or possibly only accept one incoming message, a request for them to connect to their controller.
Re: Re:
SNMP is an often misunderstood, and misused protocol… when I used to work for a company producing network management software, I was absolutely astounded at how often routers and other major infrastructure equipment was left with the default SNMP settings allowing just about anyone to view and even modify raw configuration data.
Re: Re: Re:
I’ve gone past being astounded by the stupidity years ago..
Just the other day I was at a company and had to enter a standard users account.. the password they gave me was “password2” the username I had to use? “User2”
Have a guess what ever single password was on every user Numbers account! eyeroll Oh and this was a $100million a year company that deals with a LOT of sensitive information from government clients.
I have sent a nicely worded memo to their IT dept and Senior management with the threat of outing them to the Govt dept who sends them clients, but they are basically, like a lot of people purely apathetic to any problem
Re: Re: Re: Re:
Better be careful there, that’s ‘extortion’ or ‘hacking’, and obviously any problems you point out are your fault, due to you pointing them out, because reasons. /s
Hackers, starring Angelina Jolie's boobs and bob haircut
Back when I was a kid, my buddy was so inspired to try to become a hacker, because it looked so cool in the movie Hackers! So since I knew things about computers, he came to me and asked about it.
Turns out, real hacking is boring, slow, difficult, and not at all like movies and games make it out to be. He got over his desire to be a hacker really quick, and is now a welder. I’m a programmer though… I don’t think a movie or a game can change a person into a hacker. It’s an innate skill and desire, and no amount of gaming will make you competent at it, nor do you need to be a gamer to have interest in it.
Its a hack alright.
Free advertising for Watch Dogs.
I hear Michael Vick used to a play a ton of Pokemon games…
Re: Re:
I don’t think he is even allowed to Watch Dogs anymore.
Reset defaults
Every device I have seen has a default password to allow the initial setup of the device. Some enforce changing the default password to something else during the initial setup. Even if they do not require changing the defaults one should as a matter of good practice. Some of the blame goes to whoever “installed” the equipment and failed to reset the passwords.
Re: Reset defaults
Most of the blame goes to them. Really, these signs have always had pitiful security and hacking them has been common teenage stuff for decades.
Your point about devices forcing you to change the default password on setup is right on the money. That’s fundamental good engineering: a cheap and simple thing that eliminates a stupid mistake. That signboards don’t generally do this after years of experience means that the manufacturers deserve some blame for their design flaw.
On the other hand, neither the users nor the manufacturers really care that much. The “damage” is minimal and easy to “repair”. The cost/benefit analysis might support that attitude.
Re: Re: Reset defaults
The “damage” is minimal
Unless someone hacks in and puts up material under copyright. Then the damage is HUGE.
I’m gonna have to download a pirated version of this game!
… No, there is too much. Let me sum up.
Simple hint to IT professionals
If the difficulty of hacking into your system can be compared to the popular computer game, get out of business like real fast…
I don’t recall any percentage of Nintendo players seeking out lines of turtles upon which to leap, nor do I recall any number of children or adults buying up all the hedgehogs at Pet Smart and then rolling them down long and complicated loop-to-loops to see how many rings they could collect
I was thwarted by the fact that my local Pet Smart doesn’t sell hedgehogs, but I did find that a tree farm near me sells barrels AND lighter fluid. Does anyone know where I can find a Gorilla?
No results.
I actually tried searching to see if there were any reports of Sonic being thrown down aisles (or any abuse whatsoever) and the internet has failed me. Not one result.
gameplay
Game is garbage. Every thing from driving to walking. If you wanna waist money,time and gas’s then get it otherwise don’t. I can’t wait until EB games opens tomorrow so I can bring it back!!!
fckn right
These days all the younger generation are 15times smarter asset almost everything tech wiser,thus some kid’s hack a sign that some old fart didn’t update is most certainly watch dogs fault. I’m curious,can i blame wretch dogs for the Trojan i spent 6months learning to make through self taught programming from hours of research on a dial up connection back in 2001? Were talking windiws xp sp1 and the best we had back then was playstation one and i can’t think of a single game that made me wake up and think i should hack my high school pc system.nay i made it because i want to see if i could,and i raised H3LL with it to show off my ego.and i lied like like h3ll about it when i got caught cause i didn’t want to feel bad for my actions. So what?it’s all about lessons learned.if we just keep banning every thing where will we be in 20yrs? I bet we will all be in cryostasis cause none of us can fck sht up that way.
Have
The comment will aprrove
Like hacking
I goto don’t think he is even allowed to Watch Dogs anymore, I like Game online coc hack gems tool