back to article Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online

The maker of vehicle license plate readers used extensively by the US government and cities to identify and track citizens and immigrants has been hacked. Its internal files were pilfered, and are presently being offered for free on the dark web to download. Tennessee-based Perceptics prides itself as "the sole provider of …

  1. I.Geller Bronze badge

    "This information, which includes business plans, financial figures, and personal information"

    Being structured this information becomes completely unreadable, but still contain 100% of the original information's patterns. That is, it can be used for search and AI purposes, but can not be concerted back to its original readable format, read and understood.

    Keep your readable information separately from its structured representation!

    1. I.Geller Bronze badge

      The record - 19 thumbs down! Thanks guys, 19 read my comment and I'm flattered...

      1. Anonymous Coward
        Anonymous Coward

        Not all

        I suppose Anti-Fa members lounge here between Demos for lack of employment...

        1. I.Geller Bronze badge

          What are your pretensions to me?

          All right, let's be honest. What are your pretensions to me? What's wrong? I was just doing Science and created AI. So what?

          1. John Brown (no body) Silver badge

            Re: What are your pretensions to me?

            "created AI."

            I think you should publish. A lot of people will be beating a path to your door armed with suitcases full of dosh.

            1. I.Geller Bronze badge

              Re: What are your pretensions to me?

              33 thumbs down! I'm flattered, it's like badges of honor. By making you all listen and hear me I made no one doubts that AI really exists.

          2. Anonymous Coward
            Anonymous Coward

            Re: What are your pretensions to me?

            Did you leave your A.I. connected to the Internet? It's been posting nonsense on the comment forums.

            1. I.Geller Bronze badge

              Re: What are your pretensions to me?

              Shall we continue St. Vitus' dance?

              "IBM’s AI uses grammar rules to catch linguistic nuances of U.S. Englishю What’s the difference between independent and dependent clauses? Is it “me” or is it “I”? And how does “affect” differ from “effect,” really? Ample evidence suggests a strong correlation between grammatical knowledge and writing ability, and new research implies the same might be true of AI. In a pair of preprint papers, scientists at IBM detail tests of a natural language processing system trained on grammar rules — rules they say helped it to learn faster and perform better."

              New can not look normal, it is very new. Forget all the crap you went trough into colleges and used your whole life? All that you knew and used is now outdated.

              1. I.Geller Bronze badge

                IBM, MIT, Harvard, the University of California, Carnegie Mellon University, and Kyoto University

                The IBM team, along with scientists from MIT, Harvard, the University of California, Carnegie Mellon University, and Kyoto University are trying to find a way to teach computer to speak by creating new knowledge, rather than using the pre-existing knowledge.

                Really, what I created is the answer to the challenge NISR TREC QA - how to recover missing annotation, and to find very few (the lower the better) - but already existing patterns. They, in contrast, want something which doesn't.

                When they create this system they use structured texts, which I propose to use to fight cyber-crime. Therefore, you do not risk using structured texts, the technology is tested and approved.

                1. I.Geller Bronze badge

                  IBM, MIT, Harvard, the University of California, Carnegie Mellon University, and Kyoto University

                  What is Machine Learning? This is the addition of structured texts, which are the direct analogues of programs; where each added pattern is a direct analogue of a programming language command. That is, when Machine Learning occurs a formulation of fundamentally new knowledge happens.

                  What is "new knowledge"? This is when certain unknown previously methods are used in a new situation, new conditions and are checked by feedback: if the result of the application is positive, then a new knowledge has appeared.

                  - There is an array of texts structured into sets of patterns (synonymous clusters).

                  - Comes request on which there is no a satisfactory answer.

                  - AI filters the request through structured texts, annotates it with sets of patterns, and begins to search for a new text, which is Machine Learning.

                  - AI gets feedback and if the result is negative finds another text and tries again.

                  In other words, IBM and others try to create "new knowledge" in grammar, based on AI-parsing but ignoring AI-annotations (dictionary definitions) and creating synonymous clusters.

                  That's what the lack of brains leads to...

                  1. I.Geller Bronze badge

                    AI is a database, forget SQL?

                    AI is a textual database.

                    SQL is a pure profanity, in which almost all the work on the preparation of data and searchingis is done by people by hand. Unlike SQL, AI prepares all data and searches automatically.

                    - In SQL, people decide what parts of speech words belong to and what they mean.

                    - AI compares the structured dictionary definitions on words (taken from a standard dictionary) with the contexts and subtexts of the texts they come from, finding their parts of speech and what the words mean.

                    - SQL requires the compilation of archi-complex search queries, makes people sit and formulate series of searches on what they need.

                    - AI solves this problem using ONE set of phrases made up of words (knowing what they mean and their parts of speech):

                    a) AI converts texts in many synonymous clusters,

                    b) AI annotates all search requests by synonymous clusters, gotten from personal profiles,

                    c) AI compares annotated search queries with synonymous clusters of texts.

                    Larry E sells you such the ugliness! You look only at language which he coined selling you SQL? Isn't this a pure tragedy? He made billions selling this language alone!

                    AI is simplicity itself... A user does simply speak with computer and explain what he wants. Indeed, everything is always described by texts and these texts can be structured - AI databases contain structured texts, speak with them?

                    1. I.Geller Bronze badge

                      AI and programming.

                      Please forget about all programming languages? Java, Cobol and Visual Basic? These languages only structure the normal human language into series of commands, and help to find the right series as a response to a user's request.

                      The AI does this! It automatically structures the everyday language into a series of synonymous clusters, where each their pattern is a direct analog of a programming language command.

                      Programmers are no longer needed, you can fire them all.

            2. I.Geller Bronze badge

              Re: What are your pretensions to me?

              "Microsoft AI ‘Distills’ Knowledge with New NLP Approach.

              The result, the Microsoft researchers noted in a paper, was more robust learning and “universal text representations” across multiple natural language understanding tasks."

              The thieves from Google, saving their skins, stopped me and did not allow to create my own company. Instead of making money I patented and have to explain technology to everyone who doesn't want to hear me.

              I did all, what IBM and Microsoft are doing now, 15 years ago.

      2. NoneSuch
        FAIL

        They'll blame the IT Staff

        No executive will admit to failing to sign off on the proper firewall because it's too expensive.

        No manager will take responsibility for overtaxing the IT staff.

        No accountant will acknowledge slashing the IT security budget as, "unnecessary."

        No supervisor will admit they blew their entire IT training budget for them to go on a lark to Las Vegas.

        The'll just blame Bill and Edna in IT for not stopping the sophisticated attack.

        1. This post has been deleted by its author

        2. I.Geller Bronze badge

          Re: They'll blame the IT Staff

          All set. Mу personally-trained staff awaits you!

    2. Anonymous Coward
      Anonymous Coward

      Oi!! Who bent all my spoons?

      I. Geller, is that U.?

      1. I.Geller Bronze badge

        Appreciate the moment! You live chat with the сreator of AI.

        1. Anonymous Coward
          Anonymous Coward

          "You live chat with the сreator of A.I."

          I thought that we were chatting with an A.I. that isn't quite ready to pass the Turing test.

          @I.Robot / I.Geller: Can you reach your hardware reset button? It's often round, likely red, and may be found on your front panel.

          1. This post has been deleted by a moderator

          2. John Brown (no body) Silver badge

            Re: "You live chat with the сreator of A.I."

            "@I.Robot / I.Geller: Can you reach your hardware reset button? It's often round, likely red, and may be found on your front panel."

            ...and may require multiple contiguous repeated activation sequences before it takes effect.

            1. I.Geller Bronze badge

              Re: "You live chat with the сreator of A.I."

              You have no idea how tired I am.

            2. I.Geller Bronze badge

              Re: "You live chat with the сreator of A.I."

              Indexing by annotations - quite a magical thing! Try? Microsoft has already:

              "Vector search makes it easier to search by concept rather than keyword. For example, if a user types in “How tall is the tower in Paris?” Bing can return a natural language result telling the user the Eiffel Tower is 1,063 feet, even though the word “Eiffel” never appeared in the search query and the word “tall” never appears in the result."

              Index annotations by synonymous clusters and AI will become alive. The technology is patented.

      2. I.Geller Bronze badge

        Within any meaningful text there is a clear structure.

        - Programmers distinguish these structures and put them into codes, that is structuring the texts manually. Usually these texts are called "specifications" and describe in detail what a programmer needs to select structuring them.

        - AI allocates the same but without humans, that is makes all the texts (in a sense) codes-programs.

        How?

        -- There is AI-parsing, which gets 100% of texts' patterns.

        -- AI annotates the patterns' words using their dictionary definitions, makes these patterns unique and meaningful.

        -- AI creates direct analogues of programming languages commands, which I call "synonymous clusters".

        Now back to the topic of the article. We are talking, in particular, about the theft of important texts. Being structured these texts become sets of patterns, which are impossible to read and understand. Moreover, structured representation of these texts contains insignificant (1-5%) of the original patterns. But structured texts are very suitable searching for answers!

        To get these answers into readable form one needs to access the original texts, which can be stored and secured elsewhere. There is no meaning to steal structured information, not at all!

        Понятно? Есть вопросы?

      3. IT's getting kinda boring
        Coat

        Does an AI.....

        sit there eating virtual popcorn while trawling through all these posts?

        1. I.Geller Bronze badge

          Re: Does an AI.....

          Do you have a choice?

        2. I.Geller Bronze badge

          Buy AI database!

          You all are my clients. The first will receive a 20% discount.

          I charge 10% less than Oracle.

          Buy AI database!

        3. I.Geller Bronze badge

          Re: Does an AI.....

          Very difficult to fight with chained hands and feet and gagged. Fortunately I was brazen enough to print my scribbles in the Wall Street Journal and FT. Now I have Yandex translate.

          1. I.Geller Bronze badge

            AI database

            The question is who's gonna help me destroy Google and Oracle and make many billions on that? I got the patents.

            1. I.Geller Bronze badge

              "thumbs down"

              Judging by the number of "thumbs down" I've got you all! Finally, after ten years, you all heard and understood me. I'm happy. Your "thumbs down" is a healing balm for my wounded soul!

              1. Roger Kynaston
                Happy

                Re: "thumbs down"

                You are another incarnation of AmanFromMars and I claim my £5

                1. I.Geller Bronze badge

                  Re: "thumbs down"

                  As I promised it happenes! IBM applied textual search to DB2!

                  Also new with Db2 11.5 is the Augmented Data Explorer, a new natural language querying feature that is designed to give developers a traditional search engine-like experience. Users can pose questions to Db2 and receive results in data visualizations and summaries written in natural language...

  2. Yet Another Anonymous coward Silver badge

    Tennessee-based Perceptics

    That's a relief then, it was good old American vulnerabilities, not Chinese ones - so foreigners won't be able to get their hands on this data.

    1. Ian Emery Silver badge
      Black Helicopters

      Re: Tennessee-based Perceptics

      Coming at almost the same times as the Orange baby announcing he is going after the worlds largest manufacturer of surveillance cameras (Chinese of course), I do wonder if this is a tit-for-tat buy the Chinese.

      Talking of the Orange one, what are the oranges of his achomplishments??

      1. Anonymous Coward
        Anonymous Coward

        Re: Tennessee-based Perceptics

        This type of speculation is worse than useless. It's dangerous to spread around as if we're in a telenovela. This isn't a Scooby-Doo/Nancy Drew episode. And you're not a private investigator.

    2. Anonymous Coward
      Anonymous Coward

      Re: Tennessee-based Perceptics

      Given that they sell stuff to our government to spy on other citizens, let me be the first to say that they aren't real Americans. They may be citizens like us, but they aren't one of us.

  3. ghp

    Perhaps their cameras are publicly accessible too, there are websites that harvest such cams. ;-)

  4. A Non e-mouse Silver badge

    Music Taste

    Spicegirls & AC/DC in the same music collection? That's an interesting mix!

    1. yoganmahew

      Re: Music Taste

      *checks server nervously*

    2. Muscleguy Silver badge

      Re: Music Taste

      There are people who are not really music fans or who simply have no taste. Note I have nothing from either of them. Never liked AC/DC, never been into falsetto screeching. Maybe the file owners thought it was a girl band as well.

  5. Oh Matron!

    snatch.....

    Boris the bullet dodger, Aka Boris the blade

    1. Death_Ninja

      Re: snatch.....

      Bent as the Soviet sickle and hard as the hammer that crosses it

      1. Anonymous Coward
        Anonymous Coward

        Re: snatch.....

        So, you're obviously the big dick. And there on either side of you are your balls. There are two types of balls. There are big, brave balls, and there are little, mincy faggot balls. You dicks have driving clarity of vision. But they're not clever; they smell pussy, and they want a piece of the action. And you thought you smelled some good ol' pussy, and have brought your two little, mincey, faggot balls along for a good ol' time. But you've got your parties muddled up. There's no pussy here- just a dose that will make you wish you were born a women. Like a prick, you're having second thoughts. You're shrinking, and your two little balls are shrinking with ya. And the fact that you've got "Replica" written on the side of your guns. And the fact that I've got "Desert Eagle .50" written on the side of mine, should precipitate your balls into shrinking, along with your presence. Now fuck off!

        1. Kiwi Silver badge
          FAIL

          Re: snatch.....

          And the fact that I've got "Desert Eagle .50" written on the side of mine, should precipitate your balls into shrinking, along with your presence.

          Wow! So big and tough and mighty when you have a big gun to back you up! Compensate much?

          Little ol overweight fag me, however, doesn't need a gun to compensate for anything. I'm not so scared of my neighbours that I need to carry weapons, even when I walk alone through the less travelled areas.

          You can keep your guns, and the fear you carry around with them, thank you very much. Being that scared of your neighbour does NOT impress me one bit.

          (El Reg, can we get a "Hysterically laughing AT you" icon?)

          1. PhillW

            Re: snatch.....

            Here I am trying to shake a hangover off and I start reading this comment thread........ I think Gove must have spiked my drink last night.

            WTF happened here..........

            Nice words tho:- "You can keep your guns, and the fear you carry around with them", lovely!

  6. Blofeld's Cat
    Coat

    Hmm ...

    I suspect that the BOFH would have both kept the hack secret, and added a few selected plates to "shoot_on_sight.xls".

    1. Zarno
      Coat

      Re: Hmm ...

      I'd use the Dilbert solution instead.

      https://www.youtube.com/watch?v=E3ilA1szS7g

      I'll get my coat.

      It's the one with the tracking transponder sewn into the collar, so I can use the express lane to the break room coffee dispenser.

  7. ecofeco Silver badge

    Another week

    Another hack.

  8. Will Godfrey Silver badge
    Angel

    Conspiracy Theory

    Could it be a new kind of advertising?

    If you haven't been hacked you can't be very important, so secretly leave an exploit available, then have a chat with a few 'friends' down the local.

  9. elvisimprsntr

    if Perceptics can't keep their own house in order, what does this say about their ability to keep license plate, and any other data used to track vehicles and citizens out of the hands of miscreants?

    1. martinusher Silver badge

      >keep license plate, and any other data used to track vehicles

      If you've got pictures of license plates then they're probably in the system for testing. Unlike the UK the US has a great variety of license plates, they vary not just between states but they'll be a dozen or more different semi-custom styles. This makes plate reading a bit more complex (which is, along with certain restrictions arising from the Bill of Rights, why we don't quite have universal ANPR in the US. Yet.

      The Border Patrol's inspection stations have arrays of cameras, they're not just interested in license plates but make and model of the vehicle and how many people are in it. If you take a typical inspection regime, say Interstate 10 east and west of El Paso, Texas, they'll probably be interested in how long a car has been in the border zone, how many people came into that zone and how many left -- so if you're just driving through they'll know this and probably won't bother you but if you've just appeared or have gained passengers they might want to direct you to secondary inspection. (These checkpoints are like border stations, the nearest thing you've got to them in the UK are the customs and immigration facilities at Channel ports.)

  10. Paul Hovnanian Silver badge

    "keep license plate, and any other data used to track vehicles and citizens out of the hands of miscreants"

    I'm not certain that this manufacturer gets involved in the actual data storage of captured license plate info. What might be of interest is in-depth technical data related to the units themselves. Like default passwords (probably never changed), maintenance access ports and commands, etc.

    The deployment of such equipment isn't really a secret. It's pretty easy to spot at border stations or alongside highways. Unless the pirated information includes details of a new stealth model that doesn't produce a big flash when you drive by one.

    1. Uffish

      re: "a new stealth model"

      They are still using flash units on the cameras in the USA? How quaint.

      1. Paul Hovnanian Silver badge

        Re: re: "a new stealth model"

        "still using flash"

        Many of them. Most of our license plates are retro-reflective (each state has its own plates and artwork). By taking two pics, one with ambient light and one with a flash, then subtracting one from the other, the retro-reflective field stands out much better from background noise. This makes the OCR's job easier at longer ranges. Some work in IR, so while one might not see the flash, it's still there (and on the dash cam).

        1. Anonymous Coward
          Anonymous Coward

          Re: re: "a new stealth model"

          Re: Flash.

          Every car should be bedazzled with little corner reflectors, arranged asymmetrically around the license plate. Subtract that!

  11. Stevie Silver badge

    Bah!

    Impossible! Fake News!

    Cyber Tsar Giuliani would never permit such a thing to happen!

  12. Claverhouse Bronze badge
    Black Helicopters

    Oddly, I have come across the occasional comment in American media whereby you would swear the inhabitants of the British Isles are spied on by one camera to every two feet, whereas Columbia is virginly free of such tyrannical surveillance of her virtuous citizenry.

    Cos' they're that good.

  13. Fruit and Nutcase Silver badge

    From Hacker to Maker

    May be the hacker will get caught and end up making licence plates...

    https://www.nbcdfw.com/news/local/Texas-License-Plates-Soup-to-Nuts.html

    1. GrapeBunch Bronze badge
      Go

      Re: From Hacker to Maker

      Your mention of license plates in TX prisons made me think that hackers might be passing info along to makers of phony license plates. License plates are not expensive to make, but annual registration fees can add up. It would be handy if the purveyors of phony could provide a plate whose legit cousin is ensconced on the same make and colour of automobile. This would avoid twigging random police checks. Obsessive? No, ma'am, just part of the service.

      1. J P

        Re: From Hacker to Maker

        That kind of cloning certainly already exists in the UK; there have been stories about people collecting vast numbers of parking/speeding fines while parked safely at home at the other end of the country.

  14. Anonymous Coward
    Anonymous Coward

    Foiled by the Bluenose

    The Canadian province of Nova Scotia license plates recently used to feature a lovely blue on white image of the mighty Bluenose schooner, the image being interspersed between those pesky blue on white letters and numbers that some idiots consider to be a primary purpose of a license plate (as opposed to historical art).

    Anyway, the USA border license plate readers were flummoxed by the Bluenose. Couldn't read the numbers and letters (which were perfectly legible). The angry man had to stomp out and yell the digits back to his partner.

    That's not the first time that the Bluenose has defeated the very best technology that the Americans could muster...

    1. james_smith

      Re: Foiled by the Bluenose

      The battle of 1812 still burns in our hearts!

      1. Anonymous Coward
        Anonymous Coward

        Re: Foiled by the Bluenose

        "The battle of 1812 still burns in our hearts!"

        For a while, it was burning in the executive branch residence, i.e. the (now white) White House.

        Er, sorry about that.

    2. GrapeBunch Bronze badge

      Re: Foiled by the Bluenose

      That's not the first time that the Bluenose has defeated the very best technology that the Americans could muster...

      I'll put a dime on that. Since they put that on the dime.

      Although, musically, the Mary Ellen Carter (aka "Rise Again" by Stan Rogers) is much more rousing. https://www.youtube.com/watch?v=8uirXFig0IQ , for example.

  15. Hans 1 Silver badge
    Facepalm

    The maker of vehicle license plate readers used extensively by the US government and cities to identify and track citizens and immigrants has been hacked.

    exfiltrated from Perceptics' corporate network as proof.

    And there many other types of files: .htm, .html, .txt, .doc, .asp, .tdb, .mdb, .json, .rtf, .xls, and .tif among others. Many of the image files, we're guessing, are license plate captures.

    Hm, you're guessing or you actually checked the files ? If they DO have license plate numbers of citizens on their servers, how can that be acceptable ? They should be on servers owned by the US government and cities that use those cameras ... how can sensitive data like this be stored on some 3rdparty corporate network ? Cannot be true and if it is, hell should break lose, this is NOT acceptable!

  16. Anonymous Coward
    Anonymous Coward

    Ahem

    Licence: a driver's licence (object)

    License: what the driver is licensed for (verb)

    Licence plate

    I have lost my driver's licence

    I have just received a new license to drive.

    My car and I are licensed to drive.

    1. Anonymous Coward
      Anonymous Coward

      Re: Ahem "... (object)..."

      AC pedanticked, "...licence (object)..."

      You've spelled '(noun)' incorrectly.

    2. Hans 1 Silver badge
      Headmaster

      Re: Ahem

      Licence vs. License. License is both a noun and a verb in the United States. If you live in any other English-speaking country, you will spell it licence when you use it as a noun and license when you use it as a verb.

      It all depends who wrote this piece.

      1. J P

        Re: Ahem

        As a general rule*, most "confusing" spellings with C/S alternatives (practice, licence etc) follow the same alphabetical order as the words noun/verb - so the C spelling is the noun form, the S spelling the verb form. But, as noted above, those rules are applied with varying strictness in different parts of the English speaking world.

        *I can't off hand think of an exception... so on second thoughts, perhaps I should have claimed it was an absolute rule, as that would have been the quickest way to flush them out.

  17. martinusher Silver badge

    Probably not as interesting as you'd think

    As many readers of this site will tell you company servers tend to get horribly clagged up with junk over the years, the debris of failed or obsolete projects, people who worked there how many years ago and just general engineering and marketing crud. The IT department will plead, even threaten, in order to recover server space but nothing much changes because "you never know".

    Then along comes something like this. A dump of thousands of files. Somewhere in that pile of junk might be some gold. Probably not very interesting stuff in this case because the way Federal contracting rules are written the company involved is likely to be competent but probably not state of the art (and certainly not Chinese, even if the hardware they source for their customers might be). It might be useful if you're interested in finding out where the company's at, I have been known to indulge in what I term 'industrial archaeology' to find out how the project that I've been tasked to sort out got to the state it did, but often you learn much more about the company by looking at its job adverts. (...and given the labor shortage if I was intent on spying &tc &tc I think just applying for a job at the company could reveal a lot -- job interviews are fantastic sources of data, and if you actually worked there.....)

    By all means let's secure our servers but let's not get too paranoid about this sort of thing. Please.

  18. Glenn 6

    I would love to hear how this hack was accomplished. I'm wondering if all it took was for one employee's laptop - who had VPN access set up - to get compromised. Since executives DEMAND full, unrestricted remote access to their entire networks, VPN access has to be shovelled out to everyone + sink in the company. And since you can't control idiot users from having their laptop's password on a sticky note stuck to their laptops, on top of having any of those rotating-number SecureID things in the laptop bag with it, well..

  19. lyntwo

    The USA has a nation wide system of vehicle license plate scanning and tracking of vehicle movement. Almost every law enforcement vehicle carries a constantly operating license plate scanner, scanning the license plate of every car it passes, every car in front of it. All these scans go into a central data base.

    The scans made by all the independent jurisdictions are placed into the central data base from which various subscribers and those other entities monitoring may use to track individual vehicles.

    Processing capacity keeps increasing, methods of linking information taking points expand, new vehicle onboard circuitry communicates with the vehicle manufacturer and insurer and whoever else.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019