
Dutch Hackers Found a Simple Way to Mess with Traffic Lights - rbanffy
https://www.wired.com/story/hacking-traffic-lights-netherlands/
======
tn1
I read about this a few days ago. It seems that the app doesn't send any
unique identifier from the submitting user (no registration required I guess,
but I didn't check). Good for privacy I guess?

Also, the researchers (original source at [0]) admit that you can't create an
unsafe situation, the worst you can do is sort-of-DoS by causing the signal to
minimize the green-cycle for the cars to it's minimum allowed value.

[0] [https://zolder.io/2020/08/06/hacking-the-traffic-light-of-
th...](https://zolder.io/2020/08/06/hacking-the-traffic-light-of-the-future/)

------
pmiller2
Looks like they violated rule 1 of accepting client-side input: always assume
someone will send you maliciously crafted input.

~~~
dsamarin
How do you verify malicious GPS coordinates at the server side if you don't
mind me asking?

~~~
pmiller2
Cryptographically sign them before sending.

