Unlocking L.A.’s Traffic Grid: Phreaked Out (Episode 1)

it was a real-world attack it wasn’t a proof-of-concept that was done by some white hat hacker and laboratory at or at a security conference these were real individuals who broke into a real world system that had an effect on hundreds of thousands if not millions of motorists over days in one of the most traffic congested areas of the world you I think la has an excellent transportation system we thought of as the center of car culture in the u.s. we have about 6,500 miles of public streets we have about 4,500 signals in the City of Light which is one of the largest signal systems in the world without the at Sac Center it’d be very difficult to manage Kartik Patel in Gabrielle Murillo were to Los Angeles city employees who were accused of illegally accessing the city’s computer system that controls the traffic lights and using it to create day’s long traffic jams in furtherance of protests that their union was was conducting on the surface of it it sounds really really sexy like Italian job right it sounds really really sexy at the time of the August 21st incident I was working in at SAC control center where I was in charge of the engineers I was kind of like the manager of implementing and maintaining that whole system so I I in particular was accused of disconnecting signals and causing some kind of traffic back up we lost communication from our centralized control center to these four signals just by the fact that I was on the system and very few people have remote access that they felt that I got on there to do something kind of fishy my name is James e Blatt I’m a criminal defense attorney in Los Angeles and I was representing mr. Gabriel murió he was the key person of developing at SAC the automated traffic system and control center he was the main troubleshooter the developer the inventor my name is Damien Kamkar I’m a security researcher and computer hacker some of these control systems that are controlling our utilities our traffic are really prone to hacking their current vulnerabilities default passwords they’re on the internet when they shouldn’t be the only pro that I can see from actually these systems being hacked is demonstrating how possible it is if someone presses a wrong keystroke they can put of signals on flash in 30 seconds if we wanted to make say Venice a highway we would go 180 second green we can go Bam Bam Bam Bam and we can do that just from a computer screen it’s a very very very efficient system and it’s one of those where if there was some kind of problem with it ever went down then you really see the value of it because you’d see a lot more gridlock everywhere they have a program called a graphic user interface to monitor and control the traffic light system well that particular program had been shut down four of the major arteries the lights were not working there wasn’t any significant difficulties in this matter but it took three or four days to get the bugs out of the system the hacks that these two individuals are alleged to have carried out is exactly the type of thing that security researchers have been warning about for you know for a better part of the decade I’m not familiar with like all the different firewalls and different things we have but we’re comfortable with the level of security we have here now given that they were able to impact only four intersections and they increased a great deal of aggregate delay on the arterioles affecting only four intersections out of I don’t know roughly forty four hundred or so whatever their message was they weren’t actually trying to bring the system to their knees I think we really dodged a bullet there in the city every signal has its own secure system in such a way where if someone tries to change the signals and it’s beyond that the programming it won’t let it someone may make it inconvenient for the motoring public but it wouldn’t be an unsafe situation you’re creating potentially a dangerous situation where you shut down a particular bridge or access to a freeway where lives could be lost had the individuals responsible been fundamentally malicious and what they were trying to do they could have caused an enormous amount of delays system-wide but it was also a little bit of an inoculation it allowed us to begin to develop the the immunity necessary to protect ourselves against more dramatic infections anytime you use the Internet as a way of communicating between computers and any system the size of El ADOT signalized traffic rate does that to some degree you’re vulnerable our system is not available to the Internet is not out there we really have an old-school hardwired system our CCTV camera system is all analog a lot of our technology and software is just not up to today’s standards so that actually provides a little security that probably a lot of agencies don’t have you know again we’re comfortable with the technology we have I’m one of the few people who had authorized remote access to the traffic control system from home from a laptop those systems controlling our cities should not be on the internet they should not be easily communicated with by anyone who has a phone or laptop it’s actually terrible that there are so many open hardware switches available online that actually anyone could access it they just knew how you could potentially be controlling traffic lights you could be potentially controlling oil refineries you could be controlling water systems or water infrastructure electricity gas pretty much any type of system I definitely think you shouldn’t be so confident that you can’t be hacks I think almost anything is hackable fortunately there are a group of people and definitely a lot of hackers who are looking at this technology on a daily basis and trying to find new ways of exploiting it and then demonstrating it publicly typically in a legal manner but showing that okay some of our cities are not safe and we need to take measures to fix that I did not do anything wrong I did not cause any signal malfunction I believe led ot management made false statements I believe the police created a story when they didn’t even understand something I believe the DA’s office put their foot in their mouth and couldn’t take it out there’s definitely different camps of thinking when it comes to weather or hacking is better for society worse for society one group of people who believe well if you find an exploit you shouldn’t really talk about it you should potentially talk about it privately with who’s in charge and only disclose it to them give them time to let’s say update their systems to patch that vulnerability but if they don’t fix it within some amount of time you should release publicly I think everyone should hack I think everyone should learn how to hack and the more people that know how to hack something the more appreciation there is going to be for the vulnerabilities that come with that technology is a moving target I don’t trust the hackers to teach us a control lesson every time you introduce a new technology you have produced new owner abilities and some miserable son of a bitch out there is going to try to exploit that it’s just human nature securities need desperately to hire outside auditors people that will come in and perform what’s called a penetration test to actually test the limits and the security of the systems the cities are using exposing some of the things that can be hacked and how they can be hacked and really alter anything it really gets other people to work together to sort of rally up and fix some of these issues there are good guy hackers out there and some of the solution can be crowd-sourced if you’re willing to live with the outcome then go ahead and serve the greater good and break the rule I think the insurrectionists among us are healthy elements in society if there weren’t folks out there that were prepared to insist on teaching us some of the important lessons we’d never take delivery on the information packing never ended lives until that day now I’m coming for them you want revenge this phone can turn the city into a weapon we’ve got 40,000 people above us we need a distraction no one can hide from me no one watchdogs pre-order now wait amateur please

100 thoughts on “Unlocking L.A.’s Traffic Grid: Phreaked Out (Episode 1)

  1. Not up to todays standards, someone said it! Traffic management in L.A. is terrible. First thing, why do all those poor people go to the city centre to work? Can't they do their work in the suburbs? The answer is YES they can! Second thing: why are they in L.A. still using traffic lights to clutter the arteries of the city? The solution is to make large parking spaces and let the workers go from that parking place to where their desks are by public transport. Third point is: make a lot of roundabouts and get rid of the old fashioned traffic lights. Time is the most valuable commodity in the world, and this is spilling time and therefore money and it looks silly if a large city has no people who can think!

  2. i see what you did yall are not slick !
    adding that commercial at the end
    to make it to the ten minute mark!
    just to add more adds for money lol piece of shit !!

  3. 0:13 hacking??? that is ableton live you see. its a software for music production and has nothing to do with hacking…

  4. some traffic lights actually have an open RF signal that traffic light maintenance workers can access… or anyone who can find that signal and has the hardware to do so.

  5. Graphical user i terface is not a program. It is an interface just like it says. What did really happen?

  6. This is why unions are retarded. In a global economy, a labor strike exists for those in it to bitch and moan, and for everybody but the people they are protesting to have some sort of negative effect.

  7. I believe that Samy is dangerous and is out to make a name for himself. Just because something can be 'hacked' does not mean that it should. We need people who create rather than destroy.

  8. -"A program called 'A Graphic User Interface'"
    –6:06 Ableton Live and Arduino IDE?
    -"we are comfortable with the technology we have"
    –4:02 "I'm not familiar with like all of the different firewalls and different things we have, but, uh we're comfortable with the level -of security we have here"
    -Lots of Windows XP
    -Other old tech that gives people who has the ability to think an opportunity to attack them succesfully

  9. when people who know nothing about technology try to sound smart talking about technology that they don't have a clue about… oh god lol. no wonder they got hacked.

  10. So this is how Mr. Kelly and those White supremacists turned that school bus into a weapon. Holy shit. Nazi's have majorly stepped up their game.

  11. The asian dude said "It's not on the internet" The director dude said he had remote access where he could access it from his laptop at his home…
    That means it was on the internet.

    Doesn't matter if things are hardwired or wireless, if the system it's self is on the internet then it's on the internet.

  12. Lol @0:13 yea I make sound waves with ableton that influence the frequency of WiFi signals to hack your toaster. Because the universe is nothing but waves and frequency and all I have to do is turn up the high pass filter and now I'm @god

  13. O.. The lights are causing gridlock? Better send a traffic cop or some volunteer down to direct traffic at those 4 intersections.


  14. Based on the fact that the malicious "hacker" at 0:13 is using Ableton Live (a music production software) and that the confident in his technological fidelity traffic guy has Windows XP on the computers behind him and thinks that the tech they have is perfectly fine (1:11), I'm pretty sure that whichever company produced this has no idea of what the fuck they're talking about.


  16. Which is why driving schools teach how to proceed in intersections (independently of whether traffic lights are existent, functional or otherwise)

  17. Sorry, so the program – the GUI – went down… so the traffic lights stopped working… because.. you know.. The back end traffic light controllers are kind of like photons, and they change if you aren't observing them via the GUI… because.. let's not forget what a GUI is. What a joke.

  18. "I don't know about the firewalls that we have, but we're comfortable with the level of security – that I know nothing about – that we have"… What?

  19. "Our system isn't on the internet.. we use VHS"… one minute later "I was one of the only people who had remote access from my laptop at home" WHAT?! These guys contradict themselves in the same segment and we trust them to run our cities… Great.

  20. 5:26 WHY is security through obscurity even considered actual security? last I checked, older hardware tends to be easier to exploit Look at my cool 5 monitor xp setup at 1:11

  21. What a dumb ass the old people don't know what the hell they are doing talking about no I don't want upgrade our security……

  22. I like how when it showed the guy viewing code on his phone and laptop at 6:08 it was the Arduino IDE he was typing into and the app on his phone was the Android IDE .-.

  23. Whoever that disgusting big turd nodule that said it was sexy is so grimy, he has no idea how turd gurgling guilty he sounds. And take a goddamn shower

  24. "Our systems are not up to today's standards, and that actually provides us with a level of security"

    What the ****. Okay, I get that your lack of internet access keeps you safe from remote attacks, but if someone gets in your door (Which, if your cybersecurity policies are any indicator, is not implausible), you're screwed.

  25. The sad thing is is the leader of the IT sec
    Is probably an idiot
    But the employer is also an idiot
    Usually these guys don’t get a big enough budget to protect against everything
    So they make cuts
    And this happens
    They get a fucking tiny budget and they want them to protect them against hackers on the internet
    It’s basically ~40 people trying to get in at a time
    Especially at a traffic control center
    And they want them to protect them against that??

  26. 3:29 Graphic User Interface is not a program it's a type of interface like Cli (command line interface).
    Right👍: The program has a graphic User Interface.

  27. Those Bastards runs the system/government if they were honest, doing what they supposed to do, work for people… I mean if they were practicing Democracy as it should be then there wouldn't be any Black Hat/rebel every citizen would come forward with the best idea and they would do it all voluntary. you guys recruiting only donkeys who will do anything, eat everything govmt vomit. in a word u want puppets not talents. As long government will oppress citizen,turn blind eyes on their issues, there will be some genius among the crowd who will keep teaching lessons. All we gotta do is look our surroundings, think out of the box, think bigger/deeper they made us to think busy with some bullshit such work ur ass off – get paid lump sum – pay bills – facebook/social media/ meaningless songs/ drugs/ credit card debts….. thats it … so we stop thinking / caring whats happening around us … stop asking question to them no accountability.. ad thats how they are doing anything and everything to fuels their greed…. We need a revolution all over the world and make a new system with honest people .. no borders,countries we all are the citizen of earth and respect each other … love each other as our own brother/sister……fight together against evil.

  28. Gotta love how the video describes how the system has been hacked, then cuts to a guy going "Nope, our system is secure. It can't be hacked." The guy says "It's not connected to the internet." Then the other guy says "I'm one of the only ones with remote access from home on my laptop." It's one thing to be a bit overconfident about your system's security, but this dude is actually saying his system is unhackable in the video about how it was hacked.

  29. My God do these people know you can buy these tech for less than 100 dollers to change the traffic lights in your car a mile away and here he comes saying it's old tech not hackable??

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2019 Explore Mellieha. All rights reserved.