Hacking to pwn a cop car
By the end of the hack, Finisterre accessed the DVR hard drive and could see with cams and hear through the microphones in the police cruiser. By using default passwords, he was able to upload, download and even delete video feed files which had be collected from cop cars. Those stored files from DVRs might be meant for evidence in court cases.
The research proves that many risks come along with tech designed to provide real-time "situational awareness" of what is happening with police during traffic stops. Finisterre pointed out that anyone with Internet connectivity could tap into that intelligence; civilians could secretly spy on cops.
I asked Kevin Finisterre, What would you most like people to take away from your research and discovery? Finisterre replied, "The biggest thing for people to take from this is that they need to make informed decisions. Understanding that your IT design choices have a large impact on things beyond the budget and bottomline can go a long way. The days of blindly trusting a vendor based on a handshake are gone. Due diligence is simply necessary."
