 |
| Image: Reviver |
In California, Arizona
and Michigan everyone can now equip their car with an electronic license plate.
When I read this my first thought was: what could possibly go wrong?
First let's take a
look at the (alleged) advantages of such a screen on your car. It's hip, and
California is certainly a state where a lot of hip people live. And what can
such a screen do for those hipsters? Well, to start with, of course, the
obvious: display the license plate of the car. Furthermore, Americans have to
renew their registration annually and that can be done automatically with that
plate. After that it gets a bit more frivolous: you can choose between light
and dark mode and add a personal line of text. And of course the screen can
also show advertisements.
The company Reviver,
the patent holder, attributes several possibilities to its product, the RPlate,
that can improve public safety. For example, the screen can show a notification
if the vehicle has been stolen, or if an amber alert has been issued for a
missing child. And you can manage it very conveniently with your smartphone,
via Bluetooth. And of course it has 5G connectivity and the more expensive
version has GPS, so you can always find your car.
Of course, the
manufacturer has also thought of the security of this device: “encrypted
TLS/SSL communication, advanced data encryption, zero hardware data storage”.
So – reading backwards – no data is stored, but that data is encrypted with
advanced technology (whatever that means). Communication is secured in the same
way as between your browser and a website.
Well. Leaving aside
the obvious questions about usefulness and necessity, I would like to take a
look at the security and privacy aspects of this solution without a problem (a
characterization of security guru Bruce Schneier). Another celebrity in my
field, Mikko Hyppönen, always says: when it's connected, it's vulnerable. You
should assume that this license plate can be hacked. An obvious 'use' for a hacked
license plate is, of course, forging it. But how about a false report that a
car has been stolen? Especially in America, where cops quickly raise their
hands to their hips, I don't think it's fun to drive around with a car that
shouts that it's been stolen, or that displays "HELP!". The inventors
also envision applications for paid parking (where the license plate replaces
the receipt behind the windscreen) and for the disabled (displaying a
wheelchair). If you can influence that, then an dishonest life of free parking
– even in reserved spaces – lies ahead.
In terms of privacy,
the obvious questions arise: who can follow me? Where you are and when can
reveal a lot of information about your life. How comfortable do you feel with
that thought? Of course, we don't need digital license plate for that at all –
depending on your settings, your phone, which you have with you even more often
than your car, knows all that too, and shares it with advertising companies
like Google and Apple. The privacy aspect does not even seem that exciting with
this product.
The question remains:
why would you? The marketing focuses on two spearheads: lifestyle and automatic
license plate renewal. The first point is reflected in the reviews, which
mainly show cars that you and I cannot afford. And on the second point,
commenters are being rather cynical: like it would be so hard to renew your
license plate the old-fashioned way. And why you shouldn’t buy such a thing? Perhaps because of the
security risks, and otherwise because of the price: the cheapest version costs
$19.95 per month.
I don't see us driving
around with a gimmick like that so quickly in the Netherlands. Should it ever
happen, then you don't have to be afraid of coarse language on the personal banner.
You can only show texts that have been approved by the authorities. Without
this restriction, the plates would of course fly over the counter in the
Netherlands.
And in the big bad world…
- of course you could have foreseen that paying-for-authentication causes all kinds of unwanted uses.
- you wonder what's going on at a company if the top people for security, privacy and compliance all resign on the same day.
- you do not have to provide your real name for online orders. [DUTCH]
- health insurance blackmailers in Australia, who didn't get their way, released information about abortions.
- Pixel phones could be unlocked by reinserting the SIM card.
- your browser also trusts certificates that are not necessarily trustworthy.
- Nowadays even ordinary newspapers write about securing smartphones. [DUTCH]
- The Dutch NCSC has updated the factsheet on choosing messaging apps (but they still don't make a value judgment). [DUTCH]
- A cyber criminal who has fled from Ukraine is waiting for his extradition to the US by the Netherlands.
- A primary school pupil accidentally ordered half a million euros worth of teaching materials. [DUTCH]
.jpg)
No comments:
Post a Comment