this post was submitted on 03 Oct 2023
666 points (97.4% liked)

Technology

58125 readers
4425 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s
[email protected]
[email protected]
[email protected]
enu
[email protected]
L4s
666
Detroit man steals 800 gallons using Bluetooth to hack gas pumps at station (www.fox2detroit.com)
submitted 11 months ago by L4s to c/technology
151 comments fedilink hide all child comments
 

Detroit man steals 800 gallons using Bluetooth to hack gas pumps at station::undefined

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 99 points 11 months ago (1 children)

So, how would this work exactly? For curiosity's sake.

[–] Erasmus 84 points 11 months ago (1 children)

Not sure about this specific pump but this same thing happened in my town several months back and BT was used then too.

When it happened we found out that the pumps at the station in particular (and probably most) have a BT receiver tied to whatever little processor that runs the pump so either a station manager or someone servicing the pumps can access them with the right equipment, make internal adjustments etc.

In the case that happened locally to us. Someone hacked them the same way, then posted to Facebook and other social media sites to come get some free gas, etc.

[–] abhibeckert 14 points 11 months ago* (last edited 11 months ago) (2 children)

All the pumps I've seen have a physical key protecting them too. They're supposed to unlock it in the morning and lock it when staff leave for the night. I'd guess these stations didn't do that?

[–] [email protected] 23 points 11 months ago (2 children)

From everything I know about locks in important places, all pumps probably use the same key. You can probably buy that key online. I know this is true for elevators and those boxes for entering buildings, and Crown Vic police cars (and the taxis they've become after being sold), and many other things.

[–] [email protected] 15 points 11 months ago (5 children)

those boxes for entering buildings

do you mean doors ?

[–] [email protected] 9 points 11 months ago

I wish he meant doors 😂

[–] lemming741 5 points 11 months ago

Knox Box maybe

[–] Irinir 4 points 11 months ago (1 children)

He likely means card readers.

[–] [email protected] 6 points 11 months ago (1 children)

In buildings in some cities, entry ways for big buildings often have an emergency access box somewhere near the door. If police or the fire department need to gain entry, they have a master key that will let them access the lockbox and the lockbox will contain keys to the door.

[–] youstolemyname 4 points 11 months ago* (last edited 11 months ago)

It's a lockbox that is mounted near the door that contains a key to said door or an override used by emergency services such as the fire department. The boxes are all keyed the same.

[–] [email protected] 2 points 11 months ago

I can't think of the term for them, but they have a keypad and other buttons to call in and unlock the door, often along with things for postal and emergency services to get in if required.

[–] Erasmus 5 points 11 months ago (2 children)

I don’t know about that part. Just that it was all over the news when it happened here and I later read about the details as to how they did it.

I would have assumed the makers of the pumps would had put into them a little tighter security but then again look at some of these password and other web hacks we routinely see.

[–] WHYAREWEALLCAPS 2 points 11 months ago

There's a convergence of issues. First, and probably foremost, users are idiots. So it has to be able to be operated by a 5 year with a learning disability. Second, implementing security costs money up front. It is cheaper to let the customer deal with the fall out, then do damage control on the cheap, and keep going. Third, users can't be assed to access things that a 5 year old with learning and physical disabilities and a peanut butter and jelly sandwich in one hand can't access. These are all typical issues stuff is engineered towards. This is why you see this same basic issue crop up over and over again.

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago)

You'd be surprised how many times "good enough" is considered "good enough" when it comes to IT and security, even when it's really the bare minimum.