Feeds

Chinese boffins provoke Oz speed camera kerfuffle

Case binned after image algorithm cracked

Security for virtualized datacentres

Chinese scientists are the unlikely heroes of a New South Wales speeding case which saw a Sydney magistrate dismiss the charge against an alleged speed merchant because the Roads and Traffic Authority (RTA) could not prove that its vital photographic evidence was "secure", news.com.au reports.

At the centre of the brouhaha lies the MD5 algorithm, used to "store the time, date, place, numberplate and speed of cars caught on camera", as smh.com.au explains.

MD5 is intended to safeguard against tampering with this information by turning it into a 128-bit sequence of digits. However, the chaps from the China's Shandong University proved it was possible to alter the data and retain the same code, ie, the RTA could theoretically change, for example, the car's speed without any evidence of tampering.

The whole thing came to a head when lawyer Denis Miralis used this possible abuse against the RTA in the case of a man allegedly caught speeding in a school zone last November. In June, Magistrate Lawrence Lawson gave the RTA eight weeks to produce an expert willing to testify that the photos had not been doctored. When the RTA failed, Lawson threw out the case and awarded the defendant AU$3,300 costs.

Miralis immediately demanded an enquiry into all NSW's 110 speed cameras, declaring: "The integrity of all speed camera offences has been thrown into serious doubt and it appears that the RTA is unable to prove any contested speed camera matter because of a lack of admissible evidence."

Unsurprisingly, the NSW Law Society admitted the judgment might "open the doors for other drivers caught by speed cameras to mount the same defence".

As for MD5, encryption expert Nick Ellsmore said: "Since the [Chinese] research came out, we've been recommending that clients move away from MD5 and we've certainly recommended that people don't use it for new applications." ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Are you a fat boy? Get to university NOW, you PENNILESS SLACKER
Rotund types paid nearly 20% less than people who didn't eat all the pies
Emma Watson should SHUT UP, all this abuse is HER OWN FAULT
... said an anon coward who we really wish hadn't posted on our website
Japan develops robot CHEERLEADERS which RIDE on BALLS
'Will put smiles on faces worldwide', predicts corporate PR chief
Bruges Booze tubes to pump LOVELY BEER underneath city
Belgian booze pumped from underground
Let it go, Steve: Ballmer bans iPads from his LA Clippers b-ball team
Can you imagine the scene? 'Hey guys, it's your new owner – WTF is that on your desk?'
Amazon: Wish in one hand, Twit in the other – see which one fills first
#AmazonWishList A year's supply of Arran scotch, ta
SLOSH! Cops dethrone suspect - by tipping over portaloo with him inside
Talk about raising a stink and soiling your career
Ingredient found in TASTY BEER is GOOD for your BRAIN
You only have to drink 2k litres a day to see the effect...
Oz carrier Tiger Air takes terror alerts to new heights
Don't doodle, it might cost you your flight
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.