[EMAIL PROTECTED] (Ken Buchanan) on Tuesday, August 26, 2008 wrote: >I think this is a bit different than what Michael Heyman said. TxTag, >IIRC, was implemented by the same company (Raytheon) that implemented >the 407 ETR toll system in Toronto. In the case of the 407, there is >no image recognition done if the car has a valid transponder. Only in >the case of a missing or invalid transponder is the plate imagery >used. Supposedly the OCR has a high enough error rate that there is >still manual verification of plates before sending a bill, and >accordingly a $3.60 additional charge is applied per trip. > >If the images are used even when the vehicle has a valid transponder >-- as Michael Heyman suggests is happening with E-ZPass -- then it >might be feasible to have back end defenses against cloning, though >not without inconvenience to customers who borrow cars, buy new cars, >or rent cars while their own is getting serviced. Also as Matt Blaze >pointed out this makes the transponder wholly redundant.
I could see where knowing what the license plate should be, from the transponder code, could feed back into the OCR and only generate a hit when the disagreement was obvious. In the San Francisco Bay Area, they are using the transponder codes to measure how fast traffic is moving from place to place. They post the times to various destinations on the electric signs when there are no Amber alerts or other more important things to display. It is quite convenient, and they promise they don't use it to track people's trips. If one were paranoid, one could put a different ID into the transponder for each trip, and only put the one it was issued with into it for toll crossings. :-) Cheers - Bill --------------------------------------------------------------------------- Bill Frantz |"We used to quip that "password" is the most common 408-356-8506 | password. Now it's 'password1.' Who said users haven't www.periwinkle.com | learned anything about security?" -- Bruce Schneier --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]