Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle Application Server 10g ORA_DAV basic authentication bypass"] [Next entry: "Howard's DORIS script is available again - some security comments from me"]

License Plate scanners and SQL Injection

I posted a couple of days ago a link to an almost certain hoax of a license plate of a red mini that had been altered to include SQL Injection. This was in a post titled License Plate SQL Injection.

It was interesting to see that Bruce Schneier's crypo-gram newsletter also included reference to the same license plate SQL Injection hoax but also it included a link to an article by Bruce titled "City Cops' Plate Scanner is a License to Snoop" which starts:

"New Haven police have a new law enforcement tool: a license-plate scanner. Similar to a radar gun, it reads the license plates of moving or parked cars and links with remote police databases, immediately providing information about the car and owner. Right now the police check if there are any taxes owed on the car, if the car or license plate is stolen, and if the car is unregistered or uninsured. A car that comes up positive is towed."