NYC taxis simply running mapping app over unsecured Windows

by Nilay Patel posted Dec 21st 2007 at 4:27PM

It's always interesting when electronic billboards, kiosks, and other installations go haywire and show you the dark heart of Windows lurking underneath, but it's even more fun when you can actually start poking around -- and it looks like there's a fair bit of poking to do in all those NYC taxis with backseat screens. According to Billy Chasen, dismissing the error message will allow you to get to the Start menu, from which it's trivial to run the Windows Connection Wizard, set up the Sprint broadband card, and start surfing away. Billy could also browse the filesystem -- which may or may not contain credit card data -- and it looks like he even had enough access to install any software he could find online. Hmmm, looks like there's 1000 experience points waiting here for the first person to send in a photo of Engadget on one of these screens -- with a 5000 point bonus if it's in Firefox.

Filed under: Transportation

Tags: hack, hacking, nyc taxi, nyc taxis, NycTaxi, NycTaxis, taxi, taxis

Subscribe to these comments

Reader Comments (Page 1 of 2)

Neutral

Boynamedsue @ Dec 21st 2007 4:32PM

"driver take me to 53rd and 3rd... say... what is this 2 girls 1 cup thing? Let me just click here and find out..."

Neutral

Neeko @ Dec 22nd 2007 1:57AM

haha 2 girls 1 cup thats hilarious. showed to coworkers that vid and they almost threwup. Now if this hack is true someone could make a killing exploiting this in ways i cant even imagine.

Neutral

boss sauce @ Dec 22nd 2007 4:17AM

Neeko-- how many minutes until you were fired?! NSFW? Not safe for anybody, anywhere!

Neutral

Ed @ Dec 22nd 2007 9:41PM

You sir... are a BASTARD. Of the highest order :)

Dear god, my sense of curiosity compelled me to look deeper into this 2 cups 1 girl thing...

I am not sure I will ever be the same. Oh My God. Seriously. Dear God.

I am going to get a drill and see if I can get these memories out of my head......

Neutral

hohum @ Dec 23rd 2007 2:10AM

@Ed, it's 2 girls, 1 cup... 2 cups, 1 girl would be waaaay more boring. :)

Neutral

Andrew @ Dec 21st 2007 4:33PM

If they're connected to the net, why not just allow people to browse? That might convince me to take the cab instead of walk/bike/bus.

Neutral

Jongscx @ Dec 21st 2007 6:42PM

It used to be, all you had to do was overload the touch-screen driver by clicking in a bunch of places a lot of times... I broke into a bank kiosk like that when I was 12 (on accident)... and started playing solitaire while my mother was depositing something (or getting a loan)

Neutral

Andrew @ Dec 21st 2007 11:00PM

Haha, so she didn't get the loan, eh?

Neutral

Rick @ Dec 21st 2007 6:40PM

Good ole windows.

Neutral

Hax Or @ Dec 21st 2007 4:42PM

Hi! Welcome to Cash Cab!

Low Ranked

Bob Yelenak @ Dec 21st 2007 4:43PM

The sad thing is, there's actually people with no lives on engadget (the majority) that will go out tonight and send in pictures of this. Only a matter of time.

Neutral

daedalus @ Dec 21st 2007 5:02PM

@Bob

Normally I'd agree with you, however it's Christmas weekend and it's New York City... no one, not even fanatic Engadget losers would be stupid enough to fight through the crowds of fat outlanders trying to get from Times Square to Rockefeller Plaza in order to rush out and play with some cabbies compie

Neutral

Spyvie @ Dec 21st 2007 4:41PM

So, your running a contest that encourages people to hack the hack's map screen, and then send photos...

Cool!

Neutral

fuma @ Dec 21st 2007 4:42PM

Virgin Megastore (US) used to (and probably still does) run quite a bit of back end stuff over unsecured networks - the "MEGAPLAY" listening stations was one that ran on tiny little embedded windows XP systems and loaded the front end through kiosk.virginmega.com

Neutral

blaktornado @ Dec 21st 2007 4:57PM

Oh I lol'd.

Wish I could do something like that at school :P That'll show you for giving me that seemingly unnecessary detention!

Neutral

moldymac @ Dec 21st 2007 5:00PM

Lol, I saw a kiosk at circuit city last week running windows 98 at the shutdown screen

Low Ranked

Bassir @ Dec 21st 2007 4:58PM

Why Windows?

Neutral

David Clark @ Dec 21st 2007 5:16PM

What else would they use? It isn't Mac hardware so OSX is out. I'm willing to bet they can't get commercial support for Linux, so the suits pony up to Windows.

Low Ranked

itguy05 @ Dec 21st 2007 5:05PM

Yet another reason why Windows belongs NOWHERE instead of Everywhere.

It's truly scary and appalling that such things run on the worst POS operating system ever invented.

It would be even more funny if they could get data off these machines. Similar to how the Windows based voting machines use an unprotected Access database....

Highly Ranked

Technex @ Dec 21st 2007 5:13PM

Fanboi.

Neutral

RYANGUBE @ Dec 24th 2007 2:05AM

i think you should be blaming the writer of the cab POS program, not windows. and the IT dept. for the cab system.

Neutral

David Clark @ Dec 21st 2007 5:18PM

I think the unprotected access database is an error on the part of those who set the machines up, not the operating system.

Idiot fanboy troll

Neutral

Froggy @ Dec 21st 2007 5:35PM

silly boy - that is a case of a bad sysadmin not a bad OS. why don't you take your iMac and go play in the sandbox with the other children :)

Highly Ranked

olsonick @ Dec 21st 2007 5:41PM

IT ≠ IQ

Neutral

ItGuy @ Dec 21st 2007 8:43PM

It has nothing to do with being a fanboi, it has to do with making the system very resistant to attack. Sadly, Windows fails this test, especially XP.

Let's see here:
By using Windows, you have the easiest system to hack, the most tools available to get that data off it, and the least security.

The fact is that these things shouldn't crash at all. Period, not at all. There should be 100% reliability just like other critical systems (think airliner controls, power plant controls, you car's engine computer, etc most which do not use Windows) and be the hardest to hack.

Thus it should be some hardened version of either:
1) Linux
2) Custom OS

With a proper UNIX system, there would be no chance of a dialogue box coming up and giving you control of the OS. Let alone being able to boot into the machine and grab the data like on the voting machines.

I won't even discuss the insanity of transmitting (and possibly storing) this information on a Windows machine in a public place like a cab. I wonder how long before someone steals the box from the cabbie?
And if you watched the HBO documentary on the voting machines, it was insane how easy it was to hack. The machine sent the data to an Access database that was not protected (no Access database can be secured) and you could easily manipulate the underlying data.

What should have been was fully encrypted traffic from end to end that is pretty much tamperproof. Encrypt the boot volume and all data with a dongle + PIN. That way every time the machine is turned on someone must validate it.

The fact is these companies took the cheap way out with COTS POS Windows, hobbled some poor code together and sold it to the sheeple as "secure".

I know I cringe when I hear something uses Windows as a backbone. And I typically avoid that merchant. That goes for websites, too. I see .ASP or .ASPX and run to another site. If you valued your personal information you would too.

Neutral

Matt @ Dec 21st 2007 9:36PM

It sounds like the machines simply weren't configured correctly. It's not the fault of Windows when it offers very good GUI user ability management through group policy. Some minimum wage IT slave for the cab company just isn't doing his job very well.

It's not that the dialog box is "giving you control of the OS", it just knocked the running application out of full screen, allowing you access to normal functions of the Windows GUI, like launching other applications and browsing the file system, again, none of those things are really the fault of the OS, more the fault of the person who configured the computer, and the fault of the programmer who created the application that crashed in the first place.

Besides, it's not like some stupid GPS map in the back of some cab is exactly a "mission critical device".

Neutral

RP @ Dec 22nd 2007 2:04AM

Windows is usually chosen because it's easy to develop on, and the hardware is cheap and off-the-shelf.

I doubt you could convince any pointed-hair boss that security and robustness outweigh the above.

Neutral

Rob @ Dec 23rd 2007 1:44PM

Nothing is 100% reliable. Even your example of airline controls. The only reason airline controls are as reliable as they are is because every system has several (up to four, I think) redundant backups.

There is no way you can be an IT guy and at the same time think there is anything out there that it 100% reliable. That's just contradictory logic. And your UNIX system,... yeah, just give me a little while and I'm sure I could break it.

Whatever fanboi

Highly Ranked

Wasabi @ Dec 21st 2007 5:15PM

It is entirely possible to lock down Windows 2k/XP/Vista even with the built-in Policy functionality and have it be fairy strong security for many consumer environments. Unfortunately run-of-the-mill techies do not educate themselves enough to know how to implement it effectively, if at all.

Highly Ranked

adam @ Dec 21st 2007 5:23PM

Cause we all know that fairies don't mess around.

Highly Ranked

David Landrum @ Dec 21st 2007 5:24PM

The first one to install and run Doom gets a 10000 point bonus.

Neutral

Michael LaFramboise @ Dec 21st 2007 5:27PM

10000 experience points for a photo of Engadget in Safari in OSx86

Neutral

ocelot67 @ Dec 21st 2007 5:37PM

IAWTC

Neutral

Froggy @ Dec 21st 2007 5:33PM

this so made my day. Wish I lived in NYC

Neutral

FordGTGuy @ Dec 21st 2007 5:41PM

50,000 points to anyone who loads an e-mail spam program to it. Could you imagine a mobile spammer? They could make another Die Hard with the PC, Mac, Linux and the Engadget guy.

Neutral

TubeTop100.com @ Dec 21st 2007 5:48PM

True story: I once had a blue screen on my tv, because the local newschannel ran on Windows 98. It was one of those channels with only text, powerpoint style.

Neutral

DarkLightConnection @ Dec 21st 2007 6:48PM

I once saw a "Windows XP" screensaver on a cable channel

Neutral

Alex Seyer @ Dec 21st 2007 10:29PM

Yeah theres like a public information channel where i live thats had like 75 error messenges cascaded for about 3 years now

Neutral

TubeTop100.com @ Dec 21st 2007 5:49PM

Ohhh what I forgot to mention:

that was the saddest day in my life.

Neutral

odemata @ Dec 21st 2007 5:52PM

will it run Doom

Neutral

mg @ Dec 21st 2007 5:55PM

No surprises there. The MTA fare card machines all still run NT 4.0 so I guess this is really not as bad as all that.

Neutral

Dave @ Dec 21st 2007 8:40PM

The MTA metrocard machines are some of the best high-volume vending machines ever developed. They're fast ... rarely fail ... and just work. The complete opposite are the NJ Transit ticket machines which reject cc cards regularly, and take forever to print tickets.

Neutral

jbhitter24 @ Dec 21st 2007 5:55PM

and how many points for opera?

Neutral

jbhitter24 @ Dec 21st 2007 5:56PM

woah, how the hell did my icon get there? i don't recall uploading it...

Neutral

Wwhat @ Dec 22nd 2007 4:34PM

We have our ways jbhitter, you should not have used windows ;)

Highly Ranked

Randy @ Dec 21st 2007 6:24PM

Are you offering Wii points or these some arbitrary engadeget points? Cause I'll do it for 5000 wii points.

Neutral

justin @ Dec 21st 2007 6:58PM

I had to call the Suicide Hotline after watching that and "4 Girls Fingerpainting" back to back. I can't even watch Cinemax late at night without fear of random excriment splattering.

I mean, how do you passionately vomit? How?!

Neutral

tb @ Dec 21st 2007 10:25PM

pics please

Neutral

MJZimmer88 @ Dec 22nd 2007 2:02AM

How about trying to instal something useful for a taxi ride? Like setting up a slingbox for the occasion? We already know they've got enough umph in those systems to run 'quality' video. And dont forget to leave it on something useful for the next passengers... like Fresh Prince reruns.

Neutral