Last week on Malwarebytes Labs:
Apple Pay phish uses fake support calls to steal payment details
Open the wrong “PDF” and attackers gain remote access to your PC
Flock cameras shared license plate data without permission
Grok continues producing sexualized images after promised fixes
Firefox is giving users the AI off switch
An AI plush toy exposed thousands of private chats with children
AT&T breach data resurfaces with new risks for customers
Apple’s new iOS settin
This week on the Lock and Code podcast…
There’s an entire surveillance network popping up across the United States that has likely already captured your information, all for the non-suspicion of driving a car.
Automated License Plate Readers, or ALPRs, are AI-powered cameras that scan and store an image of every single vehicle that passes their view. They are mounted onto street lights, installed under bridges, disguised in water barrels, and affixed onto telephone poles, lampposts, parki
There’s an entire surveillance network popping up across the United States that has likely already captured your information, all for the non-suspicion of driving a car.
Automated License Plate Readers, or ALPRs, are AI-powered cameras that scan and store an image of every single vehicle that passes their view. They are mounted onto street lights, installed under bridges, disguised in water barrels, and affixed onto telephone poles, lampposts, parking signs, and even cop cars.
Once installed, these cameras capture a vehicle’s license plate number, along with its make, model, and color, and any identifying features, like a bumper sticker, or damage, or even sport trim options. Because nearly every ALPR camera has an associated location, these devices can reveal where a car was headed, and at what time, and by linking data from multiple ALPRs, it’s easy to determine a car’s daylong route and, by proxy, it’s owner’s daily routine.
This deeply sensitive information has been exposed in recent history.
But there’s another concern with ALPRs besides data security and potential vulnerability exploits, and that’s with what they store and how they’re accessed.
ALPRs are almost uniformly purchased and used by law enforcement. These devices have been used to help solve crime, but their databases can be accessed by police who do not live in your city, or county, or even state, and who do not need a warrant before making a search.
In fact, when police access the databases managed by one major ALPR manufacturer, named Flock, one of the few guardrails those police encounter is needing to type a single word in a basic text box. When Electronic Frontier Foundation analyzed 12 million searches made by police in Flock’s systems, they learned that police sometimes filled that text box with the word “protest,” meaning that police were potentially investigating activity that is protected by the First Amendment.
Today, on the Lock and Code podcast with host David Ruiz, we speak with Will Freeman, founder of the ALRP-tracking project DeFlock Me, about this growing tide of neighborhood surveillance and the flimsy protections afforded to everyday people.
“License plate readers are a hundred percent used to circumvent the Fourth Amendment because [police] don’t have to see a judge. They don’t have to find probable cause. According to the policies of most police departments, they don’t even have to have reasonable suspicion.”
Last week on Malwarebytes Labs:
AI teddy bear for kids responds with sexual content and advice about weapons
Fake calendar invites are spreading. Here’s how to remove them and prevent more
Budget Samsung phones shipped with unremovable spyware, say researchers
What the Flock is happening with license plate readers?
Holiday scams 2025: These common shopping habits make you the easiest target
[Correction] Gmail can read your emails and attachments to power “smart features”
Ma
Entrar
