Researchers with security firm Zolder showed how they could remotely trigger the lights without being near one. The traffic lights interact with an app on a riders phone. There’s no real authentication on who or where you are, says co-founder Rik van Duijn of Zolder. He says his team reverse engineered applications that developers are making that are compatible with the traffic lights. The findings mean for developers of critical infrastructure projects, says Van Duijn. He also offers advice for developers working on IoT public infrastructure.”]
Source: https://www.cuinfosecurity.com/full-stop-vulnerabilities-in-iot-traffic-light-systems-a-14945