Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Stole 600 Gallons of Gas From Detroit Gas Station, Report Says (gizmodo.com)

Posted by msmash on from the making-a-living dept.

Police in Detroit are looking for two suspects who allegedly managed to hack a gas pump and steal over 600 gallons of gasoline, valued at about $1,800. From a report: The theft took place in the middle of the day and went on for about 90 minutes, with the gas station attendant unable to thwart the hackers. The theft, reported by Fox 2 Detroit, took place at around 1pm local time on June 23 at a Marathon gas station located about 15 minutes from downtown Detroit. At least 10 cars are believed to have benefitted from the free-flowing gas pump, which still has police befuddled. Here's what is known about the supposed hack: Per Fox 2 Detroit, the thieves used some sort of remote device that allowed them to hijack the pump and take control away from the gas station employee. Police confirmed to the local publication that the device prevented the clerk from using the gas station's system to shut off the individual pump.

147 of 263 comments (clear)

  1. Manual Shut Off? by Drethon · · Score: 4, Interesting

    Seriously, I'm not big on the whole let the computer handle everything on important things, particularly something that is potentially safety critical. Manual shut off valves aren't hard.

    1. Re:Manual Shut Off? by Joe_Dragon · · Score: 1

      Shut down the full station just to fix one bad pump? Maybe the clerk did not know how to full reboot

    2. Re:Manual Shut Off? by Darinbob · · Score: 4, Interesting

      Or call the police. It shouldn't have taken 90 minutes for police to show up.

    3. Re:Manual Shut Off? by Anubis+IV · · Score: 2

      Or, how about simply covering the pump with an “Out of Order” sign/bag/covering like they would for any other malfunction? No need to even shut it off when cutting off access to it is sufficient.

    4. Re: Manual Shut Off? by Anonymous Coward · · Score: 1

      Plastic bag over pump handle seems to work around here

    5. Re:Manual Shut Off? by gnick · · Score: 5, Insightful

      Shut down the full station just to fix one bad pump?

      Yes! If the other option is to let gas free-flow for 90-minutes, then shut down the whole station. Of course! You think the gas station made $1,800 profit on the functioning pumps during that 90-minutes?

      --
      He's getting rather old, but he's a good mouse.
    6. Re:Manual Shut Off? by Chris+Mattern · · Score: 2, Funny

      Or, how about simply covering the pump with an âoeOut of Orderâ sign/bag/covering like they would for any other malfunction? No need to even shut it off when cutting off access to it is sufficient.

      I'm sure the "please don't take the free gas" sign would've solved everything.

    7. Re:Manual Shut Off? by Anubis+IV · · Score: 4, Interesting

      When you pull up to a gas station and see an out of order placard on a pump, do you bother checking to see if free gas is being dispensed by it, or do you simply go to an open pump? For all I know, this problem is a common one, with none of us any the wiser.

    8. Re:Manual Shut Off? by Chris+Mattern · · Score: 1

      Inside job. You need a gas truck to haul away 600 gallons.

      I know nobody reads TFA, but can you at least read TFS?

      At least 10 cars are believed to have benefitted from the free-flowing gas pump

      So the hackers cracked the pump, and a whole line of cars treated themselves to free fill-ups.

    9. Re:Manual Shut Off? by Chris+Mattern · · Score: 1

      I suspect that almost all the cars either were part of the hacker operation or tipped off by the operation.

    10. Re: Manual Shut Off? by Anonymous Coward · · Score: 1

      No one has suggested to this so far but what if the ones filling up for free weren't just "random" people. What if they were invited or part of this hack? Just one idea.

    11. Re: Manual Shut Off? by tysonedwards · · Score: 2, Insightful

      Iâ(TM)m sure he could have walked out with a plastic bag to cover the nossle or a piece of paper taped to the screen saying âoeout of serviceâ well before 90 minutes lapsed. As one person pulls away, be ready. Surely theyâ(TM)d done this sort of thing in the past when a pump was malfunctioning (like this time).

      --
      Thirty four characters live here.
    12. Re:Manual Shut Off? by hawguy · · Score: 4, Informative

      Shut down the full station just to fix one bad pump? Maybe the clerk did not know how to full reboot

      When I worked at a gas station, I knew where the breaker panel was and we had separate breakers for each pump.

      So, the easy solution would have been to just power off the hacked pump.

    13. Re: Manual Shut Off? by reanjr · · Score: 1, Funny

      Emergency shutoffs are for fires and when cars crash into pumps. They are not there to stop a theft.

    14. Re:Manual Shut Off? by Ol+Olsoc · · Score: 1

      It said he couldn't shut off the individual pump. I'm sure there's a massive kill switch of doom (due to nanny-state commie stuff) that shuts off the entire station, but for some reason he didn't want to use it. Worried about getting in trouble over lost sales?

      Here in the wilds of Pennsylvania, there is an emergency shut off at the pumps that brings the whole show to a halt. Helps prevent really big deflagrations

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    15. Re:Manual Shut Off? by Joe_Dragon · · Score: 5, Funny

      they tried but systemd just auto restared the pump

    16. Re:Manual Shut Off? by brian.stinar · · Score: 2

      When living in Santa Fe, New Mexico, I called the police about multiple break-ins at a place I was renting. I had nothing worth stealing, but the guy that lived in the connected apartment from mine did. The shortest time it took the cops to get there was 45 minutes. The longest time I stopped counting after 3 hours. My house was broken into 3+ times, and I didn't really care since the rent was cheap, and if any of the little punks tried it when I was around someone would have been calling a coroner instead of a cop.

      If you seriously believe that the police are going to show up, to help you, quickly, when something bad is going down, you will be sadly surprised. I now live in Albuquerque, New Mexico, and the response time for "someone is going to die" types of police calls is typically in the double-digits of minutes (10-15 minutes.) The police are doing the absolute best that they can, but it seems like everywhere there are simply not enough cops to quickly respond to everything.

      When seconds matter, police are only minutes away.

      It's fine to talk about should and shouldn't, but what it really comes down to is that people need to accept responsibility for their own property. In this case, having the gas station attendants with ANY type of training at all could be a good first step. They might have been able to shutoff the malfunctioning pump.

    17. Re: Manual Shut Off? by demonlapin · · Score: 4, Insightful

      The master on/off switch for my power to my house isn't there to stop a live wire thrown into a bathtub, but if if I had a toaster in the tub, that's the one I'd be using.

    18. Re:Manual Shut Off? by demonlapin · · Score: 3, Insightful

      You'd need something like 30-40 cars to get 600 gallons. I have had one truck with a 25-gallon tank, but most passenger cars are around 15. (Metric users, 1 gallon is just under 4 L.)

      That said, yeah, inside job. An hour and a half? Plenty of time to shut it down.

    19. Re:Manual Shut Off? by Darinbob · · Score: 2

      Except this was an ongoing crime. If they police had shown up they could have made easy arrests, boosting their quotas, looking good to the citizens, etc.

    20. Re: Manual Shut Off? by brian.stinar · · Score: 2

      I also think Canadians are less likely to commit crimes, which (if true) means that smaller/cheaper police forces can serve larger populations.

    21. Re:Manual Shut Off? by Anonymous Coward · · Score: 1

      Whats even worse. The Police are still shifting through the logs but they can't make heads nor tails of it.

    22. Re:Manual Shut Off? by tquasar · · Score: 1

      Inside job? At least ten cars over ninety minutes.... THEN call the po-po? Something is missing here.

    23. Re:Manual Shut Off? by pslytely+psycho · · Score: 2

      He (she? it?) doesn't need to know how to reboot the system.

      The yellow out of order bag that goes over the nozzle would of sufficed, with the added benefit as pointed out above of identifying anyone actively involved who bypasses the bag and pumps anyway.

      --
      Donald Trump, on a crusade to make Nixon look respectable
    24. Re:Manual Shut Off? by twdorris · · Score: 1

      Shut down the full station just to fix one bad pump?

      Even if you don't feel that was appropriate in this particular situation (although as others have posted already, it seems pretty reasonable even here), the option to manually shut off everything has to be available regardless and I'm pretty sure it is by requirement for instances where a single pump catches fire!

      And let's take this hack a step further into terrorist land where you could easily picture a scenario where someone might shutdown electronic control over the pumps and start setting everything ablaze on purpose...surely there's a need for a manual shut off here.

      There's a big red button somewhere at this station, as all other stations I'm sure. If nothing else, a full main breaker that controls everything.

    25. Re: Manual Shut Off? by chainsaw1 · · Score: 1

      If they only hacked one pump, then all 10 cars should have been in line for one pump--even when other pumps were available for use. This should be verifiable with the security camera.

      It should also be pointed out that a 3/4 ton / 1 ton pick up can have a 40 gallon tank plus one or more 100 gallon service/transfer tanks in the bed. Anything more than one service tank would look--odd.

      --
      - Sig
    26. Re:Manual Shut Off? by Drethon · · Score: 1

      Shut down the full station just to fix one bad pump? Maybe the clerk did not know how to full reboot

      When I worked at a gas station, I knew where the breaker panel was and we had separate breakers for each pump.

      So, the easy solution would have been to just power off the hacked pump.

      This, exactly! I don't care what system gets hacked on the internet, turn the power off with a physical switch and there is absolutely nothing the internet can do.

    27. Re: Manual Shut Off? by Drethon · · Score: 1

      My Volvo (a car, not a truck) has a 100L tank; it also does 4L/100km so you can easily drive from Stockholm to Munich without refueling, even through huge queues. What kind of sissy cars are sold in the US that your fuel tanks are that small? Sedans rather than station wagons, that's why you can't fit anything and need to buy trucks :D

      With base price around $38k and the 2018 V60 having a tank that is 17.8 gallons, I'm not really seeing the benefit to this car. The Chevy Impala has a base price around $10k less with a slightly larger gas tank and about the same MPG. For the few things that don't fit in the car with the seats folded down, I'll rent the Home Depot truck for $19.

    28. Re: Manual Shut Off? by jabuzz · · Score: 2, Interesting

      Don't know I have had a fire safety officer make people walk past a functioning exit from the building during a drill because it was not a recognized fire exit for the building. It was electrically operated and might fail in the event of a fire. Presumably he would stop someone climbing out the window on the ground floor if there was a fire outside the room they where in.

    29. Re: Manual Shut Off? by Drethon · · Score: 2

      That's literally 4x the range of my current car, which has a smaller gas tank than my previous car but the same range due to greater fuel efficiency.

      100L seems monstrously huge for a gas tank to me, and I have a hard time even imagining 4L/100km. I know Volvos are notoriously unsexy cars, but that kind of fuel efficiency might change my mind.

      Someone correct me if I'm wrong but the only Volvo I can find with that gas mileage starts at $63k. Considering I spend about $1,500 a year on gasoline, getting a car that costs that much more than a fair gas milage ICE car (or a better priced hybrid) doesn't make a lot of sense to me.

    30. Re:Manual Shut Off? by bobbied · · Score: 2

      You think a minimum wage gas station attendant gives a fuck if a faceless corporate entity makes a profit or not? How cute!

      He better... Lack of profit ==> Going out of business ==> Unemployed.

      In fact, I think you've hit on a common issue in today's society, this demonization of the faceless, nameless rich people who employ the vast majority of us. You'd better care about profits for the business you work for, the more the better (within the bounds of law and ethics) because it's what pays your wages and benefits. If you don't like that somebody else is making money on your efforts, then I suggest you start your own business, take your own risks and work for yourself and keep ALL the profits. Just be prepared to work for less than minimum wage for awhile like most small business owners do. I'm guessing you will soon learn how sweet a minimum wage (minimum responsibility) job actually is.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    31. Re:Manual Shut Off? by bobbied · · Score: 1

      I can tell, you've not called the police have you?

      I called 911 once because the car I was driving burst into flames in the middle of a major city and almost within visual distance of the fire station. It took almost 10 min for the police to arrive and another 10 for the fire department. For 20 min, the car burned. I'm guessing this was faster than normal because the car was blocking the major east/west road though town.

      In another instance, there was an automobile accident in the middle of a major city I was involved in. It took almost two hours for ANYBODY to show up and that was with two cars blocking three lanes of traffic and the other driver needing an ambulance.

      You might get better response to a "active shooter" report, but simple non-violent criminal activity request for assistance might have you waiting for 24 hours...Especially in Detroit.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    32. Re: Manual Shut Off? by Kierthos · · Score: 1

      Okay, he goes out and puts a sign on the screen. The people doing the hack still know it works, though.

      --
      Mr. Hu is not a ninja.
    33. Re: Manual Shut Off? by tysonedwards · · Score: 1

      That assumes it was targeted for the purpose of stealing gas from said station instead of simply âoesee if itâ(TM)s possibleâ and the people filling up were just unwitting benefactors.

      --
      Thirty four characters live here.
    34. Re: Manual Shut Off? by parkinglot777 · · Score: 1

      My Volvo (a car, not a truck) has a 100L tank; it also does 4L/100km so you can easily drive from Stockholm to Munich without refueling, even through huge queues. What kind of sissy cars are sold in the US that your fuel tanks are that small? Sedans rather than station wagons, that's why you can't fit anything and need to buy trucks :D

      Someone is not being truthful but rather exaggerate the numbers. It would be much easier to "fact check" if a model number is given. I don't see any car that has 100L tank. Also, most of them are using Diesel instead. It is known that Diesel fuel gives better mileage than Benzil. Thus, you are comparing apple with orange.

    35. Re:Manual Shut Off? by Pascoea · · Score: 1

      Bumfuck Minnesota (Ok, Monticello. Population 12k, about 20 miles from Minneapolis) I got in a fairly significant accident, effectively reducing the intersection to one lane. (some dipshit turned left in front of me, smoked him doing about 40) No injuries, but the cops were still there within 5 minutes of calling 911. Just offering my anecdotal story.

    36. Re:Manual Shut Off? by Green+Mountain+Bot · · Score: 1

      It depends on how busy they are and how many pumps they have. If it takes three minutes to fill a tank with 20 gallons, the store has 15 other pumps in constant use, and they make $0.20/gallon, that works out to $1800 in profit.

      There are other things to consider, though. One is that fuel is not where the profit is - it's inside sales. If customers pull up and see the pumps aren't working, they're going to go elsewhere for their fuel and, more importantly, for their high margin inside purchases like cigarettes, chips, and soda. Another is reputation. If people don't trust that they can fill up at your store, they won't stop. It's often better to allow some one-time cash loss in the present to prevent permanent sales loss in the future.

    37. Re:Manual Shut Off? by bobbied · · Score: 1

      Remember... The original story was in Detroit where money for police is in short supply. My guess is their average response time is quite a bit higher in Detroit than the middle of nowhere Minnesota...

      Both of my examples where in major metropolitan areas, the first in Raleigh NC and the second in Garland TX (The third largest city in the Dallas-Fort Worth area) and all happened over 20 years ago now. Back when there was money for public services.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    38. Re:Manual Shut Off? by lsatenstein · · Score: 1

      Seriously, I'm not big on the whole let the computer handle everything on important things, particularly something that is potentially safety critical. Manual shut off valves aren't hard.

      The employee was complicit. All gas stations have circuit breakers and switches to cut the power to pumps.
      It does not take brains to pull the power to the station.

      --
      Leslie Satenstein Montreal Quebec Canada
    39. Re: Manual Shut Off? by Hognoxious · · Score: 1

      Then he is a terrible employee who knows nothing about the business!

      You expect a pump attendant to have an MBA?

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    40. Re:Manual Shut Off? by Darinbob · · Score: 1

      I was in a minor accident on a motorcycle once, I fell over, no injuries, no dent, etc. This was before mobile phones. A fire truck was there within a minute to embarrass me.

    41. Re:Manual Shut Off? by Hognoxious · · Score: 1

      And the ones that blow up go out of business (or at least their insurance goes up).

      Ah, the magic of the free market!

      It's the same with doctors who kill patients, restaurants that poison their customers, and carmakers whose vehicles drive themselves into large red stationary trucks. Well, not the last one. Not yet.

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    42. Re:Manual Shut Off? by Ol+Olsoc · · Score: 1

      That neither contradicts what he wrote nor adds anything to it.

      U mad bro?

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    43. Re: Manual Shut Off? by Green+Mountain+Bot · · Score: 1

      Gas station companies tend to try to maintain a margin in the $0.15-$0.25 per gallon range. Mom & Pop stores live by different rules, of course, but the big players (like Marathon) try to keep a steady margin in that range over their full portfolio of stores. That means some will be lower, but others will be higher.

      Source: 20 years in the finance/accounting side of the cstore industry.

    44. Re: Manual Shut Off? by Khyber · · Score: 1

      There is no fix for the stupidity that is an Apple product, sorry.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    45. Re:Manual Shut Off? by Drethon · · Score: 1

      Manual shut off valves aren't hard.

      A gun trigger isn't hard to operate either, and yet we demand a considerable amount of training (physical as well as legal) in order for someone to carry and use one while on duty.

      Having the tool is only half the problem in our over-litigious society. Knowing when you can legally use it is another matter entirely. An operator using the emergency kill switch to shut down an entire gas station because a single pump was not communicating properly? Sadly, they probably would have been fired by the greedy gas station owner for losing out on revenue.

      And yet they probably keep their job after losing ~$1,800 in stolen gas, rather than what, $180 in profits from the rest of the pumps? I think one of the big problems is shortsightedness. Not so much in specifically not wanting to shut down the station, and profits, at risk of a much greater loss, more of shortsightedness of the just in time approach to everything and the profit margins cut down to nothing from cut throat competition. A gas station is almost forced to stay open when shutting down for a single day could break them. Not that I have any solutions for that situation...

    46. Re:Manual Shut Off? by painandgreed · · Score: 1

      You think a minimum wage gas station attendant gives a fuck if a faceless corporate entity makes a profit or not? How cute!

      He better... Lack of profit ==> Going out of business ==> Unemployed.

      In fact, I think you've hit on a common issue in today's society, this demonization of the faceless, nameless rich people who employ the vast majority of us.

      Doubtful. I've worked those jobs before. First off, the "rich" person probably wasn't nameless, but the owner/manager. Said owner/manager probably left instructions for what was to be done, which is normally give them a call and let them tell you what to do. Taking the initiative to do something like shut down the station probably would have got him fired because those were not the instructions left for him to follow. It probably took 90 minutes to realize something was wrong, call the manager/owner, who told him to call the cops, and then wait for them to arrive like the manager/owner told him. Too many of those people who run such things with minimum wage workers are not only micromanagers, but they are also really bad at it.

    47. Re: Manual Shut Off? by Cramer · · Score: 1

      In a drill, I can understand that. Go where you're supposed to go. In an actual emergency, do whatever is necessary.

    48. Re:Manual Shut Off? by Cramer · · Score: 1

      There have been times when I've called the police and it took hours for someone to finally respond. Non-emergencies are zero priority. (they had wrecks, burglaries, and drunks to deal with)

      A malfunctioning gas pump that's giving away free gas isn't remotely an emergency. There are at least a dozen different ways to deal with the situation. From turning off the entire station (there's actually only one pump (per grade); the things from which you get the gas is a just a metered dispenser), to padlocking the pump, to parking other cars around that pump to keep others away from it.

    49. Re:Manual Shut Off? by bobbied · · Score: 1

      That doesn't remove the personal responsibility angle here.

      Your manager may be a moron and having you doing seemingly stupid things, but you still should have the profitability of the business in mind, even if you are working minimum wage jobs. You may not have any control, but you *should* care, if for no other reason than YOUR livelihood depends, at least in some way, on if the business remains profitable or not. Helping your stupid manager succeed is almost a sure fire way of making MORE money. Either they will recognize they depend on you and want to keep you around, or their manager will eventually see they are an idiot and replace them, giving you a chance at being picked.

      By the way... Stupid people don't generally stay in business very long, nor do those who hire stupid managers. I've seen my share of managers who have risen as high as their incompetence could take them, but I've rarely seen them being kept around if they didn't produce some kind of gain for the business. Owners are NOT going to lose money on an idiot manager, at least not for long. Businesses WILL, however, pay good folks who care to stick around.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    50. Re:Manual Shut Off? by Cramer · · Score: 1

      We recently had a car in a neighbor's lot catch fire. (they didn't lock it, and some heroin idiots set it on fire) A fire truck was there in ~2min, they were actively dealing with it in under 5min. That car was right behind a gas station, so they were likely highly motivated to stop that explosion. Yes, it did take ~20min for a cop to show up to block off the street.

    51. Re: Manual Shut Off? by Cramer · · Score: 1

      100L ~ 25gal, so you don't have anything magical. Yes, most autos have a ~20gal tank. This ain't Mad Max; we don't need 100gal tanks. That said, many trucks (pickups) and SUVs will have something on the upper end of the scale, but they also have pretty poor fuel economy.

    52. Re:Manual Shut Off? by mikeiver1 · · Score: 1

      I suspect that the attendant is a part of this. The fact is that there is a power interrupt at every station both outside and in. The one outside is clearly marked and easy to access. Pumps are very easy to turn off. Fishy!

    53. Re: Manual Shut Off? by pslytely+psycho · · Score: 1

      Fuck no, I live where we told the feds to fuck off.
      Now I enjoy tested legal weed in clean well-stocked stores for the same price as the old, nearly extinct black market.

      --
      Donald Trump, on a crusade to make Nixon look respectable
    54. Re:Manual Shut Off? by bobbied · · Score: 1

      Gas stations don't explode... Even when a car is on fire AT the gas pumps. I know, I've seen it happen when a guy left his car running and then proceeded to walk away while refueling. The auto-shutoff didn't work when his tank got full, gasoline went onto the ground and the brand new shiny yellow corvette when up in flames WITH the gas pump. Quite the fire, but no explosion. In fact, it's quite difficult to get gasoline to explode, despite what you see on TV and in movies. A car on fire in the next lot isn't a problem for the gas station... It is for any structures near by though..

      But my point remains. Emergency help takes time to arrive. Sometimes it takes a LONG time. As individuals we need to be prepared to deal with situations until help can arrive, which in some cases can be days.

      Thus the saying "Calling 911 can get you help in min, when seconds count."

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    55. Re:Manual Shut Off? by RockDoctor · · Score: 1
      Exactly. Pop the breaker and the problem is finished.

      Many pumps also have a padlock slot on them so the pump can't be lifted from the rest, or the trigger can't be depressed to allow fuel flow. No reason you can't use both.

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
  2. Fire Emergency shut-off by innocent_white_lamb · · Score: 2

    All gas stations are required to have a big emergency button mounted on the wall inside of the building that will immediately cut off the flow of fuel to the gas pumps when pushed.

    I think that button is also required to be accessible to the public, i.e not hidden behind the counter.

    Push that button and no fuel is dispensed until the system is reset.

    If the attendant somehow didn't know about that button, then that's a hazardous situation right there.

    --
    If you're a zombie and you know it, bite your friend!
    1. Re:Fire Emergency shut-off by OzPeter · · Score: 2

      If the attendant somehow didn't know about that button, then that's a hazardous situation right there.

      I actually read TFA and it seems that the attendant tried all sorts of ways through his normal systems to shut the gas off, but failed. It appears that he finally used the emergency shutoff, but that is not clear in TFA.

      --
      I am Slashdot. Are you Slashdot as well?
    2. Re:Fire Emergency shut-off by Junta · · Score: 5, Insightful

      I wager the attendant didn't catch on for a while. Generally nowadays the systems are *supposed* to only dispense if the customer has given payment info or the attendant has turned it on. In fact, most of the time when I go to a gas station now, I've set up payment before I even leave the car and just get out and pump. A station attendant may have a hard time distinguishing someone paying by mobile from someone who made it dispense gasoline otherwise, depending on how it works. Note it says it went on for 90 minutes, then he shut it down, *then* he called police. It also says he "got an emergency kit"., which may have been how he was describing the fuel shut off (his English may not have been the best). Him describing the system being non-responsive doesn't mean he sat there for a long time trying to overcome the situation, it just speaks to his surprise.

      --
      XML is like violence. If it doesn't solve the problem, use more.
    3. Re:Fire Emergency shut-off by Mr+D+from+63 · · Score: 2

      My guess is he desired to shut off the hacked pump, and not shut down all the pumps. If those buttons trigger an emergency response (someone enlighten me) then that might have played into it as well.

    4. Re:Fire Emergency shut-off by SeaFox · · Score: 1

      All gas stations are required to have a big emergency button mounted on the wall inside of the building that will immediately cut off the flow of fuel to the gas pumps when pushed....Push that button and no fuel is dispensed until the system is reset.

      If the attendant somehow didn't know about that button, then that's a hazardous situation right there.

      Even ignoring this, the theft went on for 90 minutes. Was there some reason the attendant couldn't get the cops to come out in less than an hour and a half and stop people from filling up?

    5. Re: Fire Emergency shut-off by Nidi62 · · Score: 2

      Its Detroit?

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
    6. Re:Fire Emergency shut-off by whoever57 · · Score: 1

      Was there some reason the attendant couldn't get the cops to come out in less than an hour and a half and stop people from filling up?

      You think the police care about a small non-violent property crime?

      --
      The real "Libtards" are the Libertarians!
    7. Re: Fire Emergency shut-off by demonlapin · · Score: 2

      Very true. As the saying from my salesman father-in-law goes, you can shear a sheep dozens of times, but you can only skin it once. He likes a good deal, but he likes repeat business more.

    8. Re:Fire Emergency shut-off by SeaFox · · Score: 1

      I figured they'd rush to the scene of a crime against an oil company.

    9. Re: Fire Emergency shut-off by Calydor · · Score: 1

      Reminds me of a scam I heard about long ago about someone working in a bank who would skim off a few cents of all the accounts. Very few people would even notice the discrepancy (do you remember if your bank balance ends in .65 or .56 right now?), and of them even fewer would bring it up with the bank manager. Those few cents would be reimbursed and considered a glitch or math error somewhere; this was before everything was digitized so shit happened.

      But imagine skimming a few cents off a million accounts every few months ...

      --
      -=This sig has nothing to do with my comment. Move along now=-
    10. Re: Fire Emergency shut-off by Junta · · Score: 1

      Paying by mobile can be secure. There is every probability that in this case the mechanism used for the attack is not related to anything unique to enabling paying from phone.

      --
      XML is like violence. If it doesn't solve the problem, use more.
    11. Re:Fire Emergency shut-off by jeff4747 · · Score: 1

      Even ignoring this, the theft went on for 90 minutes. Was there some reason the attendant couldn't get the cops to come out in less than an hour and a half and stop people from filling up?

      You're assuming the attendant figured out that it was happening immediately.

      The pump dispensing free gas is going to look all that different from the other pumps at a glance, since presumably it has a pay-at-the-pump system. It probably took a while to notice no one was paying.

    12. Re: Fire Emergency shut-off by rpstrong · · Score: 1

      ...this was before everything was digitized so shit happened.

      But imagine skimming a few cents off a million accounts every few months ...

      If you spent three months manually skimming from a million accounts, you're averaging around 10,000 accounts per day.

      I've worked accounting. No, I can't imagine it.

    13. Re:Fire Emergency shut-off by whoever57 · · Score: 1

      I figured they'd rush to the scene of a crime against an oil company.

      Only a big oil company.

      It's not clear who owns this particular gas station: many are not owned by oil companies.

      --
      The real "Libtards" are the Libertarians!
  3. Re:I'm stumped by NFN_NLN · · Score: 1

    "Wasn't driving the car at the time; aka Dundu nuffin"

  4. Gas? by ickleberry · · Score: 3, Funny

    What kind of gas was this? Butane? Propane? Methane?

    1. Re: Gas? by Bing+Tsher+E · · Score: 1

      Gallons of gas.

      You would never understand.

    2. Re:Gas? by antdude · · Score: 1

      Farts. :P

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
    3. Re:Gas? by novakyu · · Score: 1

      It's supposed to be funny to people who are too dumb to realize they are on an American website.

    4. Re:Gas? by Calydor · · Score: 1

      WHOOSH on both of you.

      In case you didn't get it, that's the sound of the butane and methane and propane all being ignited at the same time.

      --
      -=This sig has nothing to do with my comment. Move along now=-
    5. Re:Gas? by cascadingstylesheet · · Score: 1

      What kind of gas was this? Butane? Propane? Methane?

      The kind referred to as such from coast to coast in a country who's farts (pun intended) are bigger than European countries.

  5. Of course, it's Detroit by mapkinase · · Score: 1

    Of course, people will be looking for another round of shield-and-sword war with hackers.

    What happened to

    Zwei Dinge erfüllen das Gemüt mit immer neuer und zunehmender Bewunderung und Ehrfurcht, je öfter und anhaltender sich das Nachdenken damit beschäftigt: Der bestirnte Himmel über mir, und das moralische Gesetz in mir

    --
    I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
    1. Re:Of course, it's Detroit by Chris+Mattern · · Score: 5, Funny

      Some people listen to their moral voice, and other just Kant.

    2. Re:Of course, it's Detroit by PolygamousRanchKid+ · · Score: 2

      What happened to

      Zwei Dinge erfüllen das Gemüt mit immer neuer und zunehmender Bewunderung und Ehrfurcht, je öfter und anhaltender sich das Nachdenken damit beschäftigt: Der bestirnte Himmel über mir, und das moralische Gesetz in mir

      Verjährt.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  6. Circuit breaker. by Fly+Swatter · · Score: 1

    stop.

  7. Re:Call the police? by ArchieBunker · · Score: 4, Informative

    You really don't know much about Detroit. The police wont even show up for shootings unless there are two bodies. Stealing gas doesn't even register.

    --
    Only the State obtains its revenue by coercion. - Murray Rothbard
  8. would of made more with an cc skimmer vs maybe by Joe_Dragon · · Score: 1

    would of made more with an cc skimmer vs maybe a few free full ups.

  9. Re:I'm stumped by CaptainDork · · Score: 1

    *dindu

    --
    It little behooves the best of us to comment on the rest of us.
  10. I'm guessing a magnet was the "hacking device" by iduno · · Score: 1

    Some high tech hacking skills are required to put a magnet on a relay.

  11. Hackers steal 600 gallons of gas in Detroit... by Narcocide · · Score: 5, Funny

    ...then ironically don't use it to leave Detroit.

  12. The math from TFS ... by CaptainDork · · Score: 2

    ... because I didn't read TFA:

    Given:

    - $1,800 USD
    - ~ 10 cars
    - 600 gallons

    Then:

    $1800/10 car = $180/car

    $1,800/600 gallons = $3/gallon

    600 gallons/10 cars = 60 gallons/car????

    --
    It little behooves the best of us to comment on the rest of us.
    1. Re:The math from TFS ... by DakotaSmith · · Score: 1

      Additionally, given that the average gas tank of the average car contains roughly 12-15 gallons, that would mean each car had approximately five ten-gallon gas cans.

      You'd think even the dimmest bulb that never thought to put an Out of Order sign on the pump would notice ten cars filling five gas cans each.

      --
      Microsoft leads to Bluescreen; Bluescreen leads to downtime; downtime leads to suffering.
    2. Re:The math from TFS ... by Plus1Entropy · · Score: 1

      I bet they don't know how much was stolen, and are only estimating. There is no metering system on the main tank, only on the dispensers. So if the dispenser was tampered with, there is no way to know how much was stolen until you get the main tank refilled and do the accounts.

      --
      Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
    3. Re:The math from TFS ... by SecurityGuy · · Score: 1

      TFA says "At least 10". That likely means something like "We saw 10 people do it, so it was AT LEAST that many...but we're missing 600 gallons of gas."

      All your math shows is that since 60 gallons a car is improbable, we're probably looking at 20, 30, or more. If these were average cars filling up, probably 40 ish.

    4. Re:The math from TFS ... by CaptainDork · · Score: 1

      And the rest went to the bed?

      --
      It little behooves the best of us to comment on the rest of us.
    5. Re:The math from TFS ... by rpstrong · · Score: 1

      I haven't worked at a station for over forty years, but back then the main tank was 'metered' by means of an eight foot 'dip stick' that you'd stick down through the tank's fill hole (usually at closing) to measure the remaining fuel. You could then check for discrepancies between the stick readings and the till.

      Not that it matters. Forcing the pump to run normally should be far easier than forcing it to run AND to bypass the meter, which is probably impossible. And it appears that the attendant was able to (eventually) see that the pump was being used, presumably by watching the remote meter running.

    6. Re:The math from TFS ... by Cramer · · Score: 1

      I can't say about MI, but in NC, every pump I've ever seen has a mechanical flow counter... for tax purposes. I can't say the station is recording those numbers on any scale that would help here. (daily, hourly...) If you crash the control interface, the back-office systems won't have a count, but the tax man will!

      The "at least 10" part most likely comes from an estimate of security footage.

    7. Re:The math from TFS ... by Cramer · · Score: 1

      Crash the control systems with the valves open, then there's nothing to (a) meter what's being pumped, (b) report anything being pumped, or (c) close that valve. You'd have to walk out there with a key, open the unit, and reset it. (or flip a breaker to power off all or part of the station) And that's possibly not a key the clerk has. (there are two doors: one for the receipt printer, and one for the computer)

    8. Re:The math from TFS ... by Plus1Entropy · · Score: 1

      Forcing the pump to run normally should be far easier than forcing it to run AND to bypass the meter, which is probably impossible.

      Check out my other comment. I worked on a project where we would try to detect people breaking into dispensers, and I actually got to break into a few myself to collect data. Disabling the meter is actually trivial. These were Gilbarco Veeder-Root dispensers, which make up a significant percentage of gas dispensers world wide.

      As Cramer pointed out, they probably shorted the valve open, which is the 2nd method I mentioned in my other comment. Although I'm not sure I agree it would disable the meter in that case. But since both things are trivial to do once you get inside the dispenser, it's possible they disabled the meter AND shorted the valve.

      --
      Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
    9. Re:The math from TFS ... by Plus1Entropy · · Score: 1

      When you say pump, do you mean dispenser? I'm not trying to be pedantic but generally the dispensers don't have pumps in them. One pump on the main tank feeds all the dispensers.

      So is the meter you're talking about on the main pump at the tank, or in each dispenser? If the latter, is it separate from the counter that determines how much you pay?

      --
      Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
    10. Re:The math from TFS ... by Cramer · · Score: 1

      At each dispenser. They look like a tiny odometer at the top of the terminal. Sometimes you can hear them click. They are not connected to any electronic thing that I'm aware of. (eg. they have to be manually recorded)

      As almost every station has buried tanks these days, I don't know if they have a meter on the flow pump itself.

  13. What probably happened by Snotnose · · Score: 2

    One or three guys came up with the "hack", fired it up, filled their 15 gallon tanks for free, then couldn't figure out how to turn the hack off. People kept coming in, filling their tanks, either not realizing nor not caring the gas was free. Some of them called their buddies, who came and filled up cuz it was free.

    Meanwhile the dudes that did the "hack" are either laughing their asses off that they got $50 of gas for free, freaking out because if everyone gets free gas someone will notice, or they were script kiddies $Someone was using as a test case for an attack.

  14. Here's A Bright Idea ... by DakotaSmith · · Score: 1

    Instead of staring there open-mouthed because the cut-offs don't work, why not walk out to the pump and wrap a standard yellow Out of Order sign on it?

    It doesn't sound as though there was some kind of organized operation involved. It sounds like one of the usual idiots installed the device, got gas themselves, and drove off giggling. The rest were probably just average schmoes getting gas and assumed they were getting a hell of a deal. If I got charged $.50 a gallon, I wouldn't look that particular gift horse in the mouth.

    The clerk knew people were pumping gas. S/he knew it was billing at an incorrect price. Time to put an Out of Order sign on it. I've driven up to many a gas pump with one of those and have declined to attempt to use it on that basis. I've no idea why any of them were non-functional, you just don't use them because it says they're broken.

    If someone uses the appropriately-marked pump, take down their license plate number (or use the security footage) and report a drive-off or theft, whichever is applicable.

    Color me unsurprised, however. Having seen what passes for convenience store (and many other low-skill) employees in the last decade, I doubt many of them would have thought of the simple expedient of an Out of Order sign.

    "Boss says me turn it off. It not turn off. Me not know what to do. Duh"

    --
    Microsoft leads to Bluescreen; Bluescreen leads to downtime; downtime leads to suffering.
    1. Re:Here's A Bright Idea ... by postbigbang · · Score: 1

      There are some parts of Detroit, like most US cities, where you don't want to get out from behind the bulletproof plexiglass, ya know?

      This one just kept disbelieving as a train of cars sucked gas out of the pump. Why did it keep pumping? Hot night? Fried circuit? Sensor that the pump handle reached shutoff didn't work, and the first buyer was oddly authorized for a mint? Or was manually enabled by the operator, then he tried to cover his tracks?

      Lots of this is explainable, and perhaps credible. It was a fuckup, and unlikely a new and kewl pump auth attack. Someone pressed the wrong button, or a sensor or logic board fried. Have fun with the conspiracy theories, but nope, unlikely.

      --
      ---- Teach Peace. It's Cheaper Than War.
    2. Re:Here's A Bright Idea ... by DakotaSmith · · Score: 1

      I'm not from the area, but given footage on YouTube by local station WDIV it would appear to be one of those big gas stations with a convenience store. It doesn't look like it's in a bad part of the city.

      Additionally, I spent a couple of minutes geolocating the convenience store in question. It appears to be in a largely residential area with well-maintained homes.

      The reason for the pump's malfunction is irrelevant to my statements. The clerk could have posted an Out of Order sign at any time.

      I have no idea what you mean by conspiracy theories. I never mentioned any. I simply said that the convenience store clerk was stupid for not putting an Out of Order sign on the pump. I further went on to state that this kind of stupidity is consistent with what I've seen of such clerks for a long time.

      --
      Microsoft leads to Bluescreen; Bluescreen leads to downtime; downtime leads to suffering.
    3. Re:Here's A Bright Idea ... by jeff4747 · · Score: 1

      The clerk knew people were pumping gas. S/he knew it was billing at an incorrect price.

      At some point the attendant knew it was billing at an incorrect price.

      It's not like they review every transaction as it happens. And with things like "pay at the pump", you may miss that no one is paying for a while unless you are watching closely. And if this is a typical convenience store/gas station combo, the manager given the attendant plenty of other tasks to do besides stare at the pumps.

      Color me unsurprised, however. Having seen what passes for convenience store (and many other low-skill) employees in the last decade, I doubt many of them would have thought of the simple expedient of an Out of Order sign.

      You get what you pay for. Even when purchasing labor.

    4. Re:Here's A Bright Idea ... by DakotaSmith · · Score: 1

      Then at some point an Out of Order sign should have been wrapped around the pump handle.

      Low-wages don't enter into it. When I entered the workforce at age 16 (when the minimum wage was $3.00-ish), I'd've done it. Never mind that I had other things going on, I'd've said to customers, "You're going to have to hang on a sec, I need to put an Out of Order sign on a pump."

      This isn't a question of wages. It's a question of intelligence. The clerk tried to turn it off at some point. When that procedure failed, they should have thought to themselves, "Frak! We're losing money right-and-left! Better go put an Out of Order sign at the pump!"

      They lost $1800. That's worth a hell of a lot more than some flunky's minimum wage. Frankly, if I had been 16 and making minimum wage, I'd be scared zark-less that I'd lose my job over costing the store in the vicinity of $1800 for my failure to do something so fantastically obvious.

      --
      Microsoft leads to Bluescreen; Bluescreen leads to downtime; downtime leads to suffering.
    5. Re:Here's A Bright Idea ... by jeff4747 · · Score: 1

      Then at some point an Out of Order sign should have been wrapped around the pump handle.

      Actually, the attendant shut down all the pumps after they discovered they could not get the free pump to stop. See, they were smarter than you and realized that if one pump was malfunctioning so badly, the other pumps may be affected too.

      Low-wages don't enter into it. When I entered the workforce at age 16 (when the minimum wage was $3.00-ish), I'd've done it. Never mind that I had other things going on, I'd've said to customers, "You're going to have to hang on a sec, I need to put an Out of Order sign on a pump."

      Well grandpa, if you'd thought about it for a minute you'd realize the attendant is not watching every person fill up their car, so it may take a while to notice the issue.

      That was the entirety of the point that sailed over your head.

      Also sailing over your head was that the comment about getting what you pay for was for the service workers in general that you are deriding. Btw, you got paid $12-15ish in 2018 dollars when you take into account inflation and changes in productivity. Service workers are not doing as good a job because we're not paying enough for them to do a good job.

    6. Re:Here's A Bright Idea ... by DakotaSmith · · Score: 1

      I see nowhere in the article that says the clerk shut down all the pumps. Citation, please?

      Well, kid, as to the time taken to notice, it was long enough to obtain an emergency kit. It's not stated if such kits are kept on-site or if it was obtained by a manufacturer. In either case, the expedient of an Out of Order sign would have bought some time.

      My first job was washing dishes at a restaurant. There is no crappier, not-worth-the-pay, unskilled labor job, and it remains so to this day. Let's put a parallel situation into this:

      To wash large numbers of dishes, you put them in a rack and then place them at one end of an industrial dishwasher. They come out on the other side. They have sensors (even at that time) that stopped the conveyor belt to ensure that it didn't slide off the end and destroy the dishes within.

      However, these sensors sometimes break -- not surprising in an area with high humidity and corrosive detergents. When this occurs, should I:

      A. Allow the racks to fall off the end of the dishwasher, thereby destroying all the dishes therein (as well as causing a significant safety hazard to the surrounding environs due to broken glass).

      B. Watch the end of the dishwasher and grab the racks as they come off.

      By your account, it would be (A), as I wouldn't be earning enough to do (B).

      Pay is irrelevant. Common sense, attention to detail, and a desire to do a good job regardless of pay is what's relevant.

      (I might also mention that one of the other dishwashers was developmentally challenged, operating on about the 10-year-old level. Even he knew to grab the racks.)

      Also, I'd note that your math is off. $3.00 in 1981 is $8.71 today. However, due to the nature of the restaurant, someone doing that job today would earn at least $9.00/hour -- significantly more in some States.

      Here's another thing that goes over your head, kiddo: when you make stupid mistakes that cost me some percentage of $1800 (versus your $12-$15/hour wage), you're never going to advance. Want to keep your crappy $12-$15 wage (or be fired)? Feel free to keep screwing up.

      The world owes you nothing. You either do a job worthy of advancement, or you flip burgers for the rest of your life. Grandpas like me will neither promote nor hire you when you're cost us money, regardless of your pay.

      Gotta remember, sonny: you don't own the joint. We do.

      --
      Microsoft leads to Bluescreen; Bluescreen leads to downtime; downtime leads to suffering.
  15. Lol. They'll take a report Tuesday by raymorris · · Score: 2

    The cops might show up to take a report on Tuesday. Or not.

    Cops mostly take reports of crimes. Occasionally, they accidentally catch a criminal. Very rarely do they stop a crime in progress.

    1. Re:Lol. They'll take a report Tuesday by chadenright · · Score: 1

      There is paperwork for each one. Officers often spend a significant amount of time dealing with the paperwork after each incident -- not counting the departments that give such officers a paid vacation for a few weeks after such a stressful thing.

  16. Selfish Hack by MrKaos · · Score: 1

    At least hide your hack so the exploit can be used by others.

    --
    My ism, it's full of beliefs.
  17. Probably not a computer exploit by Bruce+Perens · · Score: 1

    First, eliminate these causes before blamimg "hackers": employee pilferage, employee mistake, broken equipment, software bug.

    --
    Bruce Perens.
    1. Re:Probably not a computer exploit by whoever57 · · Score: 2

      Exactly what I was thinking.

      Hacking == theft == covered by insurance.

      Malfunction: not covered.

      --
      The real "Libtards" are the Libertarians!
    2. Re:Probably not a computer exploit by bad-badtz-maru · · Score: 1

      I live in South Florida and they do it down here by tearing open the pump housing and hot-wiring the pump. Nothing high tech at all.

  18. Park a car by Latent+Heat · · Score: 5, Insightful

    The attendant, supervisor or owner park one or more cars to block the pump?

    1. Re:Park a car by Anonymous Coward · · Score: 1

      Sometimes they use a traffic cone.
      Sometimes people run over the cone, tear off the 'Out Of Order' bag, and then a few minutes later come screaming into the shop to complain the pump doesn't work.

      See: retailhellunderground.com

      AC

  19. 2^11 drams by Latent+Heat · · Score: 1

    Or 256 tablespoons?

  20. Re:AC Stole First Post From Slashdot by Tuidjy · · Score: 3, Insightful

    That would not surprise me. Off the top of my head, in order of effectiveness:
    1) Park your car at the pump in question.
    2) Put a "Out of Order" sign on the pump in question. This way, anyone using the pump is obviously in cahoots with the hackers.
    3) Master emergency switch. In 90mn, no gas station makes nearly $2,000 pure profit.
    4) Call the police... maybe the response time for property crimes is high, but still.

    --
    No good deed goes unpunished...
  21. It wasn't the pumps by Megane · · Score: 5, Informative

    I used to write code to talk to gas pumps 20 years ago, and they really aren't much different today, aside from having better screens and needing to deal with chip cards. (I have seen only a single station so far with what appeared to be chip-ready card readers! Isn't that cut-over only a year or two away? But there are restaurants that over two years later still have tape over the chip reader.)

    First of all, the pump (the part that gives you fuel while measuring it) is completely separate from the terminal on top. They both talk to a computer in back over an RS-485 link. The computer in back, even if it's a crappy one from the pump manufacturer, takes payment information from the terminal (and commands from the POS inside the store), then enables the pump, possibly with a preset limit. When you hang up the hose, the computer sees that status in the pump, reads the dispensed amount, and finishes the transaction.

    The back-end computer could certainly have bad programming. I once had to do a site visit for a beta site, and found out that the authorizer (the part that says "this card is okay, turn on the pump" and handles the billing) was saying yes to ANY card. Not my code, of course. Fortunately, people were using the membership card of the club store (they probably thought it would be automatically billed), which meant they could be tracked down if necessary.

    One thing that could be done is to open up the pump, and flip its configuration switches to set it into a manual mode. That still won't stop the fuel counters inside the pumps, so it won't match inventory with the back room computer later on. But you have to open it up first. Not only is there a key to deal with, but these days there are tamper stickers on the door because so much inside can be fucked with, not just the pump.

    Another thing that could be done is someone with inside knowledge of the system could create a management card that makes the computer give free gas. That would be noticed eventually too, but the big problem is you have to have access to the back end. This could possibly be done for a RFID keyfob, but that means you still need a way to get the keyfob ID into the system, and it would still be an inside job.

    If the deed was done wirelessly, as implied, I'm going to guess that means that someone had a wireless connection like WiFi on the same network as the back-end computer, and it wasn't encrypted, etc. It could also be a keyfob or NFC, but other than that, I haven't heard of any kind of wireless technology that would need to go into the pump. It's always possible that there was some kind of stupid buffer overflow bug on something wireless.

    As to what could have been done to shut it down, if the person at the store knew this was happening, um, yeah. Unless he called a manager who told him to not turn it off (fuel is a good way to get customers to buy your overpriced sodas and snacks), the E-Stop button would have been enough. An "out of order" sign would probably have worked too, simple psychology, nobody would have bothered to use the pump. It's also possible that the POS had a way to shut pumps off. And I wouldn't be surprised if nobody understood how to use such features.

    --
    #naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
    1. Re:It wasn't the pumps by whoever57 · · Score: 1

      Not only is there a key to deal with, but these days there are tamper stickers on the door because so much inside can be fucked with, not just the pump.

      The last time I actually looked at the tamper stickers on a gas pump (a few years ago), they were all broken. I pointed this out to the manager, who wasn't concerned.

      --
      The real "Libtards" are the Libertarians!
    2. Re:It wasn't the pumps by lannocc · · Score: 1

      Is it possible an EMP type device could render the pump control logic inoperable and therefore leave it in an undetermined or last-used (i.e. enabled) state?

      --
      -IOVAR Web Dev Platform
    3. Re:It wasn't the pumps by AHuxley · · Score: 1

      Re "which meant they could be tracked down if necessary."
      How many have automatic license plate readers as part of a CCTV system?

      --
      Domestic spying is now "Benign Information Gathering"
    4. Re:It wasn't the pumps by mysidia · · Score: 1

      One thing that could be done is to open up the pump, and flip its configuration switches to set it into a manual mode.

      Seems a pretty likely real-world attack --- if the pumps have a manual mode. Probably the cabinets have cheap or generic locks, and it's not hard for a rogue to cut through a tamper-resistant sticker and then either just ignore it later or replace with one one of their own fresh sticker after tampering with the equipment.

      Rank it second that perhaps they inserted a piece of rogue equipment between the pump and computer, or gained access to a management LAN used to control the pumps.

    5. Re:It wasn't the pumps by jeff4747 · · Score: 1

      But there are restaurants that over two years later still have tape over the chip reader.

      Retailers are required to have a chip reader by the credit card processors.
      Retailers are not required to use the chip reader.

  22. Re:What's a gallon? by DakotaSmith · · Score: 1

    gallon (gln)

    n. A unit of volume in the U.S. Customary System, used in liquid measure, equal to 4 quarts (3.785 liters).

    n. A unit of volume in the British Imperial System, used in liquid and dry measure, equal to 4 quarts (4.546 liters).

    n. A container with a capacity of one gallon.

    Source: The American Heritage Dictionary of the English Language, 4th Edition

    --
    Microsoft leads to Bluescreen; Bluescreen leads to downtime; downtime leads to suffering.
  23. Re:sounds like organized crime by Anonymous Coward · · Score: 1

    In Detroit? No.

    The local Italian Mafia is very much in control of organized crime, and has not been suffering from law enforcement attention the way some other cities' families have been. Btrava and drug cartels are mostly sticking to providing specialized services (importing drugs, high quality weaponry, muscle for use against gangs who step out of line, etc.)

    $2,000? Probably half went to hangerons, and the profit you can make by reselling this is less than half the value of the gas. Better if you are using it for your own fleet, but with chickenshit amounts like this, it's unlikely. This is either strictly amateur, or a small gang.

  24. Re:sounds like organized crime by DakotaSmith · · Score: 2

    Given the thieves' appearance, I wouldn't assume Russian Mafia.

    And no, not because they're black. Stop being all racist.

    --
    Microsoft leads to Bluescreen; Bluescreen leads to downtime; downtime leads to suffering.
  25. Pay before You Pump by wolfheart111 · · Score: 1

    Isn't Arizona the only state that has this law.

    --
    [($)]
    1. Re:Pay before You Pump by Cro+Magnon · · Score: 1

      Nope, Missouri is Pay Before You Pump.

      --
      Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
    2. Re:Pay before You Pump by jeff4747 · · Score: 1

      Virtually everywhere is pay before you pump.

      And virtually everywhere has pay at the pump. Which will look exactly like pumping free gas unless you happen to watch the few seconds where they'd normally swipe a card.

  26. Doesn't the gas station have them on video? by Maxo-Texas · · Score: 1

    Seems like a risky crime. Video evidence, probably your car license.

    Did he not think of the emergency shut off valve?v My understanding is that's a physical system. A hard physical shutoff from the tanks to the pumps.

    --
    She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
  27. Bad use of hacking skills by joe_frisch · · Score: 1

    Surely someone with the skills to hack a gas pump can get a job that pays far more than $1800 for the same effort. Seems such a sad use of talent.

  28. What am I missing? by WinstonWolfIT · · Score: 1

    Surveillance cams?

  29. Ive seen many gas station systems by Revek · · Score: 1

    He could have thrown a breaker and it would have went down. Kill the tank monitor and the power to the pumps.

  30. Re:How to make a hormone by wolfheart111 · · Score: 1

    Don't pay her. :(

    --
    [($)]
  31. Maybe not a hack at all... by Plus1Entropy · · Score: 1

    Funnily enough, I worked on a project a few years ago to prevent people stealing gasoline from dispensers. Some of the tests I did (at the behest of the client) involved using various methods to break into the gas dispenser. The idea was we would use accelerometers and other sensors to detect if someone was trying to tamper with the dispenser. Needless to say they were ridiculously simple to break into; it can be done in under a minute without causing any damage to the dispenser.

    Anyway, once the dispenser was open there were two main ways gas was stolen.
    1. Start a valid transaction and then tamper with the flow sensor. Once you have the dispenser open you can just pull up on the flow sensor, which removes it from the stream of gas. So you end up paying, for example, $2 for 100L of gas.
    2. Short the valve open and then pump all the gas you want. Generally there is a common pump that feeds all the dispensers on a site, so once the valve is open, the gas flows.

    The major targets of these kinds of thefts were remote gas stations for semi-trailers that generally don't have attendants 24/7 (or at all). But given how simple it is to break into a dispenser, it's entirely possible they tampered with the valve without the attendant noticing.

    --
    Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
    1. Re:Maybe not a hack at all... by Cramer · · Score: 1

      #1 doesn't work anymore. The pump will end the transaction after 30-60s with no flow.

    2. Re:Maybe not a hack at all... by Plus1Entropy · · Score: 1

      You can steal a lot of gas in 30-60s. Especially on the high flow rate dispensers they had at these remote sites (since they were for filling up big rigs).

      Also, it would be possible to dip the flow sensor back in after a bit to reset the timer.

      This was only 3 years ago or so. Specifically Gilbarco dispensers, I can't speak for other designs.

      --
      Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
  32. They were going to call the cops... by hyades1 · · Score: 1

    ...but there were already three cruisers in line at the hacked pump.

    --
    I've calculated my velocity with such exquisite precision that I have no idea where I am.
  33. It may have taken 75 minutes for him to notice. by robbak · · Score: 1

    Pre-paid pump systems work without any action from the attendant. So he may not have noticed anything wrong unless he looked carefully. Then he would have tried to disable the pump from his console, and found it didn't work. With that, it seems he did use either the big red button, or the pump's circuit breaker, to disable it.

    --
    Prediction for end of Universe #42: Fencepost error in Quantum_bogosort.cpp
  34. Re:Fuck that by ruddk · · Score: 1

    Sounds like a plan, if gas prices are what matters most to you.

    --
    L'Idiot
  35. It's Detroit by cascadingstylesheet · · Score: 1

    I'm surprised the pump itself is still there.

  36. No paper bags? by sabbede · · Score: 1

    Every gas station I know puts the nozzle in a paper (or sometimes plastic) bag to indicate that the pump is out of service. Did this one not have bags? Just because the pump is technically working doesn't mean it can't be marked otherwise to discourage use.

  37. Old Fashioned by ve3oat · · Score: 1

    I'm an old guy and old-fashioned. Whenever possible I avoid buying gas at any of the pay-ahead pumps and dealers. (Living in Canada, this isn't too difficult still.) I pump my gasoline and then go inside to pay, in cash. I almost always fill the tank and it's so hard to guess ahead of time how much gasoline I need to pay for at the pay-ahead pumps, so I avoid them. But I'm in the minority and the petroleum industry doesn't care about people like me, so they continue with their fancy new pumps based on insecure technology. It's all about marketing anyway, isn't it?

  38. Station is out of code on their electrical. by TheHawke · · Score: 1

    All new construction gas stations have cut off switches set up as such where they simply don't cut off the gas at the pump, but to depower the actual fuel pumping system by cutting power completely by opening an magnetic contactor.

    Of course, existing gas stations usually don't have this in the first place, or else the breaker box is wired to the point of being paranoid. This code varies on strictness and/or enforcement from state to state. This is improving, but is slow.

    --
    First rule of holes; When in one, stop digging.
  39. The Human Brain, is Out of Order. by geekmux · · Score: 1

    "...the gas station attendant unable to thwart the hackers."

    Unable? An Out of Order sign and a plastic bag over the gas pump would have fucking worked fine.

    This is the inherent problem with building systems that are idiot-proof; we ultimately end up building grade-A idiots to sit behind the wheel.

  40. Funny Gas Station Story by bobbutts · · Score: 1

    Back in the 80's my dad had a minor engine fire in his car. He pulled into a gas station lot and parked as far as he could from the pumps and other customers, then got out of the car and walked over to the station. He asked the attendant for a fire extinguisher, so the guy looked over at a "FIRE" button and pushed it, causing a huge amount of fire retardant to dump all over everyone pumping gas while dad's car smouldered away at the far end of the lot. Eventually the FD came and extinguished it.

  41. re: you'd need 30-40 cars to get 600 gallons by King_TJ · · Score: 1

    I've read about similar scams going on where it's far more organized. People have been taking large SUV's, blacking out the rear windows, and turning the whole rear of the vehicle into a giant fuel tank. Then they're able to steal hundreds of gallons of gas at a time, or with just a few stops (since people might actually notice if you sat at a pump long enough to get 500-600 gallons of fuel out of it).

    It creates one highly dangerous vehicle on the road .... but they do it.

  42. Circuit Breakers? by jsrjsr · · Score: 1

    My father ran a service station with two islands of two pumps each. Each island had it's own circuit breaker. I'd be surprised if this has changed much, so he should have been able to shut off the power to just a single island.

  43. Re: you'd need 30-40 cars to get 600 gallons by jwhyche · · Score: 2

    Back when gas hit close to $5 a gallon some thieves modified a horse trailer by cutting out parts of the bottom. Then they would install pumps and large tanks.

    They would pull the modified trailer over access caps, where they fill the underground tanks, where they would pretend to have truck problems. While two men would be under the hood acting like they where trying to fix the truck, their accomplices in the trailer would remove the access cap and lower a hose down to the underground tank.

    Once the tanks where full, the truck would suddenly be fixed, and they would drive off.

    --
    I read at +2. If your post doesn't reach that level I will not see or respond to it.