openalpr VS proposals

Why is ANPR unlawful for private citizens to perform on their own footage? (e.g. using https://www.openalpr.com)

You can actually build your own using OpenALPR: https://github.com/openalpr/openalpr/wiki/OpenALPR-Design

You can try also using it paired with something like openalpr or plate recognizer. Both have cheap options, plate recognizer offers a free plan with 2,500 lookups.

if anyone knows an up-to-date license plate reader version. https://github.com/openalpr/openalpr is outated, doesn't read different angles natively, traning tools are also outated etc but anyone knows an open source version that as well as say https://platerecognizer.com/ or even https://www.openalpr.com/ please let me know.

I like the idea of crowd sourced proof of infractions. You could easily extract EXIF data to grab date/time/location and also use openalpr to automate data input for human review.

openALPR (Automatic License Plate Recognition) + DCDMV integration + raspberry pi + a GPS cap on the RPi + decent webcam + OpenMaps (you don't even need this unless you want to plot it); Maybe add a condition to send plate location over $XXXX to some traffic enforcement distros. Hardware for a setup will probably run $250 tops if you're going fancy

Oh, It was my school project something like that, and I use some YOLO's and OpenALPR, openalpr is amazing give it a try: OpenALPR https://github.com/openalpr/openalpr

This is the same attack (and same people who developed) faulTPM[1] that was previously discussed[2]. This article is the same people demonstrating that attack against Tesla vehicles. The paper[1] and previous discussion[2] address the underlying problems with AMD's Secure Processor (AMD-SP) that is embedded in their CPU SoCs and previously and more commonly known as Platform Security Processor (AMD-PSP).

Unlike a web browser where W3C AntiFraudCG folk propose that websites would blacklist all impacted AMD-SP hardware and create massive amounts of e-waste[3], Tesla likely can't do much about this attack because Tesla (not users) would be responsible for a very expensive change of vehicle hardware.

If it's not an easy-to-execute attack like faulTPM, there are more complex (but becoming more mainstream and cheaper) IC reverse engineering methods like polishing the die down to take photos of each metal layer and regenerating VHDL, FIB editing an operational IC to bypass tamper detection methods, etc[4].

A security architect of the Xbox One presented a talk[5] a few years ago which provides some good background too. Largely the Xbox One has managed to avoid piracy because they made it economically not worth anyone's time to attack due to competitive pricing models versus high cost of attack. Similar to use of Denuvo for a month or two after release of a PC game, attackers aren't going to bother if their work amounts to nothing a month later.

Hacking a Tesla to enable additional features is worth a lot of money, so the economics are quite different. It's also different economics for printer cartridges, "pay to enable more features or performance" network equipment, etc. The cost of IC reverse engineering / FIB editing attacks (or other future attack methods) will keep reducing. IC tamper detection features will get more complex. Perhaps attackers will even get an advantage once they can readily reverse engineer 3nm ICs and defenders can't do much other than implementing ever more complex and obfuscated IC tamper detection features and VHDL logic (kind of like a Denuvo situation in hardware).

[1] https://arxiv.org/abs/2304.14717

[2] https://news.ycombinator.com/item?id=35787195

[3] https://github.com/antifraudcg/proposals/issues/19

[4] https://www.youtube.com/watch?v=6390Zqca3Mg

[5] https://www.youtube.com/watch?v=U7VwtOrwceo