When the University of Oklahoma introduced new ‘smart’ clamps for incorrectly parked cars, they probably thought they were going to reduce their costs and collect more money from naughty students. However, they little appreciated that the clamps would be raided for the SIM cards inside.
The barnacle clamps (pictured) are designed to use suction so they cannot be forcibly removed from the windscreen of cars, obscuring a driver’s view of where they are going. They can be released remotely if the driver pays their fine, either online or over the phone. When the suction is released the driver is expected to deposit the clamp in a nearby storage facility, eliminating the cost and hassle of requiring a parking warden to come to the car. And if a reckless driver tried to drive away with the clamp still in place, or wanted to steal a clamp after it had been released, then parking wardens would be notified and can track its movements by GPS.
However, students at the University of Oklahoma did not take kindly to the introduction of the barnacle clamps, and eagerly set about compromising them. Some discovered ways to break the seal on the window so they could be physically removed. And according to this Reddit thread, other students learned how to remove the SIM card from the clamp and use it to obtain unlimited free data.
The SIM cards this particular company was using for the GPS function had unlimited data, so I began to tether off of the Barnacle’s connection. It took them several months to disconnect the service.
This is another illustration of the ways businesses underestimate the risks of connecting everything to the internet. These students showed a lot of cheek whilst also demonstrating a serious weakness with this networked device.