At Defcon this year there will be some rather disturbing hacks presented dealing with the popular Prius hybrid car along with some less dangerous examples. While convincing your car it is going 199 mph when it is standing still is somewhat amusing, the ability to disable the brakes while the car is in motion is a much more serious vulnerability. The presenters will also show how the assisted parking feature can be used to turn the wheel while a car is at highway speeds which could well cause serious accidents. This is not quite the Hollywood-style complete remote control of a car you should check out the story at Hack a Day to get an idea of what is now possible on at least one model of vehicle.
"This one’s a treasure trove of CAN bus hacks that will scare the crap out of an unsuspecting driver — or worse. [Charlie Miller] and [Chris Valasek] are getting ready to present their findings, which were underwritten by DARPA, at this year’s Defcon. They gave a Forbes reporter a turn in the driver’s seat in order to show off."
Here is some more Tech News from around the web:
- How Are You Celebrating National Sysadmin Day? @ Slashdot
- Rebuilding Old Capacitors @ MAKE:Blog
- WD: Enjoying our $630m, Seagate? Let's ruin your day with our results @ The Register
- Microsoft pledges Linux boost for Windows Server and Center R2 duo @ The Register
- Adobe Lightroom 5 Remembers its Roots @ Techgage
- Using the New GUID Partition Table in Linux (Goodbye Ancient MBR) @ Linux.com
- Three different roads to the 3-nanometer chip @ The Register
- Win an ASUS GeForce GTX Titan 6GB! @ Kitguru
So what these guys are saying
So what these guys are saying is if I see my dashboard torn apart with a cable plugged into the car and a man with a beard and a laptop in the back seat I should be worried. Got it.
i would expect fact these
i would expect fact these issues are known, and how to exploit them makes doing it later on much less destructive. Kinda like the electric key card locks a ton of hotels have that you can make a pen that connects and opens the door.
OP. You. Don’t. Get. It.
The
OP. You. Don’t. Get. It.
The point is that companies are selling us products and not paying attention to security. Some people think that the journalist Michael Hasting was killed last month by someone hacking into his car.
True … but still check the
True … but still check the back seat for neckbeards as well
Actually this isn’t anything
Actually this isn’t anything new it’s been possible for years.
There have been vulnerabilities via indirect
physical channels (CDs and service visits), short-range
wireless channels (Bluetooth), and long-range wireless
(cellular) that can gain control of the vehicle. (Not just the neckbeard in your back seat)
The rate at which technology is advancing in the motor industry means there is very little time devoted to the security of these systems. I think more people like yourself should educated on the issue.
If you want to read more this was a study taken in 2010 by the University of California – http://www.autosec.org/pubs/cars-usenixsec2011.pdf
they have not shown where the
they have not shown where the controls were connected. does it really require the entire dashboard to be removed, or was it their test car where they destroyed the dashboard in the process of reverse engineering but now have an attach that works through the OBDII port?
more info is needed.
also info on if additional data can be stored, eg someone sneaking into your car at night, uploading some code which causes the car to floor the accelerator, disable the breaks, disable the airbags, and finally make the car do a sharp turn the moment you hit a certain speed.
Proof of concepts are akways
Proof of concepts are akways messy. This sort of thing will, and has on past vulnerabilities, evolve.
Still watch out for strangers in your back seat though, that vulnerability tends to be obvious.