Domain: autosec.org
Stories and comments across the archive that link to autosec.org.
Comments · 18
-
Re:potentially
Um, no. You can clear codes but it's not a hard reset.
Um, no. That's not what I'm talking about. I can see why you didn't log in: You don't know what the fuck you're talking about, and don't want anyone to associate that fact with your identity. But if you had been following Slashdot for more than a couple days, you'd have seen that we discussed here in the past in one of these OBD-II discussions that researchers had presented at DEFCON some various facts... including that most PCMs will take a reset (not a clear codes, an actual reboot request) without a login, and they will do it when the vehicle is in motion.
That's why every manufacturer has a procedure that includes disconnecting a battery terminal to reset the computer.
You really think that Bosch or Hitachi or whoever is making your PCM actually cycles power to them during programming? Why would they do that? They simply implement an OBD-II command which will reset the PCM in software, so they don't have to do that shit. Then they don't take it out, and most of them don't bother to set a password. That will be changing as they wake up to the idea that security is a thing and that they will be held financially responsible when they fail at it.
Anyway, I can't find a discussion where we explicitly discussed this here on Slashdot, although I remember participating, but here is a PDF link from 2010 (which I found on hackaday) where it is revealed that simple fuzz testing was enough to find two ways to shut down the vehicle while in motion, and one way to disable the vehicle such that it would not function until reset; or to lock individual brakes or sets of brakes, all without login.
The truth is that the automotive industry has willfully created this situation by simply pretending that there isn't even a security issue at play, and refusing to hire or even consult the experts in the field. Now they are caught flat-footed and people are pretending that this is reasonable. Car companies have been outright bragging about computerization all along. Now it's time to see that they've actually been doing it wrong the whole time.
-
Re:is it failsafe?
Probably the same as happens to any modern car: it stops working properly. Many (most?) new cars are at least partially drive-by-wire and have cell modems for various uses. It is known that at least some models have poorly designed internal networks that allow a properly crafted phone call to that cell modem to take control of the car's brakes, for example. Source.
Not that that's not an issue, just pointing out that those attacks are orthogonal to the self-driving capability of the car. If anything, I'd expect Google to be more competent at securing a device against hackers than the average car manufacturer.
-
Re:Good!
The evidence of tampering would be the hardware physically attached to the diagnostics port. Nowhere do they talk about modifying the system and having it go off later. If you read the paper they link to with the folowing text you will see that it too required physical access to the diagnostics port.
Other researchers have accessed car networks via bluetooth and developed ways to compromise autos through firmware.
They seem to be hoping we will take their word for what the paper says or didn't read it themselves.
-
Re:In other Breaking News...
This is the quote from the article;
With physical access to the cars the men were able to make vehicles appear to drive slower than actual speed, manipulate brakes, alarms and unlock doors.
The article links to a paper discussed in a previous article that also dealt with control through direct physical access.
Here is a quote from the paperFigure 2 shows the experimental setup inside the car. For these experiments, we connected a laptop to the car’s standard On-Board Diagnostics II (OBD-II) port.
They have physical access to the diagnostics port not wireless access through a vehicle system.
-
Absolutely not
Unless you're a sheep. It's already been proven that an ABS is hackable. Take a look at this report: http://www.autosec.org/pubs/cars-oakland2010.pdf Now you want the car to do all the work for you? That'll end well.
-
Re:High risk
If someone can demonstrate that the cellular systems can be reconfigured remotely to send the necessary information on the high speed networks that most of the critical stuff is controlled on, then I'd be worried, but this attack is a long LONG way from being able to do that.
Yep, the attack in the TFA is a long way from being to do that. Of course, this one isn't, and does just what you say.
(Well I don't really know what you mean by the high/medium/low speed networks, but point being that they compromised their car well enough to do anything that can be done by the computer (unlock doors, remote start, disable brakes, activate microphone and listen, activate and receive GPS information, etc.) through the cell network.) The conference talk is on YouTube; you may be interested in 9:30 and ~15:00, though they censor the video for the YouTube version. (Seeing the talk in person actually shows it.)
-
Re:High risk
So far they need physical access. Onstar and Hyundai's similar thing likely make decent remote access points.
Good guess: it's been done.
Here's a video if you don't like reading. There's a video of using the telematics vulnerability (e.g. OnStar) to "steal" a car later, though unfortunately it seems that the important bits of that video are censored for the YouTube video. (The same presenter gave a faculty candidate talk here and it was not censored in that version of the presentation.)
-
This has already been done. (On another(?) car.)There is at least one car model where researchers has been able to get access to the CAN bus and do all sorts of shenanigans through the following means:
- * Specially crafted file on a CD inserted into the CD player
- * Exploit weakness in the car bluetooth interface
- * Exploit weakness in built in GSM modem
For the details, see http://www.autosec.org/pubs/cars-usenixsec2011.pdf. (Pretty scary reading. In this case they are also able to disable the brakes and they are also able to engage the brakes on only one of the front wheels for all sorts of "fun"...)
-
Re:This is why my car is airgapped
The worst someone can do wirelessly would be take control of my stereo, which isn't connected to anything else.
So you think. Stock stereo on a recent car? Very possibly untrue.
"We systematically synthesize a set of possible external attack vectors as a function of the attackerâ(TM)s ability to deliver malicious input via particular modalities: indirect physical access, short-range wireless access, and long-range wireless access.
.. In each case we find the existence of practically exploitable vulnerabilities that permit arbitrary automotive control without requiring direct physical access." [emphasis in original]Turns out that car manufactures have been very naughty. And while radios are sort of on a separate bus from actual automotive controls, there are also (compromisable) devices that sit across busses, so there's not a complete air gap.
In that paper, they were able to obtain control over the car's critical automotive systems using techniques ranging from the OBD port (very old news) to CDs with mal-crafted "audio" files put into the stereo to bluetooth connections with the stereo to cellular connections like are used for OnStar.
-
Re:Overhyped problem.
This is the publication where they use a wire in the cab to hack the OnStar, install a custom firmware in it, then use the OnStar as a network bridge between the non-critical entertainment CAN and the safety-critical engine and brake management systems.
They were also able to put the brake controller into a test mode where it overrode driver input on the pedal disabling the brakes. They also were able to get the ECU to excite a wire that was hooked up in parallel to the ignition so even with the key off the vehicle still ran.
It's not overblown. http://www.autosec.org/pubs/cars-oakland2010.pdf
-
Overhyped problem.
This article is crap. They only quote a CD-based infotainment attack which requires access to the vehicle, and an aftermarket system attack which was poorly engineered. They describe a TPMS DOS attack (RF interference from the sensors) that might make your check tires light come on. Boring.
Right now, if you car doesn't have a RF transceiver, there is nothing to worry about since gaining physical access to the network requires breaking into the vehicle.
If your car does have an RF link (bluetooth, cell phone), you're still relatively OK - infotainment systems as a rule are very segregated from the powertrain networks and usually only linked by a CAN bus that only supports some high level messaging. The Infotainment ECUs do not share the same CAN bus as the powertrain components and there is generally an ECU that acts as a "firewall" such that any DOS-style attacks on the infotainment CAN bus won't affect the other vehicle systems.
I will concede that vehicles with OnStar are a bit more concerning, as I think OnStar has more hooks into the rest of the systems, although I'm not sure how deep. So that is one to worry about...
There have been some attacks demonstrated against the outward facing systems where an attacker can mess with your radio, but the systems are architected such that an attacker needs physical access to the bus to do any real damage to a vehicle.
Here's a good discussion:
http://www.autosec.org/pubs/cars-usenixsec2011.pdf -
Re:Carburetor???I agree- I *believe* engine control/management/safety are on a different bus from playthings. Or at least I hope they are.
You *believe* incorrectly.
http://security.cbronline.com/news/modern-cars-vulnerable-to-remote-malicious-attacks-mcafee-090911
http://www.autosec.org/pubs/cars-oakland2010.pdf
Got to love the way there is nothing keeping the cellphone chip from talking to the rest of the car and no way of turning it off.... Mailing USB sticks with a ford sticker on them is just creating another attack vector.
-
Attacks
This is a follow-up to http://www.autosec.org/pubs/cars-oakland2010.pdf where they demonstrate various attacks of varying levels of danger from relatively innocuous (turn the horn on permanently) to kind of scary (disable brakes and power steering). In a talk, Stefan claimed to have the ability to remotely drive as well, i.e., steer/accelerate/brake.
-
Security Nightmare
If this Modern Security Analysis of an Automobile is anything to go by, the auto industry could really be in for many catastrophic security attacks on internal car networks if they start giving cars wireless capabilities. In the study, students were able to easily hack into a modern auto Electronic Control Unit and take almost complete control of the car. This included all sorts of fantastically fun things like completely shutting off the car mid-drive, turning all lights on and off, control the accelerator, control the dashboard, etc. (look at the pictures).
Giving hackers easy wireless access to nearly electrical function in our cars == really bad idea.
-
Re:Probably the right design choice
The potential for misuse is huge, Experimental Security Analysis of a Modern Automobile (PDF Warning) is a paper about the chaos that can be caused once an intruder has access to the CAN-bus of a modern car, it was on
/. a few months back. I don't know if the wireless system from TFA allow access to the CAN bus, but I assume they are passing data over it at some point to get info/warnings to an ECU and the driver instrument cluster. Put simply once an intruder gets onto the local CAN bus they own the car and can make all its' systems sing and dance however they want, including modifying the spedo reading, applying/disabling brakes, controlling the accelerator, turning on/off headlights, pretty much anything but steering the car because thats still a physical linkage. -
Why don't you just hack it?
http://slashdot.org/story/10/05/14/1225256/Hacking-Automotive-Systems
Check out the researchers web site here or the full paper here, doesn't seem that hard.
I like the "self destruct" feature btw.... -
Why don't you just hack it?
http://slashdot.org/story/10/05/14/1225256/Hacking-Automotive-Systems
Check out the researchers web site here or the full paper here, doesn't seem that hard.
I like the "self destruct" feature btw.... -
Copy of the paper
That link really should have been in the summary....