Slashdot Mirror

← Back to Stories (view on slashdot.org)

GM's OnStar System Hacked

Posted by michael on from the think-outside-the-box dept.

Makarand writes "According to this Mercury News article users of GM's OnStar system are finding that they can modify their OnStar unit to make it work with commercially available mapping software after disconnecting it from the OnStar network. Websites and message boards are rife with step-by-step instructions to personalize OnStar's navigational and communications components. When a driver requests directions from OnStar his GPS data is routed over an analog cellular network to OnStar computers and the directions are read back to the driver on the same network. The price for this service is around $400 each year. Those who tap into their OnStar systems pay no such fees."

20 of 404 comments (clear)

  1. Not quite as spectacular as advertised by csnydermvpsoft · · Score: 4, Insightful

    All they're doing is modifying the GPS unit to work with a regular computer, while at the same time making the rest of the system (including emergency functions) inoperable. Why not just pay $50 for a basic GPS receiver?

    1. Re:Not quite as spectacular as advertised by Ioldanach · · Score: 2, Insightful
      This could be FUD on the part of GM. I remember a few years ago, Mazda Canada tried to claim that your warrently would be void if your car was serviced by anyone other than a Mazda dealer. Needless to say, they lost the court challenge.

      This isn't service, this is a modification to the vehicle. Given the tie-ins the vehicles computer systems have to each other, I'd expect the manufacturer could successfully argue to a judge that hacking into one of the systems is sufficently capable of causing harm to the rest of the vehicles systems that they're justified in voiding the warrantee.

      Even being a computer guy, and confident that if I wanted to I could probably execute the instructions without harm to the vehicle, I'd tend to agree. The vehicle might suffer no harm, but now the authorized service centers don't know what's going on inside, so they can't guarantee everything will work as designed.

    2. Re:Not quite as spectacular as advertised by forkboy · · Score: 4, Insightful

      I think GM would have a hard time convincing a judge that your meddling with the car's computer network caused a leak in the coolant or made a ball joint crack. You can't really cause physical defects to a car via the computer.

      --
      This message brought to you by the Council of People Who Are Sick of Seeing More People.
    3. Re:Not quite as spectacular as advertised by SEE · · Score: 2, Insightful

      Disputing only one thing. GM is nowhere quoted as saying that this may void the warranty on your car, so it isn't "definitely FUD on the part of GM". The OnStar CTO quoted specifically says "From my own perspective -- and GM may feel differently" in the article.

      Now, yes, OnStar is a subsidiary of GM and so this guy is, ultimately, working for GM. But this guy really is a fairly minor cog in the GM machine expressing a personal opinion. He quite likely knows nothing about car warranties, and is almost certainly not passing on a message from above.

  2. Consider the cost by dacarr · · Score: 5, Insightful
    People will pay about US$30-35 to have this and get directions based on numerous things, or they can hack it and find a way to collect the data locally. Most people who hack this aren't going to be the type to need somebody's help for $30/mo though, and many people who can't hack this but can read maps might just have it done.

    So in the end, you'll be left with people who have an Onstar box and will rather pay the $30/mo as well as their cellphone bills, blissfully unaware that they can make 911 calls for free on disconnected cellphones.

    --
    This sig no verb.
  3. DMCA in 5..4..3... by CarrionBird · · Score: 5, Insightful

    How long will it take for GM to claim that the Onstar devices are licensed, not sold? Either way, a big part of onstar is the live operator service for emergencies, how do you replace that?

    --
    Free Mac Mini Yeah, it's
  4. Re:Cool and all, but by Rosco+P.+Coltrane · · Score: 4, Insightful

    What's wrong with a hand-held GPS unit and a map?

    The answer is contained in your question : "hand-held" and "map".

    And some people wonder why there are so many road accidents ...

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  5. Re:I *like* OnStar by TopShelf · · Score: 2, Insightful

    Since people specifically look for OnStar as a feature when they're buying a car, I'd hardly call that "spying." The sad thing about most people who post knee-jerk screeds about spying fears is that they don't realize something very important...

    Nobody really gives a shit what they're doing.

    --
    Stop by my site where I write about ERP systems & more
  6. What would be interesting... by Xibby · · Score: 3, Insightful

    Is if GM took a hint and provited a way to access the GPS without hacking the OnStar system. IR, Bluetooth, or even a cabled interface.

    I see the main appeal of using the GPS unit built into the vehicle instead of buying a hand held GPS as it's one less device that needs it's battieres charged. It's likely that the people doing this already have their laptop plugged into the car's cigarette lighter/power outlet and their vehicle only offers one outlet.

    It's also one less device that needs to be hidden away or carried with you when you leave the car.

    --
    I'm going to go back in my box and will think within the limits of my box: MS Sucks Linux Good I read too much Slashdot.
  7. Re:Cool and all, but by Anonymous Coward · · Score: 2, Insightful

    Err , given that you have to phone up onstar to find your location , hence use a phone anyway , what
    exactly is the issue here?

    You've never seen an onStar-equipped car have you?

  8. Oh, come on... by SamMichaels · · Score: 2, Insightful

    Most of the comments here are ripping this poor guy apart for wanting to do this. Give me a break. He's just telling you how you can do it...I seriously doubt any geek is going to get OnStar SOLELY to have a GPS.

    This is like saying to the person who broadcasts AM radio from his monitor that a cheap $10 AM transmiter kit from Radio Shack is cheaper than a $100 monitor and that his idea is dumb.

  9. Re:I *like* OnStar by KrispyKringle · · Score: 2, Insightful
    To be fair (I do agree that OnStar is way overpriced and limited in use), he's got a point about some of the features. I've never locked my keys in my car, but the rest aren't really his fault.

    Cars get stolen, and OnStar seems like a nice replacement for LoJack. Cars break down, and it's nice to be able to diagnose the problem (though certainly it'd be better to just have the screen in the car display the output itself, so I can call a tow truck myself on my cell phone). And especially the accident alert thing seems useful; if I get in an accident on some country road (and I admit, I have been involved in accidents; it's less a case of stupidity then hitting black ice or driving in dangerous conditions) it'd be really, really nice to have help on the way, even if I am incapacitated. Think about it a bit first, will you, before you reply?

  10. Re:I *like* OnStar by zakezuke · · Score: 3, Insightful

    I like On-Star for when my "check engine" light comes on, I press the button, they run a remote diagnostic on my engine's computer, and can tell me how serious the problem is and can call me a tow truck if needed

    Diffrent people have diffrent skill levels when it comes to automobiles. I for example have a 1998 sentra, so nothing like onstar, but I do have a CHECK ENGINE light as well. Diffrence is, I know where my access port is, and it blinks the engine code. I'd suspect that's all ONSTAR does for ya, rather then running remote diagnostics, they run local diagnostics and read to you what your engine is telling you.

    I like OnStar for being able to unlock my car when I lock my keys in the car

    Ok, that is a cool feature. That is actually more spiffy then calling a locksmith. From what I read, the mod is only for reading GPS info to a 3rd party device. I don't know if that would affect the other onstar fuctions. I don't feel that ONSTAR is offering you anything special there... as in you could easily invest in a old pager and attach the vibrate motor to a relay which would open the doors upon calling it's number. I'm sure you could get into the more advanced logic, requiring a specific code.

    I like OnStar for being able to track, and stop my car if it is stolen.

    Righto... that too is a cool feature! In theory this can be done with any old cell phone wired into your automobile, in theory that is. Getting the police to track down your stolen cellphone is a difficult enough task in it self. I've not actually been able to do this, dispite the fact that they have access to the technology... and the authorization from the owner. When i've talked to cops about it, they've said "we can't do it" or "we don't know how". If the phone were to call 911 if stolen... and relay an automated message "help me, i'm a car, this isn't my driver", this might work.

    I should actually research the issue and see the difficulty level in the following

    #1: Added cost of an additional mobile phone
    #2: Small system who's job it is reading GPS info, sending that info via an easily readable text message or other remote computer readable format.
    #3: Relay that info to a site where a human can make the valued judgement of transmiting that info to police or whowever.

    That's worth the OnStar subscription...

    Hey.... that's cool and fine. ONSTAR(tm) offers a valuable marketable service that is perfectly spiffy. I would never knock anyone who wanted that form of service. I will agree with the hackers that it's cool to beable to mod your ONSTAR(tm) box to read the GPS info to a 3rd party device.

    What would be cooler IMHO would be a slightly more subscription free solution, where by you give your car a phone, and have the logic to beable to be flaged as being "stolen" and relay it's location to someone.

    --
    There is no sanctuary. There is no sanctuary. SHUT UP! There is no shut up. There is no shut up.
  11. Re:I *like* OnStar by Smidge204 · · Score: 2, Insightful

    I believe it.

    Let's face it, most theives (like the kind that steal cars and rob candy stores) are not exactly the sharpest hammer in the drawer. I bet they wouldn't be able to tell if a car had OnStar without either previous experience ("Last time I stole one of those I got nailed") or a good looking-over (Which would kinda draw attention to themselves) - so you can bet they won't know where to start trying to disable it.

    Of course, it won't stop the "professional" car theives who know what the hell they're doing in the first place, but that's not the issue for most customers.
    =Smidge=

  12. The point? by lisany · · Score: 2, Insightful

    If you can afford a car with OnStar in it you can afford to pay the monthly fee.

  13. But that's the pont. by mindstrm · · Score: 4, Insightful

    If something went wrong with the electrical system, and they could reasonably show that your modifications to onstar could have caused it, fine, fair enough..

    But "voids the warrantee" means that, if you modify the onstar system, and then a week later the rear axle falls off and the right front door hinges sieze up, they can say "sorry, you modified your onstar system, it's your problem".

    The act in question means they can't just invalidate teh entire warrantee on the vehicle just because of one unrelated part.

  14. Re:How about unlocking doors? by BoneFlower · · Score: 3, Insightful

    Good point. We had to have someone do that when I locked the keys in the car(engine running too!) after my failed driving test.

    An OnStar crack still has a couple advantages though. You can sit on a bench with a laptop, eating lunch, and open your target car without anyone knowning you are doing anything. Starting it might be a problem still, but you will be in the car without doing anything to tip off witnesses. You stick a slim jim in a car door, someone walking by at the wrong time can instantly know you are trying to break in. Not so with an OnStar crack.

    Also, cracking OnStar would free you from the quirks of different models of car locks. Not all are in exactly the same place or work exactly the same, so the slim jim technique could hang you up a few extra seconds if it throws you something you don't expect.

    Knowing how to use a slim jim will still be a valuable skill for a professional car thief, but being able to crack OnStar will also be valuable.

  15. Re:I *like* OnStar by jafac · · Score: 3, Insightful

    TFM says:
    When the check-engine light goes on, go drop off your car at the dealer and pay $200 so they can plug their proprietary computer in and proceed to charge you $800 to put in new spark plugs.

    Not very helpful or informative. The Check-Engine light was a MAJOR step backwards, as far as making an automobile a useful and reliable device to own.

    --

    These are my friends, See how they glisten. See this one shine, how he smiles in the light.
  16. Re:I *like* OnStar by alecto · · Score: 2, Insightful
    This is assuming the recorder is infallible, and the accident reconstructionist interpreting the data from it is scrupulously honest (even though being paid by the insurance company) and technically competent.

    The accident reconstruction industry is a very secretive bunch, and they are no doubt salivating at the possibility of creating new "value added" services using the proprietary interfaces into OBD, air bag, and other data logging systems on newer vehicles.

  17. Re:Could GM Encrypt OutBound Signal? by Otto · · Score: 2, Insightful

    FYI, if you are capable of performing this particular hack, it's a matter of about 10 seconds to restore it to functionality with OnStar.

    The hack itself involves the following steps:
    1) Solder a serial cable onto the GPS unit.
    2) Hookup a laptop
    3) Send a command that sticks the GPS unit into a different mode (NMEA) which is standard and works with all the mapping software you could want.

    Getting it back to working with OnStar involves:
    1) Sending a command to it to stick it back into Motorola binary mode
    2) Unplug the laptop

    You can leave the serial interface there. It doesn't mess with anything. And OnStar will work just fine once the GPS box is back in the mode that OnStar expects it to be in.

    So your resale value isn't really an issue here. Admittedly, you can ruin the thing if you screw up the soldering, but the soldering part on this one isn't particularly difficult to do.

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.