Slashdot Mirror
Car Hacking Concerns On the Rise
Pat Attack writes "I think most of the people who read Slashdot know that if it has circuitry, it can be hacked. Well, the good folks over at CNN have an article about the potential for your car to be hacked. This article lists the potential damage that could be done, proof of concept work, as well as a few scary scenarios. 'With vehicles taking up to three years to develop, [security strategist Brian Contos] says manufacturers will struggle to keep abreast of rapidly-evolving threats unless they organize regular software updates. Instead, he says, any installed technology should be given a so-called "white list" of permissible activities beyond which any procedures are blocked.' My mom reads CNN and is a Luddite. I expect to hear from her today. She'll probably tell me my new car with bluetooth is unsafe."
Car hacking is bad. Botnets are bad. But what about a botnet of autonomous vehicles?
Imagine owning a botnet of cars you could command to drive anywhere at any time. You could effectively close a highway or a bridge, prevent emergency response teams from getting to a destination, or switch the cars into some kind of "Carmageddon" mode where they target pedestrians.
Yeah, we'd be pretty much fucked if this happened.
There's no -1 for "I don't get it."
They have such a list. It's called "an instruction set" and is contained in a piece of hardware called a CPU.
It is possible, and even practical in some cases, to replace the ECU with another device, e.g. http://en.wikipedia.org/wiki/MegaSquirt
If you're paranoid, you too can spend hundreds of hours changing out your ECU and tuning the new one - then it won't be vulnerable to the standard attacks, though it will probably be vulnerable to others.
The ideal is going back to separating hardware modules. However, as people want more features, having one component be able to access another is going to be a must.
We can play with security additions all we want, but the only real protection is compartmentalization. The radio does not need on the same CANBUS as the drive-by wire throttle and brake system for example.
Cutting the break lines was an effective hack (at least in TV shows).
'With vehicles taking up to three years to develop, [security strategist Brian Contos] says manufacturers will struggle to keep abreast of rapidly-evolving threats unless they organize regular software updates." What? What does he mean? Why should it be any problem while it is still being developed? Unless It's a hardware hack I don't see how it should have any trouble receiving updates while it is still being made, more so after it has been released and updates are done via the internet which is much more scary.
Yeah, just look on YouTube for "Carmageddon" and enjoy. Although, I seriously doubt that 'wheel friction' could ever be set to -9 in the real world...
Hacking without physical access requires a network. If you don't want your car hacked, don't link it to the network. It's the tried and true way to prevent hacking. Cars have had computers in them for a long time, but they don't get hacked because they're generally not connected to any networks.
Your car with bluetooth is unsafe.
Sorry, but gray text on gray background is making my eyes bleed.
Where is the logic in an automotive manufacture making the braking or acceleration functions remotely controlled? At what point would an end consumer ever need to make their car accelerate via a retarded iPhone app? I really don't see the concern here. It is more like trying to tie some very loose ends together and creating a FUD article.
At best, a hacker may overtake your Bluetooth connection and cause you to listen to some crappy bubble gum pop over the radio.
Go read a dictionary.
My mom reads CNN and is a Luddite. I expect to hear from her today. She'll probably tell me my new car with bluetooth is unsafe.
Assure her it's nonsense and that you even wear a Bluetooth headset.
Then scream, play a recording of Soundwave, and hang up.
...before anything is seriously done about this.
Until then it will be business as usual. And unfortunately when some script kiddie kills somebody it won't make the news. I worry that this sort of thing won't get fixed until a major "breaking news story" about hundreds of cars running off the road plays out. Only then will it matter.
An optimistic alternative option is that the 'fear mongering' media run with this sufficiently to make it a big issue. This one of the times when the media's bias towards scary news stories can help society.
I knew that movie was real!
I live in fear that someone download my car.
The best solution is to have a manual overrid (that the computer cannot control) in all cars with self driving capabilities. That way if the driver notices anything funny they can go into manual mode. Of course that defeats the biggest benefit of self-driving cars you can't be sleeping, drunk ect. at the wheel.
Is how these updates will be applied:
1) Automatically via some wireless service. Bad idea. I'd hate to even go there.
2) In authorized service centers. This is scary because, the auto manufacturer will be able to warn us from going to non-authorized dealers, saying it's a security issue on top of a quality issue. We've already ran into these kinds of issues. It's come up before here on Slashdot.
. . . but short on facts, see http://yro.slashdot.org/story/12/01/12/1813202/the-future-of-hi-tech-auto-theft for something more geek-worthy.
Q: how do you make a Chinese hacker blind? A: give him access to something with a windshield
So the risks come down to a) unusual combinations of inputs that cause unexpected consequences and b) downloadable apps. You can bet that the auto companies are working hard to prevent the first. If there's ever an "app store" for some car electronics, it will be far more tightly controlled than what's out there for smartphones, again as much for control of what gets into the vehicle as for security. Not that I would personally care to "compute-ify" my car, thank you.
The failures of TFA are that the McAfee guy is applying desktop OS assumptions to embedded systems, and the CNN reporter didn't actually talk to any car guys.
Your new car, the one with bluetooth, is unsafe.
This article is crap. They only quote a CD-based infotainment attack which requires access to the vehicle, and an aftermarket system attack which was poorly engineered. They describe a TPMS DOS attack (RF interference from the sensors) that might make your check tires light come on. Boring.
Right now, if you car doesn't have a RF transceiver, there is nothing to worry about since gaining physical access to the network requires breaking into the vehicle.
If your car does have an RF link (bluetooth, cell phone), you're still relatively OK - infotainment systems as a rule are very segregated from the powertrain networks and usually only linked by a CAN bus that only supports some high level messaging. The Infotainment ECUs do not share the same CAN bus as the powertrain components and there is generally an ECU that acts as a "firewall" such that any DOS-style attacks on the infotainment CAN bus won't affect the other vehicle systems.
I will concede that vehicles with OnStar are a bit more concerning, as I think OnStar has more hooks into the rest of the systems, although I'm not sure how deep. So that is one to worry about...
There have been some attacks demonstrated against the outward facing systems where an attacker can mess with your radio, but the systems are architected such that an attacker needs physical access to the bus to do any real damage to a vehicle.
Here's a good discussion:
http://www.autosec.org/pubs/cars-usenixsec2011.pdf
We seem to have this default assumption that if we can digitize something, we should. I'm no luddite, but we need to seriously examine this assumption. If something can be done mechanically in a time-tested and relatively simple way, there needs to be some serious reflection before we introduce a whole slew of new points of failure for the sake of a slick digital interface with touchscreens, ipod docks, and internet connections.
We seem incredibly eager to insert as many new complexities as possible, because a new car needs a new feature to make it superior to an old car. Nobody asks what the trade-offs are (there can't be any downsides to something that appears slicker and quicker, can there?) until a few hundred toyotas drive themselves into walls.
The Luddites were workers being displaced by machines.
Regarding all technological "innovation" (which may, or may not, be useful "progress") with suspicion is not Luddite behavior, just sane, healthy skepticism. Being locked into a BMW, unable to lower the windows, provide any powered ventilation, or drive the car (or Ford Explorer, as a recent tester found), is the result of larding cars with cheap electronic gizmos without being required to put them through some really stringent testing. A glitch in your car's MP3 player that only makes it skip some songs is mildly annoying; if the MP3 player happens to be in control of pretty much everything ('cause why pay for more CPUs?) and same glitch causes it to execute some exploit code embedded in the MP3 (DX8 or 9), then you've got an utterly untrustworthy vehicle that should be banned from public thoroughfares. With MS building the stacks for some of these, I wonder how many "snoop your ride (be careful what you say/do when it has an internal microphone/camera)" back doors are in those systems, not to mention (although I will) the OnStar-style snoops.
I think modern cars have same effect to driving skills than pocket calculators did to mathematical skills.
In the good old days people could do basic math in their heads, now they use calculators even for the simple math problems.
Old cars didn't have ABS brakes and traction control, you noticed quite quickly when road was slippery and also learned how to really drive a car.
Modern cars don't give similar warning, maybe some light flashes in dashboard telling you that traction control was needed, but you don't register that - this winter we have had lots of pile-ups here in Finland, people drove like it was summer as their modern cars didn't warn them enough that it is really really slippery and you should slow down a bit.
So in the good old days you really needed to learn how to drive a car, it didn't help you, now car has control over braking and throttle, you just steer and when pocket parking car does even that -> drivers don't understand physical laws like they used to do.
This thread has been an interesting read. You have reconfirmed my apprehension for newer automotive technologies.
Two of them, ABS braking and fuel injection ( with OBD2 ), I am all for. The rest of 'em though seem to me a design from Rube Goldberg.
Don't get me wrong. I love driving aids, especially GPS, and I love OBD2 that lets me see how the Engine Control Unit is faring.
I am a "control freak". I feel responsible for what my machine does. I want the assurance of a steel rod running from my steering wheel to the rack-and-pinion gearing steering the front tires, and knowing there is no way for anyone to instruct my car to ignore my steering commands. Same with the brakes - hydraulics. And acceleration/fuel for the engine - a cable linkage.
These, I understand, and have an inner feel for when anything is amiss.
"Drive by Wire" scares the hell out of me.
This whole thread gives me comfort knowing that I said the right thing to the repair garage a few months ago when they told me it was going to cost right at one thousand dollars to re-do the entire braking system on my nearly 40 year old toyota, that has hauled me nearly a half a million miles. They advised me it was an old car and not worth all that much. Well, maybe not to them, but I have come to really have a love for the simplicity of that old car. I had them redo the whole shebang - every cylinder, caliper, shoe, and hose. By golly, I consider the brakes the most critical part of the car. If ANYTHING works, the brakes will,
As one of the other posters noted, it is a great fear of mine too that "pranksters" will discover access pathways into a fancy car and wreak havoc by remote control, anonymously, just for the fun of watching the crash. Its the same thing that made "Winnuke" so popular back in the early internet days, when we found out we could send just one malicious packet to someone to give them the blue screen of death. We'd do it for the pure fun of it.
Although I like the new car's interiors, for now I will consider them a "rich man's toy" because they are so expensive to maintain.
As a side note, its not the cost that kills my enthusiasm, rather it is my impression of quality. I believe in getting good value for my money. I have even been spending $15-$20 for flashlights... ( Ultrafire WF-502B's with various P60 LED engine cartridges - and only WF-502B ) because these lights are made to last, and being the owner of a few laptops, I have plenty of the Lithium 18650 cells these lights use. I am hooked on those 18650 cells giving their second life powering things on the cell level ( 3.6 to 4.2 volts per cell ) when the laptop battery pack fails. Meanwhile I have plenty of little dollar-store LED lights, and have retrofitted my old filament-based D-cell flashlights with LED's
Most of the time, newer technology is better, but its not always the case.
Sometimes its just not "done" yet and other times it wasn't such a good idea in the first place but some marketer saw a buck in it.
Well, anyway, that's my take.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
don't know what you're talking about and you sound like an idiot.
And the mods are idiots.
You see, a car is a CAN. That's all. And it's a bitch to break into it.
'Nuff said.
PS, most of you don't know what the fuck I'm talking about.
IMO, this is probably what is eventually going to happen. Is that a car will have operate in "dumb mode" and "smart mode"
In "smart mode" the computer has direct linkage into all the car parameters and, could in theory be driven remotely by police and 911 operators.
In "dumb mode" the computer is disengaged from all sensors ("eg driving blind") and is disengaged from the accelerator and ignition.
So in theory if the car is mis-behaving you switch it from smart to dumb mode, and operates somewhat crippled (eg no cruise control, no auto-parallel park, no collision avoidance.)
We won't be going back to pre-fuel-injection systems anytime never. Though in my opinion there should be some non-computerized choices out there, something other than a moped. These would basically be land-yacht types that have an external beacon installed to warn automated cars around it that it's not automated and to keep some distance.
If I can set the car to drive anywhere I want and disable safety features, isn't that dangerous enough?
So far, those who have insisted their software's security is perfect have a very, very bad track record.
There's no -1 for "I don't get it."
I've always envisioned automated driving working more like a "turn signal system." Hitting the right turn signal would change your lane to the right as soon as safely possible, or take the next right turn if applicable. Hitting the stop button will pull you into the next available parking spot, or pull you over to the side of the rode if on a highway. I don't see myself, or others really, being very willing to give themselves over to a fully automated system, except for the most menial of tasks (like pulling out of an apartment complex, parallel parking, changing lanes, etc.)
Fanboy Status: Apache Flex, C#, Eclipse, KDE, Pirate Party, Ron Paul, Slackware, Windows 7
Mod Parent UP!!
Not to worry. All new cars will be sandboxed so you can only use a professional driver on a closed course. Goofy, you say? Sure, but you can always take mass transit to work.
See the novel series Daemon by Daniel Suarez:
http://en.wikipedia.org/wiki/Daemon_(technothriller_series)
The kind that require an "always on" internet connection? Yes, let's increase the exposure of our vehicles. Surely it's better to increase the network availability of an already vulnerable system. Wouldn't want to lock down all radio-based vectors of attack at all. I mean, I know I'll be checking the logs and monitoring the spectrum for transmissions to and from my car, 24/7. That sounds safe.