Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Reveal Nasty New Car Attacks

Posted by samzenpus on from the unsafe-at-any-speed dept.

schwit1 writes "Stomping on the brakes of a 3,500-pound Ford Escape that refuses to stop–or even slow down–produces a unique feeling of anxiety. In this case it also produces a deep groaning sound, like an angry water buffalo bellowing somewhere under the SUV's chassis. The more I pound the pedal, the louder the groan gets–along with the delighted cackling of the two hackers sitting behind me in the backseat. Luckily, all of this is happening at less than 5mph. So the Escape merely plows into a stand of 6-foot-high weeds growing in the abandoned parking lot of a South Bend, Ind. strip mall that Charlie Miller and Chris Valasek have chosen as the testing grounds for the day's experiments, a few of which are shown in the video below. (When Miller discovered the brake-disabling trick, he wasn't so lucky: The soccer-mom mobile barreled through his garage, crushing his lawn mower and inflicting $150 worth of damage to the rear wall.) The duo plans to release their findings and the attack software they developed at the hacker conference Defcon in Las Vegas next month–the better, they say, to help other researchers find and fix the auto industry's security problems before malicious hackers get under the hoods of unsuspecting drivers."

2 of 390 comments (clear)

  1. Re:High risk by Xaedalus · · Score: 5, Interesting

    The mere fact that this has been announced has already started the wrong people working on it. At this point, releasing at Def-Con is the right thing to do, because not only will that patch get fixed, but others will come to similar conclusions and keep an eye out for peers who are going to exploit this. Black hats have family too.

    --
    Here's to hot beer, cold women, and Glaswegian kisses for all.
  2. Re:High risk by Anonymous Coward · · Score: 5, Interesting

    You mean like if there was some embedded computer plugged into the same CANbus as the OBD port, that had a cellular radio on it that was already shown to be vulnerable to attack? One sold on every new car from a certain major manufacturer?

    Yeah, in the future, when OnStar exists, there will be serious issues. Wait, was "future" the right word?

    The underlying problem is that CANbus was designed by automotive engineers and not network security people.