Slashdot Mirror

← Back to Stories (view on slashdot.org)

Car Hacking is 'Distressingly Easy'

Posted by Soulskill on from the no-mr-bond-i-expect-you-to-die dept.

Bruce66423 points out a piece from the Economist trying to rally support for pressuring legislators and auto manufacturers to step up security efforts on modern, computer-controlled cars. They say, Taking control remotely of modern cars, for instance, has become distressingly easy for hackers, given the proliferation of wireless-connected processors now used to run everything from keyless entry and engine ignition to brakes, steering, tyre pressure, throttle setting, transmission and anti-collision systems. Today's vehicles have anything from 20 to 100 electronic control units (ECUs) managing their various electro-mechanical systems. ... The problem confronting carmakers everywhere is that, as they add ever more ECUs to their vehicles, to provide more features and convenience for motorists, they unwittingly expand the "attack surface" of their on-board systems. In security terms, this attack surface—the exposure a system presents in terms of its reachable and exploitable vulnerabilities—determines the ease, or otherwise, with which hackers can take control of a system. ... There is no such thing as absolute security. [E]ven firms like Microsoft and Google have been unable to make a web browser that cannot go a few months without needing some critical security patch. Cars are no different.

10 of 165 comments (clear)

  1. Memory Safe Languages As Countermeasure by Anonymous Coward · · Score: 3, Insightful

    Rust, Swift, Sappeur, Vala - they must also be used in the car industry. Instead of C. Look at the CVE database - 50% of exploits are solely due to the cowboy style of C (lack of memory safety).

    Or just roll over and concede that electronics are too dangerous.

    1. Re:Memory Safe Languages As Countermeasure by BitZtream · · Score: 4, Insightful

      ...

      Your solution to the problem is to try to kill the problem of bad developers by hiding it with the language.

      Could you name one example of where that has actually worked, EVER?

      When you write your 3 lines of Swift (lets limit it to languages real people outside of one company actually use), there are possibly a million lines of C could doing the actual work.

      You do real work in C. You ride on someone else C code in pretty much every other modern language. Switching them from C to any other language won't solve the problem, the problem is using people who don't think things through. Thats not a language problem is a person problem.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    2. Re:Memory Safe Languages As Countermeasure by ThosLives · · Score: 4, Insightful

      Five letters generally prevent most of the software *coding* issues found in critical automotive software: MISRA.

      Failures that happen in automotive software are almost never coding issues, but rather design issues. For instance, even the "infamous" Toyota brake control issues were due to design, not faulty coding.

      Switching languages is actually more likely to introduce more errors than reduce them, since you've now likely added coding errors on top of the design issues.

      (And I second the other poster mentioning things like compile-time allocation of all objects. I have never seen a dynamically-allocated anything in any of the embedded programs on which I've worked in the main code stream; closest we came was in a data logger which wrote to a dedicated area of flash, on a separate chip even from the main micro.)

      --
      "There are a dozen opinions on a matter until you know the truth. Then there is only one." - CS Lewis (paraprhase)
    3. Re:Memory Safe Languages As Countermeasure by Chris+Mattern · · Score: 5, Funny

      Five letters generally prevent most of the software *coding* issues found in critical automotive software: MISRA.

      Or possibly XYZZY or PLUGH. I forget which.

  2. Stop interconnecting systems by schwit1 · · Score: 5, Interesting

    Why should a hack of the navigation or audio system allow access to the braking system? Why hasn't the DOT mandated an air gap between critical vehicle operation systems(braking, acceleration, ignition, steering, transmission, etc) and all others.

    1. Re:Stop interconnecting systems by mrchaotica · · Score: 3, Interesting

      There's no reason why the infotainment system can't have read-only access to the engine control module (with write access physically prevented by the hardware). You won't be able to modify the engine management without physical access to the car, but that's the way it should be anyway.

      --

      "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

  3. I WANT a hackable car... by Somebody+Is+Using+My · · Score: 3, Interesting

    Personally, I want a hackable car. What I do not want is a /remotely/ hackable car.

    I want a vehicle where I, as the owner, can access all its bits-n-bobs - even the digital ones - to tune it as I desire. I do not want a car whose computers are so saddled down with "security" that the only ones who can access its electronic brains are "authorized" technicians who have paid tens of thousands of dollars for the appropriate software and hardware. Too often I see "security" being used by automobile manufacturers as an excuse to lock out the owners (or even ordinary mechanics) from modifying - or even diagnosing - the vehicle without first tithing to the manufacturer for the privilege.

    Of course, only I as owner (or any I authorize) should be allowed to adjust my car in this way; obviously, I do not want any nefarious parties to alter my car's settings - especially not while I am driving! But while this is something the designers and manufacturers need to keep in mind, so far I am unaware of /any/ successful attempt to "hack" a moving car. Of course, if a nefarious individual gets access to the OBDII port on my car, there's no end to the damage he could do, but no computer (or car! think "cutting the brake lines") is safe if somebody has physical access to it.

    So forgive me if I interpret these worried cries about how my car might be "hacked" less as an earnest warning about my vehicle's vulnerability to malicious actors and more as another attempt by the manufacturer to gouge the owner out of even more money just so he can continue to tinker with his own property.

  4. Re:So where are the CVE/Vuln reports for this?Oh,w by ledow · · Score: 4, Informative

    There have been public demonstrations, some televised, of certain models of modern car that allow you to change things like timings and injection sequences, via OBD, over Blueooth, using default passcodes.

    I'm sure they're all patched now. Of course. No more will that ever happen again.

    There's also been demos of being able to DoS certain buses in the car remotely and wirelessly, preventing everything from in-car entertainment to immobilisers from working, etc. using similar techniques.

    These things are all out there. Go look. And that's just OBD. God knows what happens when you start tying in Wifi into the car speakers, joining that to the satnav for Internet updates, joining those to the car etc.

    You can see cars on the market today, not even particularly unusual or modern ones, that pull in OBD information into the electronic dashboard which also doubles as a music interface and a satnav and a fuel gauge and a Bluetooth phone interface and everything else. It's not at all hard to imagine that such things haven't covered every single possible hole where information from one can leak to another.

    And anything OBD-writing is potentially dangerous. As in "blow up your engine" dangerous. Most older OBD systems are nothing more than read-only technical data. Newer ones do more to allow flashing, firmware updates, and even modification of settings that control emission levels (e.g. fuel injectors, exhaust re-introduction pumps, etc.). Add that together and you have one big mess waiting to happen.

    There's a reason that you don't buy mod-chips for your engine nowadays that you can swap out to pass emissions test and then swap back to get the "sports performance" of your car. Because they don't need to swap the chips physically any more.

  5. Re:So where are the CVE/Vuln reports for this?Oh,w by ledow · · Score: 3, Informative

    And for when you say "Links or it never happened":

    http://www.forbes.com/sites/an...

    Or just Google OBD hacks.

  6. Re:Keep your old cars by The+Grim+Reefer · · Score: 3, Interesting

    That's what I do, I have a 1998 car which I intend to keep for the rest of my life. It still has some electronics (ECU, ABS)...

    And those electronics are probably going to be one of the biggest issues with keeping that car going. Most mechanical parts can be repaired, be made, or sourced from junk yards.A lot of classic cars also have other companies making replacement parts. For example, you can build a brand new replica of a 1963 Corvette if you would want to as every part for them is in reproduction by one company or a company.

    There has been a bit of concern regarding the electronics in cars that have been made in the last 20-30 years though. They will wear out as a car is a very harsh environment for such things. Since the auto manufacturers are not that big on creating competition for their parts, they don't make it easy for other companies to reproduce these components and they also only make them for a set number of years. Besides, they don't want you to keep that car for decades. If you do that, you won't be buying a new one. Eventually electronic replacement parts for a car built in 1998 are going to run out and there won't be any replacements. Without a functional ECU, you won't be able to start the engine.

    If you are lucky enough for your car to be popular with racers or some other group that likes to modify its engine, then there may be aftermarket ECU systems available. But that's going to cost a lot in most cases.