Slashdot Mirror
Ask Slashdot: Buying a Car That's Safe From Hackers?
An anonymous reader writes: I'm in the market for a new car, and I've been going through the typical safety checklist: airbag coverage, crash test results, collision mitigation systems, etc. Unfortunately, it seems 2015 is the year we really have to add a new one to the list: hackability. Over the past several weeks we've seen security researchers remotely cut a Corvette's brakes, shut down a Tesla's computer, unlock a bunch of cars, intercept Onstar, and take over a Jeep from 10 miles away.
So, how do we go about buying a car with secure systems? An obvious answer would be to buy a car with limited or archaic computer control — but doing so probably comes with the trade-off of losing other modern safety technology. Is there a way to properly evaluate whether one car's systems are more secure than another's? Most safety standards are the result of strict regulation — is it time for the government to roll out legislation that will enforce safety standards for car computers as well?
So, how do we go about buying a car with secure systems? An obvious answer would be to buy a car with limited or archaic computer control — but doing so probably comes with the trade-off of losing other modern safety technology. Is there a way to properly evaluate whether one car's systems are more secure than another's? Most safety standards are the result of strict regulation — is it time for the government to roll out legislation that will enforce safety standards for car computers as well?
Safe from EMP as well.
We're going to need the car equivalent of DD-WRT the way things are going.
It only costs a few thousands of dollars, is a real piece of shit, but rest assured it can't be hacked.
Unless you are someone important, people won't spend the significant effort required to hack your car. I would say you can probably avoid the seemingly quite inept "classic" US manufacturers, especially if you don't plant to do the usb upgrades etc that they might require if a remote exploit is found, but still it should be a minor concern. Ok, if you are paranoid get a Tesla, researches spent TWO YEARS and they ended up with an exploit that required physical access to a port inside the car, could at most turn of your engine (very gracefully in neutral and with you in full control) and could be instantly patched over the air...
Again, if you are some sort of a dictator etc I could see an intelligence organization with great resources finding a way to hack your Tesla if they have physical access to it, but it will still be cheaper and more efficient to just plant a bomb...
Violence is the last refuge of the incompetent. Polar Scope Align for iOS
if you tamper with the hardware/software.
If the government has backdoor access to your car's computers -- and how do we know they don't? -- so will the hackers.
Give me my freedom, and I'll take care of my own security, thank you.
Buy a horse.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
After graduating college and transitioning to my career at Taco Bell as a cream engineer (sour) I've taken the liberty in my extensive sabbatical time to research and in fact provide the slashdot community with a hardened, hackerproof vehicle that is both affordable as well as reliable. I give you, the 2001 Ford Crown Victoria Police Interceptor.
The discerning customer will have acquired it through government auction between $600 and $800, where it will present not one, not two, but three indicator lights. One light, the engine light, serves to confirm an engine is present. The other two lights, ABS and the squiggly red noodle, are savvy decoys to confuse the hacker into presuming there is a functional breaking mechanism to exploit. Entering the vehicle the driver is greeted with the stench of so many dollar-menu breakfast sandwiches and carbon paper from a decade of parking citations. These aromas confound the hacker mind. Should the hackers persist, the vehicle contains plausible deniability technology for the engine itself. Instead of recirculating oil in the crankshaft, the security of this vehicle clandestinely burns the oil. Some people have heard of the chain of trust, and in this vehicle a sophisticated system called the chain of rust prevents tampering with idler and pitman suspension components as they are permanently affixed using oxidation technology. Finally, to seal their doom, hackers attempting to gain access to the glove box will become inextricably trapped in a foul blue, brown goo which is in fact the remenants of an exploded ballpoint pen and an old snickers bar, aged to perfection. Should the driver successfully decrypt the transmission and make it into first gear, the vehicle offers many moments of useful intermittent service.
Good people go to bed earlier.
Stay away from any cars that are popular, and all those that can be controlled by the manufacturer. For the most part hackers want the most bang for the buck, so stay away from anything that you see everyone else driving. There is a reason why so many Window's viruses exist.
Time is what keeps everything from happening all at once.
I am hoping by then I can get a car that is in the cloud.
Thermostats (wifi or 3g enabled)
Home Security Systems
Banks (some of their website security makes me really wonder)
Almost all "Internet of thing" smart home devices
I even have basic questions for (mostly android) cell phones. How long do I get security updates for any of these devices?
I'd go with the low end. My 2006 hyundai has airbags abs and cruise control. No interconnected entertainment system, no chipped key that costs extra to replace, no extra tracking system with included microphone, and its paid off. Not sure what current models are like.
You've made the false assumption that anyone gives a fuck about you.
I'm talking about both car companies and "them", but mostly "them".
Unless you plan on being the next snowden, why the fuck would anyone care enough about you personally to hack your car?
Remember, crimes require both motive and opportunity, and while opportunity has increased drastically, motive still remains flat at zero.
I mean, I personally probably have the skills to hack your car, but why the fuck would I?
Buy a Crown Vic (Or Mercury Grand Marquis, or Lincoln Town Car)
They were made long enough to have most of the safety features, but are based so in the 80s that the computers in it aren't connected to anything. They're so common that you'll be able to keep one running for another 30 years. They have enough of the car safety systems because police departments demanded production until 2011 (2012 if you're in the middle east)
By the time one of these is unrepairable, The hackers will either have won and we'll have gone back to unconnected cars, or we'll have figured out security (read: It's gonna be the former)
Many of these exploits I don't think of as exploits. They attach a device to the OBDII connector. Keep your doors and windows locked and voila not connectee. 2nd, be real, somebody really wants to mess with your brakes why not nick the hydraulic cable. Much easier. Much of this is hype. The exploit on the fob to unlock, I'd pay attention to. I thought I saw somewhere the land rover is so bad that insurance will not cover it in london unless parked in a garage.
The main issue seems to be computers that are exposed to external interfaces with no protection. There are many cars built from the late 1980s to mid-2000s that have little external attack surface - remote door locks, and perhaps anti-lock brake sensors, with little interconnection between those and other systems. The mass move to centralized systems and access by everything to a single network started in the early-mid 2000s, and didn't become nearly universal until a few years ago. So ... look for something from the early 2000's, with a plain radio not nav (can you read a map? can your phone talk to you? why do you need it built into the car then?). Most in that period should be fairly modern-feeling, easy to drive, and mechanically sound. Most use traditional wiring harnesses rather than a CAN. All can be hacked through the OBD socket, but that is true for everything since 1994, and most fuel-injected models (and even some carbs) since 1980; that's a local hack, though, because you need physical access inside the car to do it and as with your desktop if somebody's already inside then you have no security.
As for EMP - sorry about that Bug, but it dies too. Spark plugs and wires. The only thing actually immune would be an engine that doesn't require electricity to operate (assuming the battery keeps powering the fuel cutoff solenoid or you can jimmy it somehow) - like a mechanical-injection-pump diesel like older Mercedes or 80s-90s VW.
Simply a wonderfull car, except for the fuel consumption,
On that car you can virtually do everything by your own - small amount of tools needed - it's plain & simple.
But semiconductors are on board it has a stunning 6 diodes on board - not counting the radio!
If you choose a real Suzuki Samurai with spray injection from 88 you additionally get one with a cathalysator.
You do NOT need to let OnStar or similar capabilities. No need for it at all. Maybe if your car was self-driving and designed to network with other cars you would need such functionality, but the ability to call for help or use wifi or wireless diagnostics is NOT worth making it hackable
Once you do this, your car is as safe from hacking as it needs to be.
excitingthingstodo.blogspot.com
Anything from late 90s will have power, will have modern safety (ABS, Traction, Side Airbags) if you go sufficiently upscale but will not have any integrated infotainment electronics. If you go older, you start losing safety features. Late 80s is ABS, early 80s is airbags, 70s independent rear suspension and rear disk brakes.
"- is it time for the government to roll out legislation that will enforce safety standards for car computers as well?"
Which would be covered under *any* sort of "product liability for software" legislation.
Seriously: You can't buy food without the producer going through FDA checks, you can't buy a car without all the right safety and functionality checked by a gummint agency, you can't trade stocks without oversight by the SEC, so why can software vendors continue to peddle insecure crap with no liability?
Sometimes the "writing on the wall" is blood spatter...
Therefore do not involve computers in tasks that don't require computerization. Let that be your guiding principle, and follow the logic to its conclusion.
i have a honda CR-V with 4WD. one of the most boring cars there is. sure i can buy an Acura but they are just honda's with different body panels, different engine software and a higher price tag. same with Toyota/Lexus and Nissan/Infinity. or buy a honda civic. my car has a USB port for my phone and none of that new social crap computer in there for checking facebook while driving. don't need it
If you want a modern car, you're just going to have to accept that right now, they're all full of closed-source, black-box computer stuff. Short of going to work for the manufacturer and signing an NDA, you're never going to be able to get access to the inner workings of these things. The unfortunate truth is that these manufacturers are adding features without incorporating security from the very beginning, in an effort to have more bells and whistles than the other guys. They're getting better about security, but they still have a lot to learn.
The good news is that most of these hacks are at least somewhat mitigated. The Jeep one seems the worst, as it worked over a cellular connection from seemingly anywhere, to get into the infotainment system, and then jump to the car's actual controls from there. Chrysler was able to make some change to their network that (partially?) stopped the attack even if the individual cars were still technically vulnerable. The OnStar hack was a MITM between the mobile app and the OnStar website (due to not verifying the cert); it resulted in being able to do things to the car, but wasn't actually a vulnerability in the car itself. Most of the previous hacks require physically connecting to the OBD2 port in the car. As was stated in related posting, just as with computers, if the bad guy can break into your car and install a dongle, you're pretty much screwed anyway. Just like installing only necessary packages on a server to minimize its attack surface, you can also skip unnecessary vehicle options to reduce the chance of a vuln (though you may have varying levels of success getting a car with exactly what you want and nothing you don't).
We need these hackers to keep pointing out these flaws until the manufacturers fix them (and hopefully completely avoid the same mistake in the future). For now, it's still fairly early in the cycle with lots of learning being done. We need more isolation between the vital control systems and the trivial entertainment junk to completely remove the possibility of something like a USB stick being able to take over your engine, but for the most part these vulns are still rather limited in their application, due to the inherent limitations of actually getting linked up to your car's systems. I'm afraid it might get worse before it gets better, but at least these things seem to be getting addressed by the manufacturers, rather than just covered up.
This one's really easy. Don't buy a car where the core system is internet connected unless you're confident in its security.
The Fiat/Chrysler hack was insane, the result of a total disregard for security.
The Tesla "hack" barely deserves being called that as it requires physical access to the car's data bus to work. Pretty much every car on the market these days is "vulnerable" to that, but it's stupid to worry about because that's like saying your brake system is "vulnerable" to being cut.
Likewise with the Corvette.
I wish the fucking stupid media would stop publicizing any of these that require installing extra hardware in to the car as if they actually mattered.
I used to get high on life, but I developed a tolerance. Now I need something stronger.
if you are worried about hackers, buy a car without any wireless features. no remote starter, no keyless entry, no bluetooth, no wifi, no onstar, no uconnect, no cell phone connectivity.
Anons need not reply. Questions end with a question mark.
My 1996 Jeep Cherokee still runs well. Computer controlled, fuel injected, driver's side air bag... but no remotes. I think I'll keep it.
The one constant is theft involves "effort" hence the quicker the Phone App that help unlock and start a car.
The quicker people will stop ripping off the sterring column and hot wiring the car.
Why bother when there is an App for that?
And the hot cars won't be the ones without an electronioc key, the cool factor and the autostart will be a non-starter in the resale market
Of course if the no-tech versus hi-tech cars share parts your wheel rims might still be at risk.. but its unlikely
Made in India will probably mean.. zero-tech.. and those will be safest from theft
If you are concerned about somebody "hacking" your car over some network connection, just don't buy a car with a network connection. and your problem is solved.. If there is no cellular data connection, there is no way for anybody to hack your car using a data connection. So no "OnStar" or other such convenience services that involve data connections to your car.
If that doesn't meet your definition of safe enough, understand what you are trying to protect yourself from. MOST of the demonstrated hacks we've seen of late REQUIRE physical access to the vehicle at some point. You are going to need to provide PHYSICAL security for that car parked in the public parking lot in front of the grocery store to protect yourself from this stuff. But that's always been the case. These new "hacking" techniques don't make it any worse.
In short, don't worry about it. Buy a cheap car w/o all the quickly outdated "data connection" based services and stop being a worry wart... Well that and don't be a high profile target.... Who's going to hack my Honda Accord? I'm just a middle aged, middle class guy with my 2.3 kids driving a cheap car. I'm not important enough to be a target...
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
RestoMods are where you take an older car and upgrade it to more modern standards. Thus, you get the best of both worlds; superior handling and acceleration, some added safety features, and a car that looks vintage, styled to stand out from the crowd of oval-shaped vehicles.
There's even an upgraded pan for the VW Beetle that provides disc brakes, better handling and smoother ride; as well as a large assortment of engines that can provide anything from mild performance to tire squealing, drag-strip style that'll smoke most other cars.
And yes, almost all RestoMods eschew too much electronics, which make the cars as unhackable as they were when they were original 60's and 70's cars.
If telephones are outlawed, then only outlaws will have telephones.
Both a friend of mine and my mom had their Nissans broken into while at my sister's house and we're pretty sure the thief used a wireless hack since neither vehicle had signs of forced entry yet both were locked. Likely it's a local kid, cameras would help catch him. Funny story though, the suitcase stolen from my mom's car had about 25 pounds of bran and a book on crafting since she was getting ready for a crafting bean bag project. That thief didn't get much :-)
Here's an article that describes this a bit:
http://www.networkworld.com/ar...
Parking in the garage is a simply deterrent as always.
...that this is actually a question these days. This is a prime example of why the Internet Of Things will not work, ever.
We're not talking about a $5 embedded device going into a fridge here. We're talking about a $20,000 piece of safety-critical machinery. The software standards have to be a little higher than your average fresh-out-of-college "what's source control?" type. It's too easy NOT to have software standards.
You just don't buy anything with a communication system connected to its control system, which unfortunately excludes more or less every manufacturer. The Corvette issue is a red herring -- it required hardware modification and a directed attack. The attacks that would be interesting against a Corvette would be via onstar, which is also attached to the CAN bus. If someone wants you dead bad enough to consider modifying your car electronically, that means they have physical access to your car, which means they have physical access to you; they will not attack the car.
I do not know the details, but it is said that OnStar is really easy to disconnect -- just pull a plug in the trunk and factory radios can be replaced with after-market ones, whose physical configuration you control. Perhaps someone on here knows if a modern car will happily function with OnStar (and friends) disabled and the car-radio replaced? My guess is that they probably would. If not: "next contestant, please!"
1. If you can't pay cash for the car you can't afford it so get an older model. Depreciation on any new model is huge and a money looser. 2. Add in your own top end stereo system for the convenience items you want. 3. Modify the dash to use an iPad or Android tablet. You can tie it into the control system if you like. You don't get crash avoidance but if you actually drive like your life depends on it you don't really need it.
It all starts at 0
Exactly. If you're worried about this, you're making the obvious mental error in thinking that stories you see on the news are about you. They aren't. Even if the news stories are true (and not misleading, or out-of-context, or dramatized, or hyped out of proportion), they're still almost never stories about you.
You don't need to take any action. You don't need to disrupt your life. You don't need ask your government to bully other people into solving this "problem" for you. It's not about you. It really isn't.
I am sure my car can be hacked. Luckily I have full coverage so I really don't care that much.
So far as I know my 2008 Toyota Tacoma with a 5-speed manual transmission doesn't have any wireless anything built into it, and you'd have to have physical access to the vehicle in order to 'hack' anything in it. The throttle pedal may be connected to a potentiometer, but the brake pedal, steering wheel, clutch pedal, and parking brake are all mechanically connected to their various systems and will all still function even with the engine off.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
This is a ridiculous scenario, why would any sane hacker hack the car they just sold to someone else? If something goes wrong, who do you think the authorities might check first? It's about as silly as saying, well what if someone sells you a car with a car bomb in it? You could argue that somehow the hacker doesn't like you but then why would he/she even bother selling you the car in the first place. The whole scenario is highly unlikely. Besides, most people who would pull pranks of this sort are not going to want to know who the victim is or met them personally.
A more likely scenario is as a prank someone crashes an entire network of cars for fun or maybe they dislike the company. Still in this situation, how many of you would knowingly do something that could potentially hurt hundreds or thousands of people? I think most hackers can distinguish between "annoying fun" and outright getting folks killed or injured.
Granted while it is important to have proper security, I doubt any of these scenarios are as dire as one might suspect.
just dont go stupid and get all the extra comfort phone control features and you are just fine.
No hacker on this planet can hack a 2015 civic without physical access.
Do not look at laser with remaining good eye.
I recommend Charlie Miller's talk from DC 22 - in which he goes through the architecture of a number of vehicles. His goal was the opposite of yours, to find the most hack-able car to set up for his talk this year (and the preceding Jeep recall) but if you turn the crank in the other direction, you should be able to get to the conclusion you want:
https://www.youtube.com/watch?...
Min
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
Where is the car example?
Buy a VW or Audi or Skoda or Seat... If you want to disable "carnet" remote access you can by unplugging the ECU under the passenger seat. If you want more security, then close the doors with the door knob, the code stored inside the key is changed every time you turn on the ignition.
At least in european versions, tyre pressure sensors are not 'wireless', in fact, there are no tyre pressure sensors, pressure failure is determined by the wheel encoders, if a wheel runs faster when you drive straight, the radius is smaller and thus the car warns you.
Seeing what other manufacturers do, I think you should consider buying a VAG Group car.
PS: you can also download on TPB the workshop manuals, elsawin, etka, and diagnose the car using VCDS and a dongle bought from eBay. This was another reason for buying a VAG group car, I can repair it by myself!
Math says you can't make an un-hackable computer. Either it isn't a computer, or it isn't hackable. You don't get both. (Read "Godel, Escher, Bach")
I like postwar 1940's era vehicles because not only are they "non-hackable" they tend to be EMP resistant. I don't like the idea that a solar flare can kill my car.
Sorry, security and privacy are only for the wealthy. For the rest of us, it's our duty to continue to allow them to use our security and privacy to make more money.
--- Keep the choice with the user..
Do you have datalogging going on the CAN bus are you just guessing? .. just because you return to your car minus sunglasses but without shattered glass does not mean OMG HACKERZ.
Most of those required physical access to the car. If I have physical access to any car I can hack it. Can we stop with the alarmist bullshit please?
He'll restore you one for only 65k!
I can't call that English
In the case of the Tesla, the hackers first needed physical access to an onboard Ethernet port (which if I recall correctly, had to be soldered into place) before they could hack anything.
If someone requires physical access to your car to hack it, then I submit to you that it's secure enough. Why? Well let's say you decide that you don't trust any modern cars w/onboard computers - so you get a 1982 Honda Civic. Fine and dandy - you're now immune to software hacking of your vehicle. However, your brake line can still be cut.
If the hackers need *substantial* physical access in order to compromise the vehicle, then it's no worse than a non-computer-enabled vehicle from 30 years ago and you should stop worrying about it.
Just restored a 1976 Dodge pickup to near immaculate condition for less than 1 years worth of new truck payments. Insurance is $65 a year, and a 5 year registration in Colorado cost $200. Not only can I fix nearly anything with either a ball peen hammer or $20 visit to CarQuest, I'm pretty sure its immune to anything up to a nuclear EMP.
Nothing evolves faster than the word of god in the minds of men who think themselves divinely inspired.
Physically disconnect the uConnect/OnStar antenna, turn off BlueTooth or any other remote connection system if you can't disconnect their antenni. Pull the fuse for the powered lock system that allows your keyfob to unlock your door/start your engine.
Remember. If you can connect to your car remotely, so can the bad-guys.
"Grab them by the pussy" -- President of the United States of America
And they work by either braking OR accelerating hard.
Paul
In short: If you want a secure car, get something with a carburetor or buy a VW, Audi, Porsche, Seat, Skoda, Bently, Bugatti or Lamborghini.
I reverse engineer automotive software for a living and I can say without question that Volkswagen Auto Group cars are as secure as you can possibly find.
Most of the cars you hear about being "hacked" are vulnerable because of something in the infotainment system. Once an outsider has access to that, in most cars, they have access to the canbus and can do "bad" things.
Vag cars are not this way. They have multiple can buses, one for each primary function. Body control, convenience and power-train are all on separate buses. Between these buses sits a device called the "can-gateway", which is essentially a canbus firewall. No packets can move between the buses except those that are necessary to allow. A "wheels are spinning, activate ABS" message cannot originate on the convenience or body control bus.
The software for just about everything important is secured with signatures (2048 bit now). Modifying the software for these cars is extremely difficult, getting access in the first place requires enormous amounts of very skilled labor. We spend many thousands of man hours each year just keeping ahead of the security features added to the ECU engine control code (we're a performance company).
It's hard enough to modify anything on these cars when you have every tool imaginable, a seasoned veteran staff, complete access to the cars and nearly unlimited financial resources.
live responsibly. stop commuting ridiculous distances - live close to your work. walk. ride your bike.
i went to a museum that had an entire building devoted to horse drawn carriages recently. summer carriages. winter carriages. beautifully designed, elegantly constructed. dashing through the snow, in a one horse open sleigh. a stable full of animals is no small job to maintain, of course. but i'm sure many of the rides people used to take were glorious. not always of course. how does it feel to be stuck in traffic when it's 100 degrees outside (partly because the pollution you are creating)? that's not wonderful either.
our solutions lack foresight. they aren't improvements, they are evolutionary trials. they might not pan out. a lot to be said for the horse and buggy. a very small amount of metal involved, mostly wood and leather. no need to figure out how to convert switchgrass to fuel or other such nonsense - the engine eats grass. the original self-driving car. give it a general sense of direction and it takes of the rest. more intelligent than any computer ever made, and it reproduces itself.
I think we often misunderstand the meaning of the word "progress"
There's no totally effective way to protect against a hack if physical access is granted.
However, recent hacks of concern have all relied on some form of wireless connectivity. Whether it is OnStar cellular, or Chrysler internet(via cellular data), or some other WiFi hack, they all rely on being able to connect to the vehicle wirelessly.
Remove the ability to connect to the vehicle remotely and you're "unhackable". That means either buying a car without these radios installed, or removing the radios, or not enabling the service required to use the radios(cellular).
If you're paying for OnStar or UConnect service, you'll have the potential for being remotely hacked.
"Is it time for the government to roll out legislation that will enforce safety standards for car computers as well?"
Here's a suggestion: make the maker of the car liable for successful remote-takeover attacks (not involving physical access). For actual damages. No matter what kind of waiver or "user agreement" the user is asked to sign (in fact, make those explicitly *illegal* if they attempt to subvert this, except in the case of experimental vehicles of very limited numbers). That way the lawyers would squash the "bright ideas" of the marketing guys, until there's security technology that management is willing to bet the company on. And, oh yes, if the government asks for a "remote kill switch"? Have the *government* be liable in court for abuse of it. That'll probably shut down *that* bright idea, too. For a little while.
This will probably retard things like self-driving cars for years. And that wireless access point in your car would for sure no longer be able to talk to the car itself. But I believe this would be a good thing. And if cars come, from now on, with only three indicator lights, that's a shame. But probably worth it. I don't like the idea of Unknown Hackers doing to highway traffic all over the country what they did to Sony's IT.
Mechanic fuel injection.
Mechanical... everything, almost. If it's not mechanical, its probably vacuum-based.
And the engine bay isnt some hyper-crowded affair.
Engine block is iron. Body is steel.
takes forever to get to 60mph, but its very happy on the freeway once up to speed.
You need to find a car with a cop motor, a 440 cubic-inch plant, you need cop tires, cop suspensions, cop shocks. Find a model made before catalytic converters so it'll run good on regular gas. What do you say, is it your new car or what?
I'm building a pure Mechanical car in my garage. You need a hammer to hack it ;)
You want a new car?
Nothing is unhackable, so forget it.
You want a car that isn't going to get hacked or stolen?
Buy a low end Volvo, because nobody fucking cares.
It's easy to get a comparison. Just ask a salesman in every manufacturer's store how hackable their cars are.
Then simply compare the responses.
But a car from one that admits their car is hackable. The others are all liars.
If you want a modern car, you're just going to have to accept that right now, they're all full of closed-source, black-box computer stuff. Short of going to work for the manufacturer and signing an NDA, you're never going to be able to get access to the inner workings of these things.
And they're also locked down against even other people in the company.
Much of the low emission and long lifetime performance is the result of the ability of the engine control computer to fine-tune the engine's characteristics on the fly, far better than the mechanical/electrical/pneumatic/hydraulic "computation" systems - where every arithmetic operation is several hardware parts - ever could.
The automakers keep tight controls over the code that runs the engine. This is not just to maintain competitive advantage, but to keep people from changing the engine's (and transmission's) operating parameters - which could give you better performance but completely wreck the fine balance that keeps emissions and fuel mileage within government mandates.
Making the powertrain computers less susceptible to cracking is a really good idea. Replacing them with something other than a powerful computer is not doable, without reducing the performance (especially the pollutant emissions) to something not much better than that of vehicles just before engine control computers were first deployed.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
if you are worried about hackers, buy a car without any wireless features.
The federal government mandates a radio-based tire pressure telemetry system on all new cars. That means there's a digital radio monitoring the transmitters in the tires and reporting to the computer that displays alarms on the dashboard.
At least one such system has ALREADY been cracked, giving the attacker control of the car's data bus via the mandated tire pressure receiver.
(Also: These systems are inherently useful for tracking cars: Each wheel reports its pressure, along with a serial number (so the vehicle's system knows which are IT's tires and which ones are underinflated). This can be received by radios other than the one in the vehicle, including systems using loop antennas buried in the roadway.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
I don't care (much) if my entertainment and navigation system is hackable. But I ABSOLUTELY DO NOT WANT anything to do with the actual operation of my vehicle to be hackable! It seems to me that using two physically separate computers and networks -- one for nav/comm/entertainment and one for vehicle systems -- would be a good start. MONITORING devices could be providing data to both (to allow things like OnStar to detect an accident or to allow the entertainment system display to show vehicle status. However, absolutely ZERO vehicle CONTROL devices should be in any way accessible from the entertainment computer/network.
I write software for nuclear power plants where we have several physically separate networks and computer systems, with the most secure systems only streaming data outward towards the less secure systems. The most secure systems have no external inputs or connections at all -- as the vehicle control system should be (even the diagnostic port(s) should be in an area locked by one of the vehicles physical keys). The less secure systems have no access to any sort of control function so that, in the event of compromise, the worst that can happen is capture and possibly inaccurate display of aggregated data (operators still verify unexpected computer readings with physical instruments before controlling the reactor). The secure system needs nothing from the less secure system(s) and, if the data rate is not too high, could even stream its outgoing data using a TWO WIRE serial connection that does not even have the return signal connected!
If they care, the automotive industry could easily do these things to protect control systems. The fact that they don't bother shows just how much they value profits over human lives.
Why can't they add a pairing code to the fob and car to be set by the owner? Similar to bluetooth paring. It will obscure the default signals at least.
Pumpkin orange - even if it were hackable, no one wants to be seen in it.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
One of those matchbox cars. Or an old one.
Drive a manual transmission. Figure out how to safely drive first.
Low-tech worked just fine for the Galactica and her Vipers.
Ain't no hacking there
-- Tigger warning: This post may contain tiggers! --
How about not connecting Bluetooth directly to to the ignition system with an easy to guess password.
If you're paranoid, buy a wheel clamp or steering lock. Otherwise, buy a cheap car and be paranoid, or do some smart stuff and/or don't mind.
If you're really paranoid and want to buy a new car and hack it yourself.
First locate and remove the cell modem and you've just dramatically reduced your attack surface while maintaining a relatively large feature set. It will vary from one OEM to the next where the modem is located.
Most infotainment systems will work (though admittedly, with possibly reduced functionality) without them. Same goes for wifi and bluetooth, but in those cases, an attacker must be much closer to your car, physically, for them to do anything.
Door locks are (for now) independent of just about everything else "wireless". It's hard to say whether or not you could physically disable them in favor of a mechanical lock w/o accidentally putting the whole car in theft lock down mode.
As far as retaining modern safety features, Forward collision warning and lane departure warning systems are usually physically separate modules with no connectivity of their own.
Another more drastic (and *much* more difficult) modification you could do is create a CAN firewall and just block potentially life threatening messages from leaving modules that are network connected.
Come to think of it.... I think I just found a new business plan here.....
It's ironic that this article appears just a few slots above the "the network is untrustable" article about AT&T's support of hacking. The process of keeping an Internet-facing machine safe is a more or less daily battle of 0day patches. This isn't, has never been, and likely never will be possible for consumer electronics because it imposes too much cost on the manufacturer. Automotive software doesn't get updated with the same frequency as desktop software for a bunch of reasons, and it also doesn't get updated indefinitely because there's a distinct end-of-lifecycle for it. TL;DR: The only safe-ish automotive electronics, both now and in the future, are electronics that have no connectivity. It's impossible to feel safe about connected electronics of any sort, and in a realtime control environment like a vehicle, it's frankly irresponsible to permit such connectivity.
Ferrari and Maserati both have tech packages straight out of the 1990s, nothing wireless or remotely hackable.
As long as the world only contains individuals, that's a major concern put to rest. When examined at any larger social scale, though...
There are also corporate entities, including bad actors whose antics include all sorts of chaos-inducing mischief. So, what happens when New Jersey political actors shut down a busy bridge? Oh, wait, that didn't involve electromagnetics... When Russia wants to tie up all the traffic in a Ukrainian city? China versus India? India versus Pakistan? Ukraine versus Russia? Tibet versus China?
The vulnerabilities of national transportation infrastructure are very much a concern related to 'the common defense', and a dose of national involvement is very likely in the near future. From a LOT of nations, not just the US. Maybe the UN should sponsor laboratories for internet-of-things safety qualification.
If you get a car with no radio-control and a "dumb AM/FM radio" that isn't linked to the "car" part of the car, then you should be hack-proof to almost* anyone without physical access.
This means no remote-engine-start, no "OnStar"-like services, no remote-entry, and probably no cell-phone-through-the-car-speakers, etc. etc. etc.
* While there is always the theoretical ability to "beam" a signal to a wire in your car, the difficulty of doing do in anything more than a blunt fashion makes this unattractive to hackers. If a hacker wants to crash your car remotely, there are easier ways to do it and if he wants to do anything else, well, it will probably be easier for him to run you off the road, kill you, and steal the keys.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Disable the external antennas except for the radio, and make sure to install a bandpass filter for just the AM and FM bands. Everything else gets disabled. Onstar antennas are antennas. Without the lead running to the antenna, no Onstar. I don't think the inability to contact mother ship is yet a requirement to have the vehicle operate (yet).
The corvette wasn't hacked, they hacked an OBD-2 dongle that was stuck connected to it - entirely different thing. And electronic access systems for opening your car with an RC have apparently all been hacked or are less than safe. Keyless Go cars can be opened with a proxy attack. So where does that leave you?
If you buy an old car, the thief can just open it and steal it the old fashioned way. So pick the car you want and stop thinking about stuff like this, it's useless anyway. If someone wants to steal your car, they'll do it. Either electronically or mechanically.
If a train station is a place where a train stops, what's a workstation?
Old cars are a pain in the ass, and only allowed to continue to stink up the roads because they're so pretty. You're exposing yourself to regulatory changes and very high maintenance if you go that way.
Of modern cars, accept the existence of vulnerabilities and choose the manufacturer who handles them best. So far, only Tesla has done Over-The-Air updates - everyone else makes you drive your physical car to the physical garage like some kind of physical being in a physical medium. Cavemen!
(OTA updates getting, themselves, hacked, is mostly an academic worry)
if lead could shield kryptonite, xray, then probably a little wifi bluetooth shouldn't be a problem. just don't do the VW ad and try to lick it.
not to mention no text or phone call would interfere with your driving.
They may not recognize it as a car.
mfwright@batnet.com
I have a 1999 camry with 221,000+ miles on it - just finished a 2000 mile trip from Chicago to Denver and back. It runs like a Swiss watch, gets 30+ mpg on the road, and its computer is not accessible via WiFi or the internet. I'll get rid of it when it falls to pieces, which may be a LONG time! After all those miles, it still only burns a quart of oil every 3-4000 miles.
It is a 2002 Rio with 55000 miles....I never go anywhere. You might need to vacuum the floor mats.... The most advanced tech in that car is the fuel injection, the digital odometer and the FM radio. It is a stick shift, has cranks for the windows, no central locking, and none of that hackable entertainment and computer crap in it. It will be a sad day when I have to let go of it. Maybe I should take the bus instead then....