Slashdot Mirror
Researcher Hacks Self-Driving Car Sensors
An anonymous reader writes: Jonathan Petit, security researcher at Security Innovation, has created an electronics kit that costs only $60, which can flood LiDAR sensors on self-driving cars with a laser beam that contains fake data, making them think they have objects in front of them. This forces the self-driving car to slow down and sometimes abruptly stop. Affected cars include all manufacturers that deploy LiDAR sensors. As of now, Google and Apple are affected. According to this article, so may be Toyota's upcoming car.
Throwing a puppy in front of the car will also achieve the same result.
Great. I now know that a company called ‘security innovations’ is basically a front for a bunch of marketing and PR muppets who will sell you some snake oil attached to whatever is the latest media feeding frenzy using fear and misinformation.
I could go down to my local motorway junction with a pocket full of laser pointers right now and cause a whole lot of human-driven cars to have to slow down and enter a safety mode. I'm pretty sure I would get arrested for doing this, and I doubt the outcome for someone doing this to driverless cars will be any different. No doubt it will be drones with lasers next week.
You can buy a simple point laser for less, for hacking the visual systems of the human driverâ"hopefully making the driver stop, but maybe at times not.
But the attack itself seems interesting, though it seems it is possible to fix the issue with new hardware. Good research!
[citation needed]
At this point, Apple's auto project is still officially rumor and the idea of it being self-driving, and using LIDAR technology, has not been confirmed either.
So LiDAR sends out a laser beam, then looks at reflections. It makes sense this can be flooded - just pick up the signal and send it back amplified, and it seems there's something really close. I assume at least they're looking for brightness rather than timing (distance travelled is very short and light is very fast) to determine the distance of an object.
This makes me wonder. Would it be possible for cars to pick up signals from other cars, and react to them?
Anything to prevent this from happening - and so also prevent such a disturbance attack from working?
Nearly all of them (from sonar, radar, lidar...) all are susceptible to various interference techniques.
For LIDAR it's actually not that hard to counter, instead of emitting a continuous series of pulses you emit a pseudrandom sequence. Anything that comes back that's out-of-sequence gets rejected. Since the attacker can't predict the sequence, they can't send back fake signals in the same order (assuming you're not using a crappy random number generator).
Exactly. Why would anyone spend $60 on electronics that (only) stops self-driving cars? If you need to stop cars for legitimate reasons, then a "stop" sign is sufficient. Self-driving cars are programmed to stop in a safe way when they encounter one of those (as are human drivers). If you want to stop cars because you're an asshole, then any reasonably large object will work on both self-driving and human-driven cars.
These are no reason to stop for this confused signal, while a puppy is a real reason. The two situations are thus not comparable.
To be clear why, what if the signal is not of malicious intent? What if its a laser from another self driving car? What if its a laser used for other purposes? Like 3D mapping, lights shows or games?
So they have to encode their signals so they can tell their signals from others signals.
It's possible to stop trains with even cheaper kits, and this hasn't been a major problem.
There is jail and police for these kids. The real problem is not with kids, it is with car hijackers, thefts and other criminals. Kids can be handled easily with the appropriate level of repression.
Achille Talon
Hop!
Remember that you're dealing with something moving at the speed of light here, combined with short distances, so the delays are so minute that you need exotic techniques like optical heterodyne detection at the receiver to measure nanosecond-level differences. In fact I'm surprised the replay attack worked at all, I'm guessing the receivers were incredibly permissive in how they treat incoming signals, given that you'd (theoretically) need nanosecond-level synchronisation for it to work.
Ordinary engineering and typical engineers assume a friendly environment, i.e. the absence of intentional sabotage and hacking. This state of affairs is not true with globally networked infrastructure and sensors operating outside of protected spaces. What these people lack is what Bruce Schneier calls "the security mind-set". It involves not only thinking about how things can be made to work, but also how they can be intentionally broken and subverted. Having it is critical. That most people designing software and software-driven systems these days do not have it the main reason why IT security is in such an abysmally bad state these days.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
> I'm guessing the receivers were incredibly permissive in how they treat incoming signals.
I would not be at all surprised, as this technology is, or was until recently, in development.
First making it work and then hardening it is not a bad strategy, as long as you actually do the latter - and it is a good idea to think about how you would do it before you need to.
For LIDAR it's actually not that hard to counter, instead of emitting a continuous series of pulses you emit a pseudrandom sequence. Anything that comes back that's out-of-sequence gets rejected. Since the attacker can't predict the sequence, they can't send back fake signals in the same order (assuming you're not using a crappy random number generator).
I'm pretty sure that's how the Enterprise D was destroyed. Just make sure that the LIDAR frequency isn't displayed prominently on the dashboard.
It is dangerous to be right when the government is wrong.