Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researcher Hacks Self-Driving Car Sensors

Posted by samzenpus on from the take-the-wheel dept.

An anonymous reader writes: Jonathan Petit, security researcher at Security Innovation, has created an electronics kit that costs only $60, which can flood LiDAR sensors on self-driving cars with a laser beam that contains fake data, making them think they have objects in front of them. This forces the self-driving car to slow down and sometimes abruptly stop. Affected cars include all manufacturers that deploy LiDAR sensors. As of now, Google and Apple are affected. According to this article, so may be Toyota's upcoming car.

10 of 122 comments (clear)

  1. Throwing a puppy in front of the car by prasadsurve · · Score: 4, Insightful

    Throwing a puppy in front of the car will also achieve the same result.

    1. Re:Throwing a puppy in front of the car by JaredOfEuropa · · Score: 4, Funny

      For better results: puppies with frikkin' lasers attached to their adorable little heads.

      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
  2. Informative by monkeyxpress · · Score: 4, Insightful

    Great. I now know that a company called ‘security innovations’ is basically a front for a bunch of marketing and PR muppets who will sell you some snake oil attached to whatever is the latest media feeding frenzy using fear and misinformation.

    I could go down to my local motorway junction with a pocket full of laser pointers right now and cause a whole lot of human-driven cars to have to slow down and enter a safety mode. I'm pretty sure I would get arrested for doing this, and I doubt the outcome for someone doing this to driverless cars will be any different. No doubt it will be drones with lasers next week.

  3. Apple is effected? by SeaFox · · Score: 4, Insightful

    [citation needed]

    At this point, Apple's auto project is still officially rumor and the idea of it being self-driving, and using LIDAR technology, has not been confirmed either.

  4. Re:Yet another attack vector by Derekloffin · · Score: 5, Interesting

    Indeed. While this might be interesting in the future, as is it is kinda a 'so what' kind of thing. Human drivers are even more easy to disorient and in generally far more seriously, and the car is just slowing down or coming to a halt, something you can also accomplish with putting a cheap obstacle in its path. Now, if they can get it to speed up or ignore obstacles then that would be concerning.

  5. Re:Thats the usual problem with any radar system. by arglebargle_xiv · · Score: 5, Insightful

    Nearly all of them (from sonar, radar, lidar...) all are susceptible to various interference techniques.

    For LIDAR it's actually not that hard to counter, instead of emitting a continuous series of pulses you emit a pseudrandom sequence. Anything that comes back that's out-of-sequence gets rejected. Since the attacker can't predict the sequence, they can't send back fake signals in the same order (assuming you're not using a crappy random number generator).

  6. Not really news by Chrisq · · Score: 4, Informative

    It's possible to stop trains with even cheaper kits, and this hasn't been a major problem.

  7. Re: Thats the usual problem with any radar system. by arglebargle_xiv · · Score: 4, Interesting

    Remember that you're dealing with something moving at the speed of light here, combined with short distances, so the delays are so minute that you need exotic techniques like optical heterodyne detection at the receiver to measure nanosecond-level differences. In fact I'm surprised the replay attack worked at all, I'm guessing the receivers were incredibly permissive in how they treat incoming signals, given that you'd (theoretically) need nanosecond-level synchronisation for it to work.

  8. Friendly vs. unfriendly environment by gweihir · · Score: 5, Insightful

    Ordinary engineering and typical engineers assume a friendly environment, i.e. the absence of intentional sabotage and hacking. This state of affairs is not true with globally networked infrastructure and sensors operating outside of protected spaces. What these people lack is what Bruce Schneier calls "the security mind-set". It involves not only thinking about how things can be made to work, but also how they can be intentionally broken and subverted. Having it is critical. That most people designing software and software-driven systems these days do not have it the main reason why IT security is in such an abysmally bad state these days.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  9. Re:Thats the usual problem with any radar system. by dotancohen · · Score: 4, Insightful

    For LIDAR it's actually not that hard to counter, instead of emitting a continuous series of pulses you emit a pseudrandom sequence. Anything that comes back that's out-of-sequence gets rejected. Since the attacker can't predict the sequence, they can't send back fake signals in the same order (assuming you're not using a crappy random number generator).

    I'm pretty sure that's how the Enterprise D was destroyed. Just make sure that the LIDAR frequency isn't displayed prominently on the dashboard.

    --
    It is dangerous to be right when the government is wrong.