Car hacking

Status
Not open for further replies.
Quattro Pete

Quattro Pete

Joined
Oct 30, 2002
Messages
42,371
Location
Great Lakes
Quote:
The nightmare scenario: Hackers access your car's core controls by breaching its Internet-connected entertainment system and tamper with your brakes.


http://money.cnn.com/2014/06/01/technology/security/car-hack/index.html?hpt=hp_t3

Sounds more like a fear mongering piece, but it seems the way to make any headlines these days is to blow any potential risk out of proportion. Still, at some level there certainly is a risk... I'd like to think that car manufacturers aren't that stupid and are thinking of these risks and have or will soon have ways to address them. Or am I being too optimistic?

Personally, I'm more worried about a non-hack related system malfunction that has safety-related consequences...
 
I have a buddy who does some work for this very thing for a few car companies. It is blown up a bit, but much of it does hold true.

When he could get into and start a car with his phone, it kinda says a bunch.....
 
Say yes to simpler vehicles!
I am glad this is not possible with a car like mine. Maybe I'll keep my SI until I die at the rate the auto industry is going.
 
Oh how I love my older vehicles that don't have a computer operating every little thing in the car. Especially when it isn't really necessary to do so.
 
About a week ago, Google made headlines with their self-driving car. As you know, everything is controlled by something other than a driver. They have some demos in operation, but are limiting them to about 30 MPH "for safety sake".
It will be really interesting when all cars are driverless and the system gets hacked.
 
Originally Posted By: SLCraig
Say yes to simpler vehicles!
I am glad this is not possible with a car like mine. Maybe I'll keep my SI until I die at the rate the auto industry is going.


I think one of these articles said anything with OBDII and up is potentially hackable:

Comprehensive Experimental Analyses of Automotive Attack Surface

Experimental Security Analysis of a Modern Automobile

Car-hacking: Remote access and other security issues

My vehicles are not exactly late model: 2001, 2000, 1999, 1997. But I want something a lot older for simplicity, maybe a 1960s car or even a Model A Ford!
 
Originally Posted By: TallPaul
I think one of these articles said anything with OBDII and up is potentially hackable

Realistically, hacking or not, some of this stuff has to be simplified. Having a pretty darned decent audio system doesn't require Microsoft's involvement, or internet radio, or a giant library of music, or iTunes. Nav systems are getting a little too ridiculous. They are supposed to supplement and/or replace maps, not be the master of ceremonies for an evening of entertainment and destinations.

Unless it's doing something concrete, like helping fuel economy or emissions, all it's doing is adding content bloat.
 
Originally Posted By: TallPaul
Originally Posted By: SLCraig
Say yes to simpler vehicles!
I am glad this is not possible with a car like mine. Maybe I'll keep my SI until I die at the rate the auto industry is going.


I think one of these articles said anything with OBDII and up is potentially hackable:



That's more fear spreading. It's like saying "anything with a circuit board can be hacked". Should we fear for our fridges and microwaves now?

In order to hack something you need to establish a connection, weather physical or through a wireless data stream. If no such connection can be established, then you cannot take control over the system.
Most venerability does not come from OBDII, but from the infotainment systems and smartphone connectivity, as those support wireless connections and are largely unsecured. I guess RFID keys could be exploited, but those are extremely short range devices, making it hard to do anything with them outside of the vehicle.
 
The problem that controlled tests do not address is the process of identifying a target to attack. Okay, so your car might be connected to some network or another, either via satellite or cell towers. But it isn't like you can be driving along and some guy in the car behind you breaks out his laptop and pwns your ECU. Your car is one of millions to billions of potential targets, even if physical vehicle is right in front of you finding the network connected electronic "front door" is like finding a specific needle in dump truck full of needles.

At worst you'll get Rick-rolled by someone via a Bluetooth vulnerability.
 
The Forbes article mentioned that the "hackers" were using the data port to manipulate the brakes and other features of the cars. Well, I'm here to tell you that if my ABS was acting up, either by accident or by hacker, I'd switch the ignition off. This would disable the ABS control and return braking to manual. It may be stiff as a board (if no vacuum is left in the booster), but it would be a far cry better than no brakes at all.

Really, I think that it applies to most any instance of electronic gremlin inhabitation. Kill it... No power, no gremlin.

Naturally other things need to be considered, like possible locking of the steering column, but it has to be better than the alternative. Where it would get really interesting is with the cars that have push button start/stop. Those communicate via the bus system, as does the shifting. That could be a real bummer.
 
Originally Posted By: The_Eric
Naturally other things need to be considered, like possible locking of the steering column, but it has to be better than the alternative. Where it would get really interesting is with the cars that have push button start/stop. Those communicate via the bus system, as does the shifting. That could be a real bummer.

Even the push button starters have a fail safe, if I recall correctly, by holding them down for a certain period, just like a locked up computer.
 
Originally Posted By: Garak
Even the push button starters have a fail safe, if I recall correctly, by holding them down for a certain period, just like a locked up computer.

Unless the hacker over rides it...
 
Excellent Topic
smile.gif
!
Like mentioned earlier, anything wireless opens up vulnerability into ANY system.

I can't find it for the life of me, but there was a group a few years ago that posted videos showing them using a smartphone to turn on the windshield wipers and activating/deactivating the ignition system. They stated the way they ported into the car was through the TPMS sensors (utilizing their wireless data transmission), which allowed them to root to the main computer. However, someone will not be able to do this next to you at a red light, before that light turns green - at least for now. It's just all blown out of proportion.

Quote:
That's more fear spreading. It's like saying "anything with a circuit board can be hacked". Should we fear for our fridges and microwaves now?

Say yes to new "smart fridges". Yet another way to get into your home network!

Quote:
I guess RFID keys could be exploited, but those are extremely short range devices, making it hard to do anything with them outside of the vehicle.

RFID is relatively unsecure and readily available to purchase the programmers. All you need is the transmission frequency and an RFID programmer, and you could do some damage. There's more to that, but I won't get into specifics and give others ideas, lol!

The one thing that the automakers got right, was limit the range of acceptable transmission for use with the car. An active RFID system has a frequency dependent range of ~10-25 feet. Using strength of signal, they are able to limit the use of the keys.
 
Uh, oh... now the government is getting involved, and it goes beyond security issues...

http://money.cnn.com/2015/02/09/technology/security/car-hack/index.html

Quote:
The inside of your car just isn't the personal haven it used to be. In fact, this report shows that at least five car makers track your physical location "at regular intervals," your car's speed and fuel, and the exact details of how you steer, hit the brakes, and use your seat belt.

[...]

The senator's staff found that 50% of car makers collect and transmit driving history to computer servers somewhere. And auto companies assert a right to share your information with marketers.
 
Originally Posted By: Quattro Pete
Uh, oh... now the government is getting involved, and it goes beyond security issues...

http://money.cnn.com/2015/02/09/technology/security/car-hack/index.html

Quote:
The inside of your car just isn't the personal haven it used to be. In fact, this report shows that at least five car makers track your physical location "at regular intervals," your car's speed and fuel, and the exact details of how you steer, hit the brakes, and use your seat belt.

[...]

It sucks that so much tracking and hacking is possible or happening, the easiest answer is to buy an older vehicle with less tech.

The senator's staff found that 50% of car makers collect and transmit driving history to computer servers somewhere. And auto companies assert a right to share your information with marketers.
 
Status
Not open for further replies.

Similar threads

dogememe
  • Locked
Rental Car Review: 4 Days with a Tesla Model 3 Performance
2 3 4
Replies
66
Views
12K
sk_pete
P
~2 month review - 2012 Jetta Sportwagen TDI (CPO)
Replies
18
Views
5K
BLND1
T
  • Locked
Best Way To Desludge This New-To-Me Dodge Dakota w/4.7L V8?
3 4 5
Replies
80
Views
30K
Astro14
OVERKILL
  • Locked
Automotive Firmware updates - who does them?
Replies
14
Views
3K
artificialist
StevieC
Oxygen Sensors - How they work & basic diagnosis
Replies
17
Views
5K
partspro
Back
Top