obd2 port virus?
- Thread starter Chris19
- Start date
Can you not write data to the cars computer through the OBD2 port? If not how are you able to clear codes.
Unlikely. As someone who works on embedded systems and designs CAN based engine control panels, the app would have to have specific knowledge of how to modify the ECU's programming. Since different manufacturers can use different microcontrollers or processors while still meeting OBD II standards, the specific means every manufacturer takes to re-flash their ECU through the OBD II port is highly variable. Even the control panels I design have had to go through a couple iterations using different microcontrollers that have very different means of programming their internal flash, the protocol we use to flash our modules over CAN is of our own design, and somebody would have to have very intimate knowledge of our hardware design to re-flash our modules with some kind of malware.
Lots of people brick their VAG cars coding modules with VCDS, but that’s not a virus.
What Dave wrote... someone would want to mess up your car to have this happen. You'd have to defeat some level of encryption-- the EPA doesn't want just any joe blow tuning his car.
But there are bad actors hacking the car's network to do stuff like stealing the car so it's not something completely out of bounds.
As far as apps go, there are app makers that go through significant licensing expense and/or reverse engineering to make workable apps-- a malevolent force with that sort of R&D budget could just make an honest living.
But there are bad actors hacking the car's network to do stuff like stealing the car so it's not something completely out of bounds.
As far as apps go, there are app makers that go through significant licensing expense and/or reverse engineering to make workable apps-- a malevolent force with that sort of R&D budget could just make an honest living.
I have seen apps for only one car brand so it makes you wonder if they are targeted and they look to good to be true promising to do what a $2000 scanner can do.
For example there are copies of toyota tech stream for sale on ebay and videos of people using it on brand new trucks seems stupid and risky considering how much a new truck cost.
For example there are copies of toyota tech stream for sale on ebay and videos of people using it on brand new trucks seems stupid and risky considering how much a new truck cost.
Depends on the car. Some have an encrypted PCM/ECU, some like pretty much any Mopar product 2016+ has an encrypted PCM that cannot be decrypted by anything handheld (yet) AND a security gateway.
The gateway will allow you to clear codes, but not much else. Can’t even use AlfaOBD to change BCM (programming new keys, changing tire size, etc) settings with the security gateway in place despite the BCM not being encrypted.
And yes, it’s very much a “proceed at your own risk” with these higher level apps/scanners/software. You can easily brick the vehicle and have to have it towed to a dealer for a reflash.
Okay, yeah, technically someone could possibly "infect" a vehicle's system. On the other hand, using your example, "clearing a code" doesn't necessarily mean that you can write random data to the OBDII system. Clearing the code may only be a "toggle".
Bigger question is: Why ? What's the advantage of writing a virus for this ? There's no financial benefit, i.e. banking details, credit card information, etc. Macs can get virii as can Linux systems, but very few people bother. The market (# of systems) is just tiny compared to Windows.
Similar threads
