Car Hacking

For discussions about security.
Post Reply
Message
Author
labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Car Hacking

#1 Post by labbe5 »

Cruising and Browsing A Bad Match

Chris Valasek and Charlie Miller have created a cottage industry out of car hacking. For two years, they’ve been more than a passing curiosity at hacking conferences with their research looking at the soft spots inside modern automobiles outfitted with Bluetooth and other means of connectivity. They’ve even made for some good TV with a backseat driving exhibition where they took control of a vehicle’s steering and braking. While these proof-of-concept types of exploits are neat, the real risk is closer than we know as car builders are starting to outfit vehicles with full-fledged web browsers. The 2015 Volvo V60 T6, for example, promises a full browser built into the dash. So let’s not be so quick to dismiss car hacking as a novelty; it could soon be a click away.

Watch out folks, your car could be driving you crazy if an hacker takes control of it.

Seven Things to Watch for in 2015

Healthcare Data is the New Credit Card Number
Move Over Heartbleed, Bash, POODLE
The Blurring Line Between Crime and State Espionage
An End to Victim Shaming
Win With Privacy
Retail, Retail, Retail
Cruising and Browsing A Bad Match

For more information about security topics above, just click the link below.

http://digital-era.net/seven-things-to- ... position=1

rokytnji
Posts: 2262
Joined: Tue 20 Jan 2009, 15:54

#2 Post by rokytnji »

I drive antique trucks and motorcycles built by me.

So am not afeared.

Besides. My Blue Cross Blue Sheild insurance was probably hacked already so I am covered in the being hacked dept. :wink:

User avatar
Ted Dog
Posts: 3965
Joined: Wed 14 Sep 2005, 02:35
Location: Heart of Texas

#3 Post by Ted Dog »

But I own a big Texas truck with half its recalls software related big tires and sweet ride I could run you over 'accidentally' caused by software bug and never hear it thanks to the sound proof glass. :evil:

Feel safe now?

wboz
Posts: 233
Joined: Wed 20 Nov 2013, 21:07

#4 Post by wboz »

"for more information on security topics click the link?" hehehe

rokytnji
Posts: 2262
Joined: Tue 20 Jan 2009, 15:54

#5 Post by rokytnji »

Feel safe now?
Always. Because I am used to rubber necker drivers in TX.

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

Re: Car Hacking

#6 Post by Sylvander »

labbe5 wrote:Watch out folks, your car could be driving you crazy if an hacker takes control of it.
Journalist Michael Hastings Dies in Fiery Crash
The FBI Murdered Journalist Michael Hastings Before He Reavealed New Government Info.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#7 Post by 8Geee »

Big "60 Minutes" exposee on this topic last night (Sunday). DARPA is your friend. Next it will be houses that are compromised.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

wboz
Posts: 233
Joined: Wed 20 Nov 2013, 21:07

#8 Post by wboz »

It's an absolutely valid concern. Most automakers have "no plan at all" on how to respond to a successful hack. And why would they? They don't make the systems, they just buy them ... from the lowest bidder ...

wboz
Posts: 233
Joined: Wed 20 Nov 2013, 21:07

#9 Post by wboz »

It's an absolutely valid concern. Most automakers have "no plan at all" on how to respond to a successful hack. And why would they? They don't make the systems, they just buy them ... from the lowest bidder ...

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

The Full Senate Report Shaming Automakers On Security

#10 Post by labbe5 »

http://digital-era.net/heres-the-full-s ... -security/

Carmakers are not at the forefront for safety measures. Generally speaking, governements have to forcefully impose safety measures to carmakers.

Pollution control has been lagging for years, just because it was costly to redesign cars, in order for them to pollute less. That is a big health and safety measure.

This time again, carmakers are willing to let go cars on the roads without proper safety measures, hackers being able to take control of critical parts of a vehicule, steering wheel and brakes, via wifi, bluetooth, etc.

Since hackers first began demonstrating that they could take over cars’ digital systems to slam on brakes or hijack steering, most automakers have done everything they can to avoid publicly discussing whether their vehicles are vulnerable. Massachusetts Senator Edward Markey, however, has demanded answers on that car-hacking question. Now he’s released his findings: the answers are messy at best, and dangerous at worst.

Markey’s report first came to light in a 60 Minutes episode Sunday night that showed an unnamed car’s brakes being remotely disabled by a DARPA hacker.

Markey’s investigation was inspired when DARPA-funded hackers Charlie Miller and Chris Valasek demonstrated—with me behind the wheel—that they could cut a Ford Escape’s brakes, slam on a Prius’ brakes, monkey with the cars’ steering, and much more.

Above is the full article about a Senate report on the subject.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#11 Post by 8Geee »

That was truly scary, and downright dangerous. DARPA, my buddy in the gov'ts pocket can take you for a ride. Very creepy. Reminds me of mobster-movies.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Connected Cars Could be a Threat to National Security

#12 Post by labbe5 »

https://www.securityweek.com/connected- ... oup-claims

The connected car is a mobile IoT device, similar but larger and potentially more dangerous than unmanned aerial vehicles (UAVs, or drones). In this latter case, Matt Rahman, COO at IOActive, recently told SecurityWeek, "where is the safety? For example, if you had a high-profile VIP, you could identify that person and crash the drone into his skull." Similar but greater damage could be done by a, or multiple hacked connected cars.

First and foremost, it recommends that cars have a 'kill switch' so that drivers can instantly disconnect from the internet.Other recommendations include greater transparency around safety certifications and testing methodologies; CEOs to be held personally legally liable for the cyber security status of the cars; and "a general standard protocol that cars not be connected to wide-area networks until they can be proven immune to hackers." That last will be difficult. History tells us that if something has software, it can be hacked; and if it has internet connectivity, it can be hacked remotely. The secret is in making it as difficult as possible.

Europe is moving faster than the US to declare de-facto standards that help car manufacturers to protect their driver-assist (ADAS) controllers against cyberattacks," Barzilai added. "FCA, Audi, BMW, Daimler, and VW recommended in a 'Safety First' publication (which was released on July 3rd 2019) to use Control Flow Integrity (CFI) to ensure that deviations from factory settings are automatically detected and prevented and hackers are shut out of the car, without relying on consumers’ reaction."


Further reading :
Yet Another Study Shows The Internet Of Things Is A Privacy And Security Dumpster Fire
When we used a smart TV for just 15 minutes, it connected with a staggering 700 distinct addresses on the internet.
There is no market solution, because the insecurity is what economists call an externality: It's an effect of the purchasing decision that affects other people. Think of it kind of like invisible pollution."


In other terms : costs of doing business. It is true for IoT security as well as for cars and firearms.

Firearms casualties and deaths=costs of doing business; casualties and deaths from car accidents=costs of doing business.
https://www.techdirt.com/articles/20180 ... fire.shtml
Last edited by labbe5 on Fri 09 Aug 2019, 11:58, edited 1 time in total.

User avatar
tallboy
Posts: 1760
Joined: Tue 21 Sep 2010, 21:56
Location: Drøbak, Norway

#13 Post by tallboy »

I realize that I have my origin back in the stone-age! :?
My newest car is a 34 year old Mercedes W123 Wagon, the oldest is a 42 year old Dodge Wagon. The tool needed for hacking them hasn't even got a keyboard, it is a pickaxe! :lol:
My neighbor's son has his new Tesla here in Norway, while he is finishing his jobs abroad. His father has played around with the Tesla, so he sent his father a text message that he should slow down, he had seen that he had broken the speed limit on a couple of occasions. He sent that from Dubai! :shock:
True freedom is a live Puppy on a multisession CD/DVD.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Arrival

#14 Post by labbe5 »

https://arrival.com/


Further reading :
This Company Will Pay Half The Money So You Can Drive Its Electric Cars
https://fossbytes.com/arrival-electric- ... cs-launch/
Royal Mail unveils new electric truck made by Arrival
https://electrek.co/2017/08/23/royal-ma ... k-arrival/

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#15 Post by rufwoof »

tallboy wrote:My neighbor's son has his new Tesla here in Norway, while he is finishing his jobs abroad. His father has played around with the Tesla, so he sent his father a text message that he should slow down, he had seen that he had broken the speed limit on a couple of occasions. He sent that from Dubai! :shock:
Good relationship. Sour relationship and he might have had the car being accelerated towards red lights :twisted:
[size=75]( ͡° ͜ʖ ͡°) :wq[/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]

Post Reply