|
Hacking a Jeep's electronic control systems
A few years ago these same hackers did this same thing with a Prius, but at that time they had to be in the car, plugged into the system. This attack was wireless.
Hackers Remotely Kill a Jeep on the Highway j |
...and they (those guys) probably *learned* the trick from their NSA "handlers" (wink,wink).
|
Quote:
|
Quote:
|
Fiat Chrysler Recalls 1.4 Million Autos To Fix Remote Hack - Slashdot
Quote:
Quote:
Many vehicles have multiple CAN buses, looking at you Tesla Model S. |
Quote:
But as more and more cars are moving towards being connected ("That's the dream, to have wifi in the car") it will become increasingly difficult to find cars that are immune to hacking... I think all critical functions (powertrain, brakes, steering, etc) need to be on their own separate CAN bus that is air-gapped from any other CAN bus in the car. Simply having multiple CAN buses doesn't fix the problem if they can still communicate with each other. |
I'm such a paranoid that when I got my 1971 VW Superbeetle, I took the AM radio out. :) ...but true.
This is fascinating. From the 30th Chaos Communication Conference, this guy just wanted to add his own menu to the dashboard of his VAG car. https://www.youtube.com/watch?v=7h7LWeET1fI It's an hour long, but from 22:11 to 23:43 there is a good CAN Bus Crash Course. There are dominate and recessive bits; collisions aren't detected, they are arbitrated. After that there is a lot of hackers laughing in the audience and it goes right down the rabbit hole. |
Quote:
If not... Well, at least it's likely to save me quite a bit of money I otherwise might spend on buying newer cars :-) |
FYI...ANY system that permits external INPUT via ANY communication link (hard- or soft-wired) is susceptible to hacking. And, this is especially true of 'new' car technologies designed to enable the manufactures to 'listen' to vehicles as they're being driven for (supposedly) "engineering" analyses only (sure!)...because the SAME commands they use to 'test' subsystems (brakes, steering, ignition, lights, etc.) can be likewise "controlled" by a hacker. And, most car companies (currently) use NO security protection against "outside" takeover and control by hackers...all it's ALL done via satellite link!
|
Here is a DIY approach to threat assessment:
Car Hacker's Handbook And here's what the manufacturers are doing: Firewalls can't protect today's connected cars | Computerworld http://images.techhive.com/images/ar...large.idge.png There's your problem. This diagram from the above link disagrees with the above video, which at 5:00 shows a similar block diagram that inserts a CAN Gateway before the OBDII port. |
Since nobody writes 100% perfect software code to begin with -- and such 'half-donkey-ed' code is *HOW* hackers gain entry & control -- that is *why* self-driving autonomous vehicles will NEVER grace my garage...nor will I knowingly ride in one.
|
That is why I own a 1984 Gmc Diesel pickup. There is nothing computerized on that truck. I also have a point ignition 68 Chevy pickup. Two fuel choices and no computer!
|
Quote:
Quote:
Fail! Demo of Volvo pedestrian safety system goes terribly wrong | www.krmg.com Motto: know what's under your hood. Meanwhile I have a mechanical fuel pump, cable-driven speedometer and electrical gas gauge and warning lights. The speedometer and gas gauge are both inaccurate. |
I do not know how anyone could hack my Civic. I am more worried about Frank Lee figuring out where I live and asking to borrow a cup of sugar.
|
If he showed up at my door wearing that Ed Roth hat, it would be worth a cup of sugar.
|
Quote:
Quote:
Wait... what was the topic of this thread again? :) |
From http://thehackernews.com/2015/07/car-hacking-jeep.html
Edit: I watched the Script Your Car video again and learned some new things. In a non-OBDII RV, like a cedar cabin on an old log truck or even a 'tiny house', rather than plug in an old PC; you could get a VAG CAN bus controller for 200(euros? plus a daughtercard upgrade and added USB port) and have a CPU from a Nokia smart phone and another CPU from an Android tablet running Linux in OEM-grade automotive components. He demonstrates this running on the podium from a regulated 12v power supply—3G, Wi-fi hotspot, audio streaming over Bluetooth, voice synthesis and recognition, &etc. The CAN bus controller runs Linux, but they never delivered the source code with the car—a clear violation of the GPL. Lots of hacker mirth at that. There's a lot about the BAP (display controller) and something called D-Bus I still don't get. |
Quote:
And if the software in cars bothers you, don't even think about the typical commercial airliner :-) |
...yeah, I know, I was a "flyer" in USN...but my planes all used reciprocating engines and NO computers except us human-cargo "computers" (ha,ha).
|
It's just too easy.
Corvette's brakes hacked via insurance company device Insurance dongle frequently used by Uber could be hacked regardless of vehicle make |
Jack Rickard puts the whole Jeep thing down to an attack on your right to repair your own vehicle:
Quote:
He was amused by the Tesla hack because they went in through an Ethernet port in the infotainment subsystem to get to the CANbus and then couldn't do much; while two feet away is a port with CAN high and low and he sells the tool to read and inject any CAN messaging you choose. Right now he's working on smoothing out the regen at differing speeds. |
Replying to myself to bump the thread.
Highway to hack: Why we’re just at the beginning of the auto-hacking era Ars Technica on the institutional impediments to good security in moving vehicles. It highlights how Tesla's outsider status allows it to re-imagine how security works. Quote:
Quote:
|
| All times are GMT -4. The time now is 03:27 AM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
Content Relevant URLs by vBSEO 3.5.2
All content copyright EcoModder.com