Announcement

Collapse
No announcement yet.

All your cars are belong to us

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

    All your cars are belong to us

    Scientist banned from revealing codes used to start luxury cars

    A British-based computer scientist has been banned from publishing an academic paper revealing the secret codes used to start luxury cars including Porsches, Audis, Bentleys and Lamborghinis as it could lead to the theft of millions of vehicles, a judge has ruled.
    http://www.guardian.co.uk/technology...ing-codes-cars


    Hackers Reveal Nasty New Car Attacks
    http://www.forbes.com/sites/andygree...e-wheel-video/
    Team Black Jack

    __________________________

    So, that's all good.

    #2
    Yeah, automakers need to tighten their security methods drastically.
    "I don't care who does the electing, so long as I get to do the nominating" -Boss Tweed

    We’ve gone from 'Hope and Change' to 'Hope and Change Your Story.' -Bill Maher

    Comment


      #3
      Yeah I had a very good conversation with a computer scientist friend of mine about the problems of mobile Internet/infotainment systems in cars and the dangers without keeping the infotainment and ECU systems separate...
      ^My Flickr Page^_______________________________^My Blipfoto 'Photo Every Day' Page^

      Comment


        #4
        [...]They [the scientists] argued that "the public have a right to see weaknesses in security on which they rely exposed". Otherwise, the "industry and criminals know security is weak but the public do not".
        solid argument. Trying to keep the lid on this is not helping. Fix the bloddy problem VW, not try to make it seem like there was none.

        beautiful language - milk&water - baseball vs. football - best god in show

        Comment


          #5
          Car key immobiliser hack revelations blocked by UK court
          http://www.bbc.co.uk/news/technology-23487928
          Team Black Jack

          __________________________

          So, that's all good.

          Comment


            #6
            Your car's computer system can be hacked with off-the-shelf parts
            http://www.engadget.com/2014/02/06/y...off-the-shelf/
            Team Black Jack

            __________________________

            So, that's all good.

            Comment


              #7
              Any more info on that? The article was disappointingly light on details. "five minutes" to connect to a car, but do they mean from the outside? Inside the car? The capabilities of the device also don't seem serious enough for the automakers to care, although I imagine they're saving the juiciest bits for the conference.
              "It's not long enough to use in bed." -rickhamilton620

              Comment


                #8
                Originally posted by chaos386 View Post
                Any more info on that? The article was disappointingly light on details. "five minutes" to connect to a car, but do they mean from the outside? Inside the car? The capabilities of the device also don't seem serious enough for the automakers to care, although I imagine they're saving the juiciest bits for the conference.
                I think the article means access to the car is necessary once to connect the device. From there, it's not complicated at all - hook up a controller (maybe raspberry pi-based to keep costs down), combine with wireless LAN, have fun.
                Battered and weary after the craziness of the 1960s, the self-righteousness of the 1970s and the greed of the 1980s, I want to go home again, oh, so desperately - home to that land of drive-in restaurants and Chevy Bel-Airs, making out and rock 'n' roll and drag races and Studebakers, Elvis and James Dean and black leather jackets. Not that I ever owned a black leather jacket.
                (Roger Ebert)

                |

                Comment


                  #9
                  Bit more here
                  http://www.forbes.com/sites/andygree...o-demonstrate/

                  Letter A Senator Sent To 20 Auto Makers Demanding Answers On Car Hacking Threats (2013)
                  http://www.forbes.com/sites/andygree...cking-threats/

                  Think they might have used this
                  https://github.com/fjvva/ecu-toolhttps://twitter.com/algillera

                  Javier Vazquez Vidal
                  https://twitter.com/fjvva
                  Last edited by jack_christie; February 7th, 2014, 11:13 AM.
                  Team Black Jack

                  __________________________

                  So, that's all good.

                  Comment


                    #10
                    Silly scientist, when you discover something like this you don't write a paper, you sell your invention to the mafia and get rewarded for your hard work. The mafia in turn makes VW improve their security.

                    Comment


                      #11
                      I'm a computer engineering student and I did some research last semester on the lack of security when it comes to automotive computers. Some are better than others, but they're all pretty poor. If I remember right, Toyota's system (for the same model years as those in the "unintended acceleration" scandal) was particularly awful.

                      Comment


                        #12
                        New BMW cars have security shortcomings that could allow thieves to pop open a victim's flash motor from a smartphone
                        http://www.theregister.co.uk/Print/2..._shortcomings/
                        Team Black Jack

                        __________________________

                        So, that's all good.

                        Comment


                          #13
                          BMW is a pioneer in the area of car-sharing?


                          beautiful language - milk&water - baseball vs. football - best god in show

                          Comment


                            #14
                            Originally posted by Interrobang View Post
                            BMW is a pioneer in the area of car-sharing?

                            Involuntary car sharing, anyway.

                            Comment


                              #15
                              And what was wrong with keys anyway?
                              "I was sad because I had no shoes, until I met a man who had no feet. So I said, Got any shoes you're not using?

                              Comment


                                #16
                                Originally posted by THGL View Post
                                And what was wrong with keys anyway?
                                Apparently not luxurious or complex enough.

                                Comment


                                  #17
                                  This is from 2012, three minutes to take a BMW 1M:
                                  http://www.zdnet.com/hackers-steal-k...eo-7000000507/
                                  Team Black Jack

                                  __________________________

                                  So, that's all good.

                                  Comment


                                    #18
                                    Originally posted by jack_christie View Post
                                    This is from 2012, three minutes to take a BMW 1M:
                                    http://www.zdnet.com/hackers-steal-k...eo-7000000507/
                                    Nothing of value was lost, then.

                                    Comment


                                      #19
                                      That's the digital equivalent of "all you'd need to steal someone's car is to break into their house and steal their car keys!" They mentioned brute-forcing the password, but the system disallows logins after five failed attempts, requiring a phone call to reset, so not exactly something you can just throw a rainbow table at, and repeated account locks would very quickly tell the real owner that something was up.
                                      "It's not long enough to use in bed." -rickhamilton620

                                      Comment


                                        #20
                                        Having worked extensively with CAN at my previous place of employment, I agree that it's not the most secure network protocol. However, 'hacking' it and assuming control is a little bit more involved than as described in the above articles. One needs the CAN database before being able to do anything and that varies between manufactures and can even vary between platform. Of course it is possible to snoop the bus and figure out which message does what but that is incredibly time consuming (I know because I've done it when trying to decipher the CAN messages on competing products) and requires some basic knowledge about bit addressing.

                                        Bosch has already been hard at work to bridge these security gaps in their next standard release.
                                        Originally posted by MadCat360
                                        You've never driven your car hard and you never will. Only a professional racing driver can drive a car hard. Everyone else sucks.

                                        Comment

                                        Working...
                                        X