|
|
|
BOFFINS HAVE FOUND A WAY to take control of a vehicle's computer systems.
The paper, entitled "Experimental Security Analysis of a Modern Automobile" and being presented at a conference next week, shows that a team of researchers were able to gain control of two vehicles through their ODB-II port, a connection that is mandated by the US Government.
It should be noted that this wasn't a remote hack, meaning the researchers had to gain physical access to the vehicle in order to plug into the ODB-II port. To that end the researchers are urging motorists not to panic, and say that they are "unaware of any attackers who are even targeting automobiles at this time."
To demonstrate the effectiveness and potential dangers of the security flaws, in one test the researchers were able to take full control of the braking system of the vehicle. As cars become more reliant on computerised systems, security of their electrical and electronic systems is becoming an increasing factor in the overall safety of the vehicle.
While the researchers tested their system on only two vehicles, the authors say that they have "no reason to believe that the issue is industry-wide." However, due to the ubiquitous nature of the ODB-II port, they probably have no reason to think it isn't industry-wide, either, but they chose not to say that.
Putting this into context, the existing flaws require the hacker to be physically in the vehicle that is to be compromised, meaning the attacker would suffer any ill effects. The researchers also claim that the expertise and equipment required are not trivial.
Nevertheless, this research should serve as a warning for vehicle manufacturers and their suppliers to get the security of their control systems up to scratch, otherwise the automotive industry might risk ending up on the wrong end of a class action lawsuit, again. µ
This can be done with the OBDKey USB, Bluetooth and WiFi units. (http://www.obdkey.com)
i mean odbc has been there since sometime ninetees(?) and from the very beginning always been "used" by thieves to disable car alarms and immobiliser systems. big news, guys. LOL.
This is akin to the old (movie) trick of punturing a brake hose.
Harden the software/communication protocols, you will still be vulnerable to it, and crooks will still be able to design/manufacture a "special tool" for perfectly puncturing a hose.
When evaluating technology, Id consider jacking your car kind of a moot point w/the Government due to the tanks, bombs, machine guns, jet fighters and endless amount of idiots who want to use them on whomever they tell them too.
It's OnBoard Diagnostics, not Ol' Dirty Bastard.
It's fairly well written, easy to read (not full of jargon) and very eye-opening. The first few pages are pretty boring but after that I couldn't put it down. Well worth a read!
There are OBD2 bluetooth adapters. I could just plug it into your car, challenge you to a race and kill you in a driveby ;-)
You can *claim* those measures are for *your* good, but have the possibility at least of making it easy for the government to make you an "unperson" with the click of a mouse on the "no drive" list.
When evaluating any technology, just think what your worst enemy would do with it, and remember that government IS your worst enemy.
- IBM shows off sub-10nm carbon nanotube transistors
- Microsoft shows off touchy feely surfaces of the future
- Boffins invent an operating system for cities
- Nike is readying Back to the Future shoes
- IBM and 3M are developing semiconductor adhesives
- Amazon chief fails to deliver rocket to space
- Lightbulbs can be used to broadcast wireless internet
- IBM unveils chips that can mimic the brain
