$25 gadget lets hackers seize control of a car –


After journalist Michael Hastings‘s death, there were rumours that his car had been hacked. Now two researchers say they can do it for real

Mishap or cyber-mischief? (Image: Scott Lane/Loudlabs News)

IN THE early hours of 18 June, a Mercedes coupé travelling at extremely high speed along a Los Angeles street smashed into a palm tree. It exploded into flames, killing the driver; the impact ejected the engine 50 metres clear of the car. Was it an accident? Or was the car hacked, allowing it to be driven off the road by remote control?

The very idea might sound crazy – but it’s one that Richard Clarke, a former counterterrorism adviser to the US National Security Council, has raised after the driver was identified as Rolling Stone journalist Michael Hastings. Known for his revealing articles on the US military and its intelligence agencies, Hastings had emailed colleagues the day before he died to say that he was going “off the radar for a bit” to chase down a “big story”.

“What evidence is available publicly is consistent with a car cyberattack,” says Clarke in a Huffington Post interview. Intelligence agencies, he says, can remotely seize control of a car to make it accelerate wildly or brake suddenly, for instance.

Clarke cited research, carried out for the US National Academy of Sciences, showing that “connected cars” – equipped with built-in cellular technology used by dashboard apps and engine-monitoring software – can be hacked remotely. But proof that it could be done in practice has been lacking.

That looks set to change on 27 July, when Spanish engineers Javier Vázquez Vidal and Alberto Garcia Illera will give a demonstration at the Black Hat security conference in Las Vegas, Nevada. They have built a $25 device that lets them bypass security in a car’s electronic control unit.

The brains of a modern car, the ECU is a computer that controls engine power, transmission and braking. Mechanics can diagnose faults by plugging a laptop into it via standard wired connectors such as the CAN bus. Alternatively, remote diagnostics and software updates can take place over a cellular network, as happens with services such as General Motors’ OnStar and Mercedes-Benz‘s Mbrace.

Vázquez Vidal and Garcia Illera will show how their device – which they claim uses a $1 chip to break encryption – can read from and write data to the flash memory of commonly used ECUs, made by Bosch of Germany. In this way, they can get more horsepower out of a car, or tell it to burn less fuel. “And it would take no time to gain total control over a vehicle – deploying an airbag, activating the brakes, or immobilising a car at any moment,” says Vázquez Vidal.

How they have done this is unclear. “My best guess is that they have managed to put the ECU into an unencrypted test state, possibly by playing around with power-up sequences,” says Peter Highton, a senior engineer with Freescale Semiconductor in Aylesbury, UK, which makes ECU microchips for racing cars as well as ordinary vehicles.

For security, connected cars should use encryption, but Highton says carmakers are only just coming to terms with it. “Until as recently as five years ago, data on the CAN bus of most cars was unencrypted, and so could be intercepted and altered.”

Whatever the causes of Michael Hastings’s crash, the need to make cars secure against hacking will only become more acute. The next version of Vázquez Vidal and Garcia Illera’s device won’t even need plugging in to the target car. “I am already working on a wireless version,” Vázquez Vidal says.

via $25 gadget lets hackers seize control of a car – tech – 17 July 2013 – New Scientist.

Advertisements

About Old Boy

Love the past and the future but live in the present

Posted on July 20, 2013, in Crime, Government, Human rights and Liberties, politics, USA and tagged , , , , , , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Essence Within

Silently, the grass grows.

FLOW ART STATION

THE CONTEMPORARY MAGAZINE

21st Century Films

Film Analysis, Essays, and Short Stories

swo8

Music means something

Discobar Bizar

Welkom op de blog van Discobar Bizar. Druk gerust wat op de andere knoppen ook, of lees het aangrijpende verhaal van Hurricane Willem nu je hier bent. Welcome to the blog of Discobar Bizar, feel free to push some of the other buttons, or to read the gripping story of Hurricane Willem whilst you are here!

Playing by My Own Rules

Cancer Messed with the Wrong Hellion

manologo

pienso y recuerdo...luego, existo

Noellie's Place

Life is brutal at times but always offers beauty and love to soften the blows if you open your hearts eye

After Credits Corner

There's a million films I haven't seen. Just you wait...

Reel Time Flicks

Film reviews and news, everyone's a critic! Welcome to the drinking blog with a film problem.

Baz Allen

Archive

Silents, Please!

interesting avenues in silent film history

Superduque

Mi patria es todo el mundo.

WRITE THEM ALL.

THOUGHTS. FEELINGS. MEMORIES.

Budget Traveler

Travel Guide, Blog & Reviews

The Conglomerate Lode

Mining thoughts, opinions, and experiences that enter the eyes the front door to the grey matter

La Audacia de Aquiles

"El Mundo Visible es Sólo un Pretexto" / "The Visible World is Just a Pretext".-

CINESPIRIA

Shining a light on the deep recesses of film history

Dr. Grob's Animation Review

The animation film review site

Genç Yazarlar Kulübü

Edebiyat burda, kahve tadında.

Alfred Eaker's The BlueMahler

Alfred Eaker's art (painting & film), reviews and essays. BlueMahler is a performance art character first created by Eaker at the John Herron School of Art in the early 1980s.

Master Mix Movies

One Movie at a Time

Jason's Movie Blog

A Movie Blog for the Latest Movie Reviews, Trailers, and More

Purple Pants

Presenting Life Delicacies with a Pinch of Salt

La Page @Mélie

Contre le blues, le meilleur remède, c'est le rock...!

simple Ula

I want to be rich. Rich in love, rich in health, rich in laughter, rich in adventure and rich in knowledge. You?

I didn't have my glasses on....

A trip through life with fingers crossed and eternal optimism.

Prestridge²

Independent journalism on the things we love - money, film and the arts

smithartonline

Art, education and ruminations

Exclusivito

Confessions of a book-traveller

Kitchen Scenes

Performance Art Based Video & Film

My Life as an Artist (2)

Smile! You’re at the best WordPress.com site ever

Paperback Cinema

Never judge a book by its movie.

CURNBLOG

Movies, thoughts, thoughts about movies.

Widdershins Worlds

WRITING LESBIAN FICTION, SCIENCE FICTION, AND FANTASY, SINCE THE 20TH CENTURY

SKYLINE REPORTS

comedy magazine

Flicks and Pieces

Film & TV Reviews, News & Musings

MovieBabble

The Casual Way to Discuss Movies

seriesdefilms

Pour ceux qui se font des films en séries!

Plain, Simple Tom Reviews

Musings on film and TV, old and new.

Rarest Kind of Best

Talking about children's books and films. Useful information for parents.

%d bloggers like this: