$25 gadget lets hackers seize control of a car –


After journalist Michael Hastings‘s death, there were rumours that his car had been hacked. Now two researchers say they can do it for real

Mishap or cyber-mischief? (Image: Scott Lane/Loudlabs News)

IN THE early hours of 18 June, a Mercedes coupé travelling at extremely high speed along a Los Angeles street smashed into a palm tree. It exploded into flames, killing the driver; the impact ejected the engine 50 metres clear of the car. Was it an accident? Or was the car hacked, allowing it to be driven off the road by remote control?

The very idea might sound crazy – but it’s one that Richard Clarke, a former counterterrorism adviser to the US National Security Council, has raised after the driver was identified as Rolling Stone journalist Michael Hastings. Known for his revealing articles on the US military and its intelligence agencies, Hastings had emailed colleagues the day before he died to say that he was going “off the radar for a bit” to chase down a “big story”.

“What evidence is available publicly is consistent with a car cyberattack,” says Clarke in a Huffington Post interview. Intelligence agencies, he says, can remotely seize control of a car to make it accelerate wildly or brake suddenly, for instance.

Clarke cited research, carried out for the US National Academy of Sciences, showing that “connected cars” – equipped with built-in cellular technology used by dashboard apps and engine-monitoring software – can be hacked remotely. But proof that it could be done in practice has been lacking.

That looks set to change on 27 July, when Spanish engineers Javier Vázquez Vidal and Alberto Garcia Illera will give a demonstration at the Black Hat security conference in Las Vegas, Nevada. They have built a $25 device that lets them bypass security in a car’s electronic control unit.

The brains of a modern car, the ECU is a computer that controls engine power, transmission and braking. Mechanics can diagnose faults by plugging a laptop into it via standard wired connectors such as the CAN bus. Alternatively, remote diagnostics and software updates can take place over a cellular network, as happens with services such as General Motors’ OnStar and Mercedes-Benz‘s Mbrace.

Vázquez Vidal and Garcia Illera will show how their device – which they claim uses a $1 chip to break encryption – can read from and write data to the flash memory of commonly used ECUs, made by Bosch of Germany. In this way, they can get more horsepower out of a car, or tell it to burn less fuel. “And it would take no time to gain total control over a vehicle – deploying an airbag, activating the brakes, or immobilising a car at any moment,” says Vázquez Vidal.

How they have done this is unclear. “My best guess is that they have managed to put the ECU into an unencrypted test state, possibly by playing around with power-up sequences,” says Peter Highton, a senior engineer with Freescale Semiconductor in Aylesbury, UK, which makes ECU microchips for racing cars as well as ordinary vehicles.

For security, connected cars should use encryption, but Highton says carmakers are only just coming to terms with it. “Until as recently as five years ago, data on the CAN bus of most cars was unencrypted, and so could be intercepted and altered.”

Whatever the causes of Michael Hastings’s crash, the need to make cars secure against hacking will only become more acute. The next version of Vázquez Vidal and Garcia Illera’s device won’t even need plugging in to the target car. “I am already working on a wireless version,” Vázquez Vidal says.

via $25 gadget lets hackers seize control of a car – tech – 17 July 2013 – New Scientist.

Advertisements

About Old Boy

Love the past and the future but live in the present

Posted on July 20, 2013, in Crime, Government, Human rights and Liberties, politics, USA and tagged , , , , , , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

FilmBunker

Saving you from one cinematic disaster at a time.

Wonders in the Dark

Cinema, music, opera, books, television, theater

Just Reviews

Just another WordPress.com site

Mark David Welsh

Watching the strangest movies - so you don't have to...

conradbrunstrom

Things I never thunk before.

News from the Boston Becks

The life and times of Erik, Veronica and Thomas

The Silent Film Quarterly

The Only Magazine Dedicated To Silent Cinema

Leaden Circles

First a warning, musical; then the hour, irrevocable. The leaden circles dissolved in the air.

Klaus Kreimeier HOME

THE WORLD FILM HERITAGE 1895-1915

SOURCE247

Breaking News, Sports, Entertainment, Movie, TV, Tech, Gaming , Lifestyle and more Trends.

My Archives

because the internet is not forever

CineSocialUK

Up to the minute, fair, balanced, informed film reviews.

PUZZLED PAGAN PRESENTS

A Shrine to Pop Culture Obsessiveness. With Lots of Spoilers

Thrilling Days of Yesteryear

“Nostalgia isn’t what it used to be” – Peter DeVries

thedullwoodexperiment

Viewing movies in a different light

Twenty Four Frames

Notes on Film by John Greco

Suzanne's Mom's Blog

Arts, Nature, Family, Good Works, Luna & Stella Birthstone Jewelry

It Doesn't Have To Be Right...

... it just has to sound plausible

NJ Corporate Portrait Photographer Blog

The life of a corporate portrait photographer who likes to shoot just about anything.

arwenaragornstar

A French girl's musings...

Jordan and Eddie (The Movie Guys)

Australian based film fan - like Margaret and David, just a little younger

Octopus Films

A place for new perspectives on films, TV, media and entertainment.

scifist 2.0

A sci-fi movie history in reviews

The Reviewer's Corner

The Sometimes Serious Corner of the Internet for Anime, Manga, and Comic Content

Ready Steady Cut

Your favorite movie site's new favorite movie site

First Impressions

Notes on Films and Culture

1,001 Movies Reviewed Before You Die

Where I Review One of the 1,001 Movies You Should Watch Before you Die Every Day

Movies Galore of Milwaukee

Movie Galore takes a look at Silent films on up to current in development projects and gives their own opinion on what really does happen in film!

mibih.wordpress.com/

Anime - Movies - Wrestling

Gabriel Diego Valdez

Movies and how they change you.

The Horror Incorporated Project

Lurking among the corpses are the body snatchers....plotting their next venture into the graveyard....the blood in your veins will run cold, your spine tingle, as you look into the terror of death in tonight's feature....come along with me into the chamber of horrors, for an excursion through.... Horror Incorporated!

Relatos desde mi ventana

Sentimientos, emociones y reflexiones

Teri again

Finding Me

Gareth Roberts

Unorthodox Marketing & Strategy Blog

leeg schrift

Taalarmen

100 Films in a Year

12 months. 100 films. Hopefully.

Morcan Books & Films

The site for a new perspective on books and films

humhist

thoughts and thinking

Cinematic Architecture

An Inquiry on the meaning of cinematic for architecture and in architecture

IMPREINT journal

The official bulletin of the artist IMPREINT created to repost excerpts from 'En plein air'.

shadowplay

david cairns

%d bloggers like this: