It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Zero-day exploit lets hackers remotely force cars off the road
page: 15
share:
Well this is scary, especially considering I'm a recent owner of a 2014 Jeep wrangler. Apparently, 'the attack is possible thanks to a system in most
Chrysler models called UConnect, which largely computerizes the car and allows a lot of cool features by connecting to a centralized hub, accessible
through a WiFi hotspot.' Nope, these aren't even those self-driving, all electric, vehicles either. It's just a plain old (modern) vehicle.
Source
I get why companies want to add such systems to their products. The features can be great, useful, and even safer. However, in this day and age where the population of talented hackers is ever-growing, these systems seem almost irresponsibly ignorant and potentially dangerous rather than in any way useful.
This is not dissimilar to the recent "professional hacker attack" on a giant yacht where “GPS spoofing” was recently able to gently steer a ship without the crew noticing.
They were even taunting the driver via the microphones and displays in the vehicle
This isn't really a new thing. Hackable computers are everywhere, and with varying consequences. We can hack into our refrigerators and change the temperature, spoiling the food. And we have systems where we can unlock our front door or turn on/off the oven via our phones.
At what point does convenience become more of a burden?
Armed with nothing more than the car’s IP address, this exploit allows infiltration of the car’s internal network via the WiFi hotspot, allowing the firmware to be completely rewritten to grant access to the car’s physical controls — the steering, brakes, accelerator, and more. Some of these can be controlled directly, other simply disconnected, but all are critical to road safety.
Source
I get why companies want to add such systems to their products. The features can be great, useful, and even safer. However, in this day and age where the population of talented hackers is ever-growing, these systems seem almost irresponsibly ignorant and potentially dangerous rather than in any way useful.
This is not dissimilar to the recent "professional hacker attack" on a giant yacht where “GPS spoofing” was recently able to gently steer a ship without the crew noticing.
Without needing a physical connection, or even a password, hackers have managed to remotely control a car on the highway. The demonstration was organized by two security researchers for Wired‘s Andy Greenberg, as they hacked into his Jeep Cherokee and took the wheel, via the internet. First they demonstrated peripheral access, controlling the fans, stereo, windshield wipers, and wiper fluid. Then the attack got serious.
Purely remotely, and not having had physical access to the car at any prior point, the attackers were able to inactivate the transmission, disconnecting the engine from the drive train and functionally putting the car into neutral. The exploit can also control with the car’s brakes, but in their initial attack the hackers chose to let Greenberg bring himself to a stop on an operational freeway on-ramp. The journalist was forced to call and ask the hackers to let up, his safety now dependent on a stranger’s willingness to voluntarily refrain from exploiting a vulnerability that exists in every Jeep Cherokee currently on the road — and potentially in every other modern Chrysler vehicle, given some basic tweaks to the attack.
They were even taunting the driver via the microphones and displays in the vehicle
This isn't really a new thing. Hackable computers are everywhere, and with varying consequences. We can hack into our refrigerators and change the temperature, spoiling the food. And we have systems where we can unlock our front door or turn on/off the oven via our phones.
At what point does convenience become more of a burden?
edit on 22/7/15 by Ghost147 because: (no reason given)
Only one of the many reasons I will not buy a new car. Too many computer controlled, completely unnecessary, gadgets, that are vulnerable to attack.
The more "conveniences" it has, the more to go wrong and costlier to repair. Impossible for the DIY mechanic to work on, short of an oil change and so
many other things it's just not worth going in to.
1970 Chevelle, old school muscle; no tracking, no computer (just stock up on spare parts before they are gone….)
electrical and electronics has always been Chrysler's weak point. My last was a 2000 Grand Cherokee. Great vehicle but everything from the horn to the
heated seats was an issue. less than a year and it was gone because the wife refused to drive it any further . I kind of thought the thing was
possessed really.
I think they would have to hack specific satellites or be on the ground in our country to effectively hack cars.
a reply to: starwarsisreal
a reply to: starwarsisreal
a reply to: Ghost147
Here IS the original article.
www.wired.com...
If you watch the vid and read the article.
This isn't out yet.
They have been working with Chrysler to get this patched.
however they will be presenting this at defcon.
There is a usb patch for the hack. And it seems you need to have uconnect in your car to be able to do the hack.
www.driveuconnect.com...
Now this does bring into question do agencies like the CIA know about this?
Are some of the accidents that have happened to high profile people investigating government wrong doing intentional? Is this a deliberate back door that was left open for people to exploit?
Here IS the original article.
www.wired.com...
If you watch the vid and read the article.
This isn't out yet.
They have been working with Chrysler to get this patched.
however they will be presenting this at defcon.
There is a usb patch for the hack. And it seems you need to have uconnect in your car to be able to do the hack.
www.driveuconnect.com...
Now this does bring into question do agencies like the CIA know about this?
Are some of the accidents that have happened to high profile people investigating government wrong doing intentional? Is this a deliberate back door that was left open for people to exploit?
edit on 22-7-2015 by grey580 because: (no reason given)
You can purchase OBD-II bluetooth dongles which allow cell phones and laptops to communicate to the vehicles ECU via bluetooth connection.
This technology can easily be used to alter the vehicles controls and ultimately make it do anything you want (apply throttle, modify braking, lock steering wheel, increase fuel pressure, etc.).
This technology can easily be used to alter the vehicles controls and ultimately make it do anything you want (apply throttle, modify braking, lock steering wheel, increase fuel pressure, etc.).
a reply to: grey580
I agree it's a back door but for who?
All vehicles and electronics have what's known as built in obsolescence. Now think of the manufacturer finding out (through the up link) that their vehicle is lasting longer than planned. What could they do? Subtly alter the fuel air mixture to wear the engine out quicker? There are a million and one things that they could alter without you knowing that could shorten the vehicles life. Just a thought.
Now talking about the insurance angle is another matter. If they can communicate with the vehicle at all times then when or if you have an accident they go through the data with a fine tooth comb and if your at fault anywhere (and be honest 99% of us have) they nullify your cover. Hey presto, a get out clause that you provided.
I agree it's a back door but for who?
All vehicles and electronics have what's known as built in obsolescence. Now think of the manufacturer finding out (through the up link) that their vehicle is lasting longer than planned. What could they do? Subtly alter the fuel air mixture to wear the engine out quicker? There are a million and one things that they could alter without you knowing that could shorten the vehicles life. Just a thought.
Now talking about the insurance angle is another matter. If they can communicate with the vehicle at all times then when or if you have an accident they go through the data with a fine tooth comb and if your at fault anywhere (and be honest 99% of us have) they nullify your cover. Hey presto, a get out clause that you provided.
new topics
-
Mike Pinder The Moody Blues R.I.P.
Music: 12 minutes ago -
Putin, Russia and the Great Architects of the Universe
ATS Skunk Works: 3 hours ago -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 7 hours ago
top topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 13 hours ago, 31 flags -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 7 hours ago, 13 flags -
Is AI Better Than the Hollywood Elite?
Movies: 15 hours ago, 4 flags -
Maestro Benedetto
Literature: 15 hours ago, 1 flags -
Putin, Russia and the Great Architects of the Universe
ATS Skunk Works: 3 hours ago, 1 flags -
Mike Pinder The Moody Blues R.I.P.
Music: 12 minutes ago, 1 flags
active topics
-
A Warning to America: 25 Ways the US is Being Destroyed
New World Order • 18 • : RazorV66 -
Putin, Russia and the Great Architects of the Universe
ATS Skunk Works • 9 • : alldaylong -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues • 52 • : ToneD -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 274 • : NorthOS -
Mike Pinder The Moody Blues R.I.P.
Music • 0 • : alldaylong -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues • 97 • : SchrodingersRat -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People • 26 • : FlyersFan -
Sol Et Luna - TIME2024
Short Stories • 11 • : Encia22 -
Any one suspicious of fever promotions events, major investor Goldman Sachs card only.
The Gray Area • 11 • : mysterioustranger -
Ode to Artemis
General Chit Chat • 1 • : Encia22
5