It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Your car computer system could be pwned..

page: 1
2

log in

join
share:

posted on May, 18 2010 @ 03:55 AM
link   
Your car computer system could be pwned..

A team of researchers in University of California-San Diego, and Tadayoshi Kohno from the University of Washington have undergone a test to see what resilience cars have to an attack on their control systems. Their finding are really quite disturbing in my opinion, The researchers hacked into the electronic control units (ECUs) of which we have many in modern vehicles, many of which oversee the workings of many car components. The hack was able to monitor communications between the ECUs and insert fake packets of data, they have created software called 'CarShark' to carry out the attacks on the ECU's, what's very disturbing is the fact this could disengage your brakes!!!

Quote: We are able to forcibly and completely disengage the brakes while driving, making it difficult for the driver to stop, Conversely, we are able to forcibly activate the brakes, lurching the driver forward and causing the car to stop suddenly."

At present cars are (hopefully) not connected to the net which leaves cars unable to be remotely accessed, so for an attack to be carried out on ECU's you would need access to the vehicle either by breaking into the car or by a mechanic fixing it. You would also need software able to hack into the ECU.

I don't know about anyone else on ATS but I feel this is quite a scary prospect, I guess it's only a matter of time before cars are net activated as technology moves on in vehicles, this would give hackers the ability with the right software to remotely access your car, I'm sure there are hackers out there that are able to produce similar software to 'CarShark' for their own nefarious purposes...


Source




posted on May, 18 2010 @ 04:54 AM
link   
It would be a lot of work, and vary between models of cars, but I can see this scenario as being realistic. It's way beyond the effor a casual hacker would put in, though.

To gain precise control over the device (as opposed to just scrambling signals, which can still cause havoc, but an unpredictable sort) I would think you'd need to do some reverse engineering on the ECU, to figure out how it responded to certain inputs, or find out what code was on the ECU, or otherwise spend some time learning the device first. It's not going to be a five minute hack, so I wouldn't worry about your cars being hacked yet, unless you've made an enemy of some very powerful, very determined types of people. For instance, I could maybe see the CIA doing this to someone they didn't like, but that 15 year old haxor down the street probably won't be doing this.



posted on May, 18 2010 @ 05:08 AM
link   
reply to post by DragonsDemesne
 



Agreed, but it's still in the realms of possibility.. That's the scary thing… the damage that could be caused is unthinkable, if hackers were able to produce software in the future that could control vehicles of all makes via remote, (I know it's not possible now) they could potentially put the brakes on a car travelling on a motorway at 70MPH then disengage the brakes on the other cars coming up behind it… carnage! Also as you say the CIA or even traffic cops could just stop your car without you being able to do anything about it..

Let's hope this is never possible!


[edit on 18-5-2010 by Majestic RNA]



posted on May, 18 2010 @ 05:28 AM
link   
Not only possible but being done by OnStar in conjunction with law enforcement. The car's systems are in there hands as far as electronics go. Communication is by cellular service. And some options in some models allow for 3G connections for internet access. big question is how separated is that system from the car's systems?

I am sure that there are some out there working on hacking cars to see if they can. Once done and that knowledge is known, then the script kiddies won't be too far behind. Besides, weren't the Toyota accelerator problems due to faulty commands in the system? As in the pedal was completely electronic and there was no throttle cable connected?



posted on May, 18 2010 @ 05:30 AM
link   
This is a possibly explanation for "car accidents" and crashes associated with important people.

Hm, wonder if there is a way to modify your ECU so it can't be modified by anyone else.



posted on May, 18 2010 @ 05:45 AM
link   
reply to post by Ahabstar
 


Hi Ahabstar, I wasn't aware of that being the case with OnStar, as you say the big one is just how separated the two systems are!

There have been a few explanations to the Toyota recall from what I remember, some say it's the mechanical wearing others the electronic sensors...

Outside safety experts say possible causes also include the complicated electronic sensors that relay the message from the gas pedal to the engine, the design and location of the sensor system, a lack of a fail-safe override mechanism, and even a certain media-fed awareness that puts more people on the lookout for the problem.

Source



posted on May, 18 2010 @ 05:50 AM
link   
reply to post by Scarcer
 



I guess your right it is a possible explanation, but I wouldn't want to say that's happening without proof, Princess Dianna springs to mind with that conspiracy

Like most things of a communication nature in software I would imagine it's possible to create a firewall built into the ECU but then again like all firewalls.. They can be hacked!



posted on May, 18 2010 @ 06:13 AM
link   
reply to post by Majestic RNA
 


If you look at a semi and notice a rounded flat object on the top of the cab, that is the satellite antenna for their CommData system that sends and receives. Depending on the company, they can reset the top speed as 15 MPH. Schneider (the orange trucks) are one company that does that level of control.

CommData records everything going on with the truck. GPS location, RPM's, fuel consumption, speed, top speed...scary the amount of information going on and can be accessed with a few keystrokes on a computer on the other side of the country. There are ways of defeating it of course, some less obvious than others. But if caught by a police officer with your cord unplugged or the unit covered in tinfoil and you are in big trouble.

However, shutting truck off in a location where the signal is blocked for more than 30 minutes defeats them until the next time the truck is pinged or message sent or received.

But I think OnStar is cellular instead of satellite communication because of the cost and the fact that there is voice communication. Which makes for a poor service in rural parts of the country.



posted on May, 18 2010 @ 06:56 AM
link   
reply to post by Ahabstar
 


Scary stuff if this capability OnStar use got into the wrong hands Ahabstar..

I was aware car management systems can be accessed and messed with regarding the engine ect, but braking systems are another matter, the researchers claim they can engage or disengage the brakes... that's taking it to another level.. one i'm not very comfortable with.


[edit on 18-5-2010 by Majestic RNA]



posted on May, 18 2010 @ 09:38 AM
link   
Anyone remember those oh! so conveniently timed failure of systems in Asian cars, recently, as American car companies were in deep tup-titoo? Who benefited from this? Surely not milk producers...



posted on May, 18 2010 @ 09:41 AM
link   
For one, you need access to the car's internal CAN network in order to insert packets.

In the industry we would use a laptop with special CAN emulation software with a plug into the ECU and could pretty much call up any functionality within the car. Locking doors, lights on/off, volume up/down, etc.

When cars are all remotely accessible, and this ever becomes an actual concern/problem. The manufacturers can fairly easily mask out external or rogue packets by various means for example by masking out functionality accessible via external interfaces and/or tagging all local packets with a key derived from digits found in the ECU serial number for example.

Similar to how the current immobilizer keys and ECU work in conjunction with one another.



posted on May, 18 2010 @ 09:43 AM
link   
Just do not bother with a car, and get a bike, the peddles are not software orientated are they?



posted on May, 18 2010 @ 09:54 AM
link   
yea and all my friends thought i was crazy when I said that having remote access to your car is a bad thing and it would only be a matter of time before the black hats cracked it....

I also have been thinking about the toyota problem and how it COULD be software related.....



new topics

top topics



 
2

log in

join