Dashboard Articles Playground Discussions More
Follow

Hacked with off-the-shelf parts.

Jockstrap
10 years ago

3

Your car’s computer system can be hacked with off-the-shelf parts
BY SEAN BUCKLEY FEBRUARY 6TH, 2014 AT 3:42AM ET

Image

You probably don’t spend much time thinking about the computer in your car, but a pair of Spanish security researchers sure does. In preparation for next month’s Black Hat Asia security conference in Singapore, Javier Vazquez-Vidal and Alberto Garcia Illera have assembled a small electronic device that can leave a vehicle’s computer system open to attack. “It can take five minutes or less to hook up and then walk away,” Vidal says. It can also be built from off-the-shelf components for less than $20.

What the gizmo can actually do depends on the car. The team says that they’ve wired the CAN Hacking Tool (named for the Controller Area Network bus it exploits) into four vehicles, and have used it to wirelessly manipulate lights, set off alarms, control power windows and even activate the vehicle’s brakes. By the time the conference starts, they hope to outfit the prototype with a GSM radio, making it possible to control a vehicle’s systems from virtually anywhere. Still, Vidal says they don’t want to aid any nefarious activities, so the hacking tool’s source code is going to remain private for now – but they do hope their demonstration at Black Hat Asia will get the attention of automakers. “A car is a mini network,” Illera said. “And right now there’s no security implemented.

 
![Image](https://www.hackthis.co.uk/user/Jockstrap/userbar.png)
4replies
3voices
240views
1image
Fireshard
10 years ago | edited 10 years ago

0

So they’re basically using a wireless CAN receiver, inserted into your car’s controller? That’s nice but, who would put the receiver there for this to work? You need physical access to the car computer, which only mechanics know how to gain. Also, you need the car to be open, so you’ll basically need to break in (at which point, what’s the point of hacking a car you already broke into) or be a repairman, tinkering around.

The idea behind the thing is very interesting and certainly could be improved upon, but i don’t consider this a major security flaw, especially since cars' IMPORTANT systems are on read-only memories, and thus, unalterable. Steering could only be affected in the sense that servo-direction can be turned on/off (but steering your car will still be possible) and as far as brakes go, they’re only accessible for assisted braking systems, which will most certainly not tamper with your ability to brake (yeah, the car might brake on its own, but it will never happen for the brakes to not be usable). Most security in ECUs (electronic control units) is purely electrical, so that it’s faster and does not depend on the reliability of the CPUs (yes, CPUs since they’re usually redundant, to ensure safe system failure). Besides, most car manufacturers are slowly migrating off CAN to a better communication protocol which is far more expensive, fast and reliable: FlexRay.

I still want to see that demo, though :D

 

Don’t post answers on the forums!

Search other forums before making new threads called “help” !

Click me for an interesting post on the forum!

Jockstrap
10 years ago | edited 10 years ago

0

Me too a bit far fetched I think! Though I think they are on about remaping the cars cpu for better performance? Or like thay say turning things on and off. I guess with the owners consent :)

 
![Image](https://www.hackthis.co.uk/user/Jockstrap/userbar.png)
Max Lockhart [MaxLockhart]
10 years ago | edited 10 years ago

0

I think there would be some kind of power source and maybe a laptop involved @fireshard I don’t know jack about cars really but my money would go to some cholos down in the ghetto who know how to soup their rides up. See I can speak slang! jkjk :P But yeah, just explain it to them and be like this goes their and that does this. What is the whole purpose though? I really don’t get what this tool is doing or exploiting. Is it to break into the car or what?

Edit:

Like the overall usage of the device? Is it for just humor or? I don’t see how it could be used besides that and stealing.

Fireshard
10 years ago

0

Well, since you have to put the device into the car, stealing is kind of THERE already :)

It could be used for terrorist or hit-men attacks, supposing it could override all the safety protocols in the car…

 

Don’t post answers on the forums!

Search other forums before making new threads called “help” !

Click me for an interesting post on the forum!

You must be logged in to reply to this discussion. Login
1 of 5

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss