Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Transportation Security The Courts

Lawsuit Claims Major Automakers Have Failed To Guard Against Hackers 107

Lucas123 writes: A Dallas-based law firm has filed a class-action lawsuit in the U.S. District Court for the Northern District of California claiming Ford, GM and Toyota all ignored basic electronic security measures that leave vehicles open to hackers who can take control of critical functions and endanger the safety of the driver and passengers. The suit, filed on behalf of three vehicle owners and "all others similarly situated" is seeking unspecified damages and an injunction that would force automakers to install proper firewalls or encryption in vehicle computer bus systems, which connect dozens of electronic control units. "Toyota, Ford and GM have deliberately hidden the dangers associated with car computer systems, misleading consumers," attorney Marc Stanley said. The lawsuit cites several studies revealing security flaws in vehicle electronics. A 2013 study by the Defense Advanced Research Projects Agency found researchers could make vehicles "suddenly accelerate, turn, [and] kill the brakes." A study released last month by Sen. Edward Markey (D-Mass.) also claims automakers have fallen far short in their responsibility to secure their vehicles' electronics.
This discussion has been archived. No new comments can be posted.

Lawsuit Claims Major Automakers Have Failed To Guard Against Hackers

Comments Filter:
  • when the robots vote.
  • by Anonymous Coward

    (Little girl jacks into your car's ecm)
    This is a Unix system.... I know this.... .... (Hack)....
    (Next Driver)
    Hang on to your butts!!!!
    Clever girl....

    • Clearly some lawyer has some teenaged kids he's looking to put through school. But food for thought here. Having just gotten into analysing the ECMs in my car and figuring out how to analyse the performance characteristics of my car, I appreciate the ability to figure out what's going on with the vehicle without paying $1000's to the mechanic. That being said, I have serious doubts that a public/private key cryptographic authentication mechanism on the vehicle ECM would be shared with the consumer that purc
      • by Smerta ( 1855348 )
        I'd just be happy to know that firmware images for every processor on my vehicle (at least important ones, like the Engine Control Unit (ECU)) have to be digitally signed. Unfortunately, I have little confidence in that. :-(
  • by Anonymous Coward on Tuesday March 10, 2015 @07:23PM (#49229901)

    Yay, more class action lawsuits. Car owners prepare to get your 30 cent rebate forms ready! Lawyers, buy a new vacation home!

    • by TWX ( 665546 )
      If I owned a car that was susceptible to this sort of problem I would much rather the lawsuit compel the automaker to fix the problem rather than give me money. Pay the lawyers, but just fix the damn problem as a recall.
      • Re: (Score:3, Insightful)

        by Anonymous Coward

        There will be no recall fix if they attempt to encrypt the CAN bus. Most of the processors on the bus are not powerful enough for software encryption. They have hardware CAN modules.
        A typical Dodge has from 17 to 22 CAN nodes on three CAN buses. Each node is, of course, a processor. Just how powerful does the sunroof controller have to be, anyway? Many of the processors on the bus have 128-256K flash program memory and 34 to 96k ram.
        Never gonna happen.

      • If I owned a car that was susceptible to this sort of problem I would much rather the lawsuit compel the automaker to fix the problem rather than give me money. Pay the lawyers, but just fix the damn problem as a recall.

        I warned several times over the last couple of years that this would happen. Nobody in their right minds (today, that is) runs the critical systems and navigation system on the same CPU. Much less the entertainment system or communications!

        The data collection without permission issue has been around for a while, too.

        I'm glad to see people getting after this finally.

      • By the way, I meant to make this point in my last comment:

        In at least some cases, it will take more than your usual simple recall to handle this problem. There are some very very serious design problems in the electronics of many of today's cars.
      • If I owned a car that was susceptible to this sort of problem I would much rather the lawsuit compel the automaker to fix the problem rather than give me money. Pay the lawyers, but just fix the damn problem as a recall.

        I'd prefer if any hacker attacking a car that way should go to jail according to the damage done or attempted. Like anyone trying to manipulate how the brakes on my car work should go to jail for attempted murder. (I'd prefer if that person doesn't go to jail for actual murder). But then, a person can do all kinds of damage, both expensive and dangerous, to a car without any hacking.

    • good luck showing damages. this isnt gonna go anywhere
      • Well, you can't wait for people to actually be harmed because at that point it's a rat race to sign them up, and your law firm probably won't win.

        No, by preemptively suing for damages because you are so scared you might be hacked, they are playas!

    • by BLKMGK ( 34057 ) <morejunk4me.hotmail@com> on Tuesday March 10, 2015 @09:56PM (#49230693) Homepage Journal

      Sorry, but this is a complete bullshit lawsuit. Most of the hacks have required physical access to the CAN bus or have required modifications to the entertainment system to remove the firewalls in place - yes they have them on some I'm familiar with. A few jackasses have put out scary "hacks" and now this is the crap that we get to deal with? The CAN bus shouldn't be encrypted as not only will this drive cost up but it will also prevent some of the good stuff going on like replacement ECU in the performance industry and diagnostic tools for the home user.

      Sorry, but this is complete and utter garbage and I hope it's tossed out damned fast.

      • There are likely easy paths and harder paths in. If you can't put a malicious CD or USB stick in and take control, you hit one level. If you can't plug a device into a port under the hood that can take over control, that is another hurdle. Ultimately though, you need to keep the system secure from the OnStar and its ilk being an attack vector. From fairly credible reports, this is not the case.

        • by BLKMGK ( 34057 )

          OnStar has apparently got the ability to disable some cars, for it to have this "safety feature" it's going to have to have capability. I'm not a fan of OnStar for many many reasons but this is a feature so I can't bitch about it too much - you can however find the silly cell modem and remove it. The car will probably squeal like a stuck pig for your having done so...

  • Standing? (Score:5, Informative)

    by bws111 ( 1216812 ) on Tuesday March 10, 2015 @07:30PM (#49229941)

    They're suing because, theoretically, some third party could make them the victim of a crime? Good luck with that.

    • This is kind of more of a consumer protection thing. In california you used to have telephone book lawsuites because someone used a product in ways it wasn't intended and got hurt somehow because there was no warning or instructions not to use it that way. Its the reason we have warnings to remove children from baby strollers before colapsing for storage and those instruction pictures showing how to suffocate someone on plastic bags. In theory, if a manufacturer can make reasonable changes to products or wa

      • by bws111 ( 1216812 )

        The key difference is that in those other cases someone (the person suing) was actually hurt. In this case, nobody has been hurt, but somebody thinks that theoretically somebody could maybe possibly be hurt somehow under some condition.

        The examples you give are not 'consumer protection' things, they are manufacturer liability prevention. Yes, you should be smart enough to know this on your own, but even if you don't we warned you. An actual consumer protection example would be where a stroller was recall

        • The key difference is that in those other cases someone (the person suing) was actually hurt. In this case, nobody has been hurt, but somebody thinks that theoretically somebody could maybe possibly be hurt somehow under some condition.

          Not just "could possibly be hurt somehow", but "could possibly be hurt by a criminal causing intentional damage". It's one thing to complain if your pet dies inside the microwave because there was no written warning, it's something else if someone dies because a criminal put a pound of TNT in the microwave and turned it on. Or if someone dies because a clever criminal damages the microwave so that it will explode the next time it is used.

  • by brunes69 ( 86786 ) <slashdot@nOSpam.keirstead.org> on Tuesday March 10, 2015 @07:32PM (#49229961)

    In a 2013 study that was funded by the Defense Advanced Research Projects Agency (DARPA), two researchers demonstrated their ability to connect a laptop to two different vehiclesâ(TM) computer systems using a cable, send commands to different ECUs through the CAN, and thereby control the engine, brakes, steering and other critical vehicle components

    So you're telling me that if you have direct physical access to a car's ECU, you can issue commands to it? No shit sherlock. That is THE WHOLE POINT of the CAN bus. The only alternative would be to close down the bus and only allow "authorized" accessories to be connected to it - hello sky-high diagnostic fees and goodbye to useful bluetooth OBD connectors.

    Call me when this can be done wirelessly. Oh and yes I did read the "What the companies failed to note is that the DARPA study built on prior research that demonstrated that one could remotely and wirelessly access a vehicleâ(TM)s CAN bus through Bluetooth connections, OnStar systems, malware in a synced Android smartphone, or a malicious file on a CD in the stereo" blurb - which still failed to materialize an actual working example of exploiting a CAN wirelessly.

    • by penix1 ( 722987 )

      So in other words you are saying someone should die because of an exploit before something should be done? Sounds reckless to me. The car companies have been warned by many of these studies and still haven't done anything about it. Maybe this suit will get them off their asses. I won't hold my breath though...

      • by bws111 ( 1216812 ) on Tuesday March 10, 2015 @07:52PM (#49230113)

        No, he is saying that there should be an actual danger before you yell the sky is falling.

        What are the actual odds of an accident being caused by a hacker? What are the actual odds of an accident being caused by a software bug in security code?

        • Actual odds may be as large as odds of a spouse's brake lines being cut or a Toyota accelerating out of control with no obvious excuse.

          Actually, i do not know the odds but i do not think the will to increase them is zero.

      • by Anonymous Coward

        all those so called "exploits" require physical access to the car and wiring, at that point nothing is safe

      • Yet you don't see people demanding bomb sniffing technology to be added to all cars. If someone can get enough access to your vehicle to hook a cable into it, it's pretty much game over.
      • by jrumney ( 197329 )
        I think what he is actually saying is that we should have some more evidence that this is actually possible outside of the minds of some attention whoring "security researchers" before engaging our knee jerk reaction. Right now all we have boils down to "omg, diagnostic bus works as designed!!!!!!11!!1" and "wireless access of any description = oh noes, 3v1L h@xx0rzz".
      • by mlts ( 1038732 )

        If someone has physical access, they can also slice a break line, cut a belt, drain the oil pan, put engine-kill into the crankcase, or many, many other things.

        The fallout of this lawsuit is going to be bad for all consumers, and it actually puts car makers in a better spot:

        Need an air filter? For security reasons, only Powell Motors filters will work, which have to be installed and activated by equipment only the dealer will have. Need a new battery? It has to be a genuine Powell part [1] because the ba

      • So in other words you are saying someone should die because of an exploit before something should be done? Sounds reckless to me. The car companies have been warned by many of these studies and still haven't done anything about it. Maybe this suit will get them off their asses. I won't hold my breath though...

        In my country, there are millions and millions and millions of people who could kill me with a knife. And about the same number of people could kill me with a brick. Since guns are rare, the number of people who could kill me with a gun is lower, but still many thousands.

        How many people are there who could kill me by manipulating the electronics in my car? It's not many. It's not something I worry about. It's possible, but anyone wanting to kill someone that way would have much, much easier methods avail

    • Give me a Bluetooth OBDII adapter and I'll show you wireless exploitation. I bet one could be made slim enough that no one would ever notice it plugged in. 5 seconds alone with someones car when they leave the door unlocked (or hell, if an attacker has the knowledge required to send malicious commands to the ECU I bet they have the knowledge to defeat a locked car door. It's not like they need to start the car and drive away).
      • and all of those situations happen exactly how often that we need to make a federal case over it???
      • by bws111 ( 1216812 )

        OBDII is mandated by the government.

        • by AaronW ( 33736 )

          The funny thing is that they only require the connector, no actual data. My car (Tesla model S) has an ODB II connector but it doesn't provide anything other than power and ground. The manufacturer can access the car via wifi, 3G or a special Ethernet port but not through ODB II. Before screaming about the insecurity of Wifi and 3G, all communication is sent over an encrypted OpenVPN connection and the devices connected to the internal Ethernet network are fairly secure. There's a web server that serves up

          • by bws111 ( 1216812 )

            Uh, no. They require actual data relating to the emissions control system. Obviously, your car does not have an emissions control system. Such is not the case for the vast majority of cars on the road.

      • and I'll show you another wireless exploit.
      • And if I want to cause you to have an accident in your pre-ECU car I can cause substantial damage with some wrenches and a minute. What's your real point? I want to maintain the ability to hack/modify my own vehicles. Encrypting bus communication would pretty much kill that unless their was a mandate to release the encryption keys to the vehicle owner (and then what about leased cars, financed cars, etc.) which is unlikely to happen. As long as it's not fully remotely exploitable (meaning you never have to

        • And if I want to cause you to have an accident in your pre-ECU car I can cause substantial damage with some wrenches and a minute.

          But what you can't do is cause the tie rod you cut to fail at exactly the point where I'm a hairpin turn along a cliffside road. Or the brakes to fail, steering to quit working, and airbags prematurely detonate as I try to come to a stop from 70mph with a semi truck in front of me. I guess you could put some remote detonated explosive or something on a brake line, airbag sensor, and steering linkages, but how long will it stay there while exposed to road and weather conditions? A disguised bluetooth adapt

          • by bws111 ( 1216812 )

            You watch too many movies. If someone actually wants you dead there are far easier ways to accomplish that than hacking your car. For instance, they could shoot you as you drive past. That actually happens in the real world. Should we sue automakers so they only use bulletproof glass and armor plating? Or they could drop a rock on you as you go under an overpass, also happens in real life. Or a bomb.

          • by BLKMGK ( 34057 )

            The control systems ARE isolated with firewalls, the hacks that have been demonstrated - to my knowledge - have removed those. What exactly does "hardening the OBDII port" mean? You realize that locking that down will prevent diagnostic and home use tools form working right? Rate limiting? The signals that have been demonstrated to disable brakes were standard brake diagnostic signals recorded from using a standard tool, it wasn't abnormal. Filtering is already done by the entertainment systems on stuff I'm

            • by adolf ( 21054 )

              IIRC, the "brake disabling" hack involved many layers in a car with a dashboard that resembled a breadboard moreso than a car, and relied on being able to emulate/override the wheel-speed sensors so that the ABS computer -thought- it should be carefully modulating the brakes as if driving on ice or marbles or whatever.

              Anyone who has experienced it can easily attest that on dry pavement, even without third-party fuckery, a faulty ABS sensor can be a scary thing: One recognizes that the coefficient of fricti

              • by bws111 ( 1216812 )

                I have had a faulty ABS sensor, and the experience was not like you say. Here is what actually happened: the yellow 'ABS' light on the dash came on, informing me that the ABS was disabled. Scary.

              • by BLKMGK ( 34057 )

                Umm no, I sat in the talk where this was presented and while they did tear that Prius a new ass diving into the dashboard they never claimed to be faking out the ABS sensors and they mentioned the ABS pump making hellacious noises - which is what occurs when you bleed the silly thing. Overwhelm the CAN bus with data signals telling the pump to bleed and it will try...

                BTW - I have a faulty ABS sensor on one of my cars right now thanks to the Winter slush slopping all over it and screwing with the tone ring.

                • by adolf ( 21054 )

                  So what you're saying is that by overwhelming things, an attacker can make brakes misbehave at a whim?

                  And you're also saying that flooding a CAN bus can save an expensive dealer trip when it comes to bleeding brakes on a Prius?

                  Awesome! That's even worse / better than what I was suggesting.

                  Thanks!

            • The control systems ARE isolated with firewalls, the hacks that have been demonstrated - to my knowledge - have removed those.

              That's news to me then. My impression from watching a video a while back of how these worked was that they were simply using the OBDII port to send false signals and/or flooding the bus with so much traffic that the signals couldn't get through. I could have sworn they specifically said that the dash was only apart because they'd been monitoring signals while developing the hacks and couldn't be bothered to put it back together again.

              What exactly does "hardening the OBDII port" mean?

              Throw an interface in between it and the rest of the car that will do th

              • by BLKMGK ( 34057 )

                Some of the hacks that claim to be done wirelessly have relied on reprogramming entertainment firmware, others simply flooding the bus as you've surmised. The OBDII port is but one way into the bus, any device on the bus offers access to this bus to include some surprisingly easy to access places. It's a shared network, nothing knows that these signals from from the OBDII port. Rate limiting WILL call for more processing, something has to count packets and have smarts - you've added another computer to the

                • If they can get in past a locked door, they can get into the glovebox. I'm not such a special snowflake that anyone is trying either of these.

                  Yes but it's one more layer to defeat. It might also keep the casual maliciousness out (say the neighbors kid just read about this cool thing you could do the hack a car). Either way, it's a really simple step with no downsides.

                  An interface between the OBDII and the bus might slow some of this but it may also screw with diagnostics, it's an interesting idea but it will also increase cost in an industry that tries to shave pennies off of a production run :(

                  It would be an extra device, just like a hardware firewall. My $30 desktop switch has enough brains to let me configure it to block some basic stuff (like MAC flooding) plus act as a switch. I'm sure it cost a 10th of that before all the retail markups. The cost argument is why I'm

    • This is exactly my own viewpoint. All of this is a bunch of stirred up nonsense. Yes, systems like OnStar which bridge between the CAN bus and the phone network need protection. What I absolutely do NOT want is to see encrypted communications that I as the owner cannot see in plaintext on a wired bus. This will put non-dealer mechanics out of business pretty quickly and/or drive up repair costs tremendously including effectively preventing me from working on my own car. I think it's a dream come true for de

    • by jd2112 ( 1535857 )

      In a 2013 study that was funded by the Defense Advanced Research Projects Agency (DARPA), two researchers demonstrated their ability to connect a laptop to two different vehiclesâ(TM) computer systems using a cable, send commands to different ECUs through the CAN, and thereby control the engine, brakes, steering and other critical vehicle components

      So you're telling me that if you have direct physical access to a car's ECU, you can issue commands to it? No shit sherlock. That is THE WHOLE POINT of the CAN bus. The only alternative would be to close down the bus and only allow "authorized" accessories to be connected to it - hello sky-high diagnostic fees and goodbye to useful bluetooth OBD connectors.

      Call me when this can be done wirelessly. Oh and yes I did read the "What the companies failed to note is that the DARPA study built on prior research that demonstrated that one could remotely and wirelessly access a vehicleâ(TM)s CAN bus through Bluetooth connections, OnStar systems, malware in a synced Android smartphone, or a malicious file on a CD in the stereo" blurb - which still failed to materialize an actual working example of exploiting a CAN wirelessly.

      Obviously you aren't a lawyer. You never let facts get in the way of a good lawsuit. I'm surprised I haven't seen an add on TV for a class action suit against a company for having dangerous Dihydrogen Monoxide in their products.

    • by adolf ( 21054 )

      Call me when this can be done wirelessly.

      OK. What's your number?

      Scenario: Physical access via an unlocked vehicle (quick trip into the carry-out, forgetfulness, or whatever), and an active attacker (with whatever motives an attacker has).

      Attacker simply plugs in a COTS ODB-II Bluetooth dongle -- perhaps modified to be extra small (remove housing, clip LEDs, add black conformal coating), perhaps modified to talk to different buses than the standard interface, perhaps modified to have a stronger radio and/o

      • and lets look at use case scenarios

        Is a random person going to do this?? why??? Is a terrorist going to do this??? again why???

        No, the ONLY reason someone would do this is personal. and if they were going to go through all the trouble to do this, they could do something else much easier
        • by adolf ( 21054 )

          To extend your argument to its logical conclusion:

          All attacks worth worrying about are personal, political, or business in nature. Risk mitigation must take this into account.

          I know that Dropbox is insecure, but I use it anyway, because nobody I personally know can fuck with me using that vector and I have a personal policy against growing vendettas.

          The random attacker won't give a whit of my cell phone landscape photos, or of my shorthand business notes. And I'm not into politics.

          So, being a boring perso

      • by BLKMGK ( 34057 )

        Scenario - you lock your car up for the night, I roll up with a hacksaw blade, roll under your car, and nick the fuel line next to the exhaust manifold slightly. Rolling down the freeway the next day whoosh, you go up like the Challenger.

        Scenario - you lock your car up for the night, I roll up with a hacksaw blade, roll under your car, nick a brake line. Rolling down the freeway the next day and whooops - you have no brakes.

        Scenario - you lock your car for the night, I roll up with a small BT device connect

        • by Anonymous Coward

          Except that all of your "using a saw blade at night" "scenarios" of attacking cars:

          1) leave physical traces (chemicals, tool marks, etc.) in the wreck, alerting investigators that foul play occured,

          2) need close physical proximity between attacker and car to carry out, raising the risk of detection considerably,

          3) are "dumb" in terms of efficiently and are more likely to leave the car damaged but the victim safe, alerting him to foul play,

          4) are physical, peer to peer in nature: one attacker, one car. You

    • by joemck ( 809949 )

      Bluetooth (depending how they implement pairing), CD and synced Android device sound like viable attack vectors. None of them are instant remote control with no action by the owner, but they're all quite usable.

      Bluetooth: If it makes you enter a code displayed on the other device to pair, that's more secure. But if the car just displays something like "$DEVICENAME Do you want to pair with this device? [Yes] [No]", it's not really. Either someone will habitually click yes, or can be enticed to through carefu

    • Comment removed based on user account deletion
  • by RogueWarrior65 ( 678876 ) on Tuesday March 10, 2015 @08:47PM (#49230453)

    People would still want to know how it all works so they aren't stuck going to the dealer for service. So how do you reconcile the two?

    • DMCA. That's how the auto makers reconcile it. If you are not an "authorized" service center then any attempts to read or modify data on the bus, or add unauthorized equipment, will constitute "circumvention." I'm sure authorization can be had for small fee.
  • Where is the class action lawsuit against Microsoft for the shoddy design that has allowed innumerable hacks, data breaches and identity theft - not to mention billions of dollars and man-hours in lost productivity?

    If automakers built cars that were as easily hijacked as Windows, everyone would be driving with body guards.

  • 1. Segregate the parts of the computer with networked access from the portions of the car that actually involve driving. Brakes, acceleration, engine timing firmware, etc. All of that should be airgapped from the GPS OnStar stuff.

    2. Make the storage media that those systems use both physically accessible from the inside of the car AND compatible with conventional computer technology. The internal storage of these systems should be on an SD card or a USB 3.0 Flash drive or a little SSD hard drive. The point

  • If companies can be sued for selling an insecure product, I need to dump my Microsoft stock ASAP.
  • Seriously, I would rather see them sue the stores that continue to be cracked because they are running windows and outsourcing. Target; Home Depot; etc.
    If class actions were taken against these companies, then quickly, companies would spend the money and secure themselves. So would companies like these car makers.
  • I always suspected that automakers were amateurs. Real engineers use CMake.

There are never any bugs you haven't found yet.

Working...