Remote Exploit On a Production Chrysler To Be Presented At BlackHat 173
Matt_Bennett writes: A scary remote exploit is going to be published that enables someone connected to the the same wireless (mobile data) network
to take over many [automobile] systems, including braking. This is an exploit in Chrysler's Uconnect system. Charlie Miller and Chris Valasek also demonstrated exploits in 2013 that could be done via a direct connection to the system, but this is vastly expanded in scope. The pair convinced Wired writer Andy Greenberg to drive around near St. Louis while they picked apart the car's systems from 10 miles away, killing the radio controls before moving on to things like the transmission.
Valasek and Miller are assholes and should be asha (Score:5, Insightful)
As I felt with their first video [slashdot.org], these "security researchers" play with the steering on a car moving 40mph on a public road. Now they've gone and done this. Playing with the driving controls on a 2 ton vehicle moving at 70 mph on a busy road.
In this video they said "it wouldn't be anything life threatening" which shows that they don't have a clear view of reality in the situation. A seat belt won't
you have a 70mph head on collision with a semi. The driver wasn't informed beforehand that he could bail out of the test by restarting the car, they waiting
until he was panicing to try to tell him that.
What if they made a mistake and turned the car into oncoming traffic? What if their computers were remotely controlled?
Is the situation with car's vulnerabilities serious? Yes of course.
Will this video help to drive home the problem to the public? Maybe, but probably not.
Should they have done this demo on a public road? Absolutely not.
Bottom line, when you are doing a test where there is physical risk, you need to be in control of the environment and not putting the public in harms way.
This isn't your home computer and your email account. This is real life.
Re:Valasek and Miller are assholes and should be a (Score:5, Insightful)
Bravo gentlemen. The only way this will get the full and due attention of the media and the car companies is by demonstrating life-threatening risk in the UConnect system. If this were a track test, it would be dismissed by the car companies as contrived, and the media would rather talk about Trump. This will now assuredly end up on the front page unless killed by Chrysler via influence peddling. It's time digital security was a real concern when it comes to my family hurtling down the highway at 75mph in what can now be convincingly argued is a very real digital death trap.
Re: (Score:3)
I had looked awhile back at a new corvette and last I heard you could NOT get the fscking OnStar system out of the car....
So, wondering if this is another "feature" that isn't optional....
Why is it so hard to get a car without it being fucking connected to everything? I just want performance, and nice looks...I drive a car, I'm not trying to do a spreadsheet while driving for God's sake.
Re:Valasek and Miller are assholes and should be a (Score:5, Insightful)
Why is it so hard to get a car without it being fucking connected to everything?
Never mind that, why is it so hard to find fucking automotive engineers who have enough sense to keep the critical control buses and the frivolous entertainment/external communication buses separate and not connected to each other?
I don't know whether this is the result of bean counters doing the shit they do, or the hubris of engineers who think, "they won't hack MY system!", but whatever, auto makers need to give their heads a shake and get their shit together. The fact that the exploit outlined in the article is even possible, at all, is just criminal.
Re: (Score:2)
And you'll see it elsewhere too. Those people with an IP routed, internet connected home security system - do you think that's on a separate network from their computer, their internet connected TV, etc? It probably isn't, eith
Re: (Score:3)
Thanks - those are all good points. Except the 'underestimating the lengths' part. We have more than a decade's worth of news stories about people who have gone to great lengths to hack hardware and software - sometimes because they want additional features, sometimes out of malice, and sometimes just to prove a point. I figure by this time there's no excuse for underestimating what people will do. I think you hit the nail on the head when you suggested cost as the reason.
Re: (Score:2)
Nope. I do not.
At least not for me. Hmm...I was looking at the Vipers that do seem to have the Uconnect as standard package.
I'm wondering if you can disable this without killing functionality in the car?
Same question about onStar for a Corvette...can you kill it without killing the car, or, are these systems so integrated now that you can turn them off?
I wonder if you can at least kill the method it uses to "call home" at the very least..?
Re: (Score:2)
Yeah, I just found out about the Hellcats yesterday and have looked into them today. I like the Hellcat Challenger, not so much the Charger, looks too much like a regular family car.
But wow...707 HP bone stock....in the $63K price range that is *BANG* for the buck for sure....
I am trying to calculate how many tires per gallon it gets.
Unfortunately, it comes with this unsecure system to
Re:Valasek and Miller are assholes and should be a (Score:5, Insightful)
Disagree, in fact I'll probably shake their hands at DEFCON (assuming they're there again).
The fact that they demonstrated vulnerabilities and then showed automakers multiple ways how to avoid such things (#1 firewall or separate networks; #2 technology to detect and kill anomalous signals) and STILL the automakers shipped defective product...is the problem.
>> Will this video help to drive home the problem to the public?
No, but I'd expect a few class action lawsuits will get their attention. I've read a few attorneys' periodicals warming up trial lawyers for IoT product liability, and automakers and their big pockets are sure to be some of their first targets (I think I've seen one settlement already happen).
Re:Valasek and Miller are assholes and should be a (Score:5, Insightful)
I'm not really talking about automakers or the vulnerabilities of cars. I'm only saying that Valasek and Miller were irresponsible security researchers for conducting a dangerous test on public road. This is the kind of thing that will give all security research a bad name or at least bring it under heavy scrutiny.
Re: (Score:2, Insightful)
>> dangerous test on public road
I'd still rather have them do THIS when the systems aren't too popular than have some random swatter roll a minivan with 5 kids because he mistyped the IP address of the guy who just beat his speedrun. (Where "THIS" is a controlled test.)
Re:Valasek and Miller are assholes and should be a (Score:4, Insightful)
But anyone sane on the planet would rather have them sit a car in a large, private, open space and demonstrate that they can control all of the controls without endangering anyone's life, especially people who didn't sign up to have their life endangered and were just driving down a public road.
Re:Valasek and Miller are assholes and should be a (Score:5, Insightful)
You can't quantify the level of risk by losing control of a vehicle, because you don't have the data. Neither do they. But there IS a level of risk by simply being on a public road with other cars, and that risk DOES rise with distractions, let alone malfunctions affecting braking, acceleration, or steering. Moreover, they were trying to demonstrate how dangerous the hack can be, so on the one hand, they're implicitly admitting that they put the author and the public at risk, but on the other side of their mouth, they're trying to say there was nothing life-threatening? Sorry, I don't buy it. That was willful negligence. It was irresponsible and reckless, and the "only way to get attention" argument doesn't stick when you fail to escalate in a responsible and methodical manner and skip right to the nuclear option. That was the problem with Snowden, and that's the problem with these characters.
Re: (Score:2)
The "nuclear option would have been to disable the brakes. They didn't do that on the highway. They can only mess with the steering in reverse. Do you claim the jeep was reversing down the highway or would you like to retract that one?
They DID mess with the brakes at low speed NOT on a public road (picture looked like the edge of a parking lot).
Re: (Score:2)
StikyPad made a good point. Doing the test on public roads did nothing to reinforce the actual issue.
As far as I know this whole may just be a montage to get a few more views but it does make them look irresponsible.
Re: (Score:2)
So, given the steering and brakes were NOT messed with, what part do you find so wildly dangerous?
Re: (Score:2)
Did you watch the video?
Within the first 2 minutes I can see the following two things I consider dangerous:
- They reduced his visibility by activating the wipers and windshield washer
- They cut off the engine while he's on a busy highway
Here's a sample of what happens when you stop on the highway:
http://www.citynews.ca/2007/12... [citynews.ca]
Just recently there was an emergency vehicle with lights on that was hit while on the shoulder.
Re: (Score:2)
People voluntarily wash their windshield while driving all the time. They also drive in the rain, even heavy rain.
People's cars stall on the highway all the time. At no point was he in the situation your link talks about. Even if he had been on the shoulder, that too happens all the time and rarely leads to a problem.
Re: (Score:3)
People voluntarily wash their windshield while driving all the time. They also drive in the rain, even heavy rain.
And they know its going to happen because they either initiate the action or anticipate it. In this case he didn't know it was going to happen.
People's cars stall on the highway all the time. At no point was he in the situation your link talks about. Even if he had been on the shoulder, that too happens all the time and rarely leads to a problem.
Would you say it's dangerous to have your car stall on the highway? The answer is yes.
So why would you intentionally put yourself or someone else in that position of danger?
Usually people like putting the odds of survival on their side. Test environments are there so we don't have to create unneeded danger.
Re: (Score:2)
Would you say it's dangerous to have your car stall on the highway? The answer is yes.
Quit trying to stuff words in my mouth. The answer is "not really".
So why would you intentionally put yourself or someone else in that position of danger?
Ask the author of TFA, he wasn't a random victim, he knew what they could do and that they would do it during his drive. He freely chose to drive the car for a demo. That includes washing the windshield and putting the transmission in neutral.
Re: (Score:2)
Quit trying to stuff words in my mouth. The answer is "not really".
So 1.8% of interstate accidents in Kentucky involved a stalled vehicle.
http://uknowledge.uky.edu/ktc_... [uky.edu]
The link is old but it makes the point.
If you don't live close to a busy highway I can understand why you don't understand the danger of stalling on the road while cars are passing you at 75 MPH
Ask the author of TFA, he wasn't a random victim
Who said random? The blame is on all of them. There's a reason testing is done on isolated tracks.
Re: (Score:2)
So, 1.8% of an unlikely thing involves stalled cars on the side of the road. But he wasn't on the side of the road.
As someone who drives on the interstate, I frequently see cars on the side long enough to be tagged for impound with no evidence of being hit. I have never seen a car that was hit on the side of the road though I have heard of it.
There are dumb things you can do on the side of the road that can lead to fatalities like changing a tire with your butt sticking out into traffic, but that wasn't an
Re: (Score:3)
First, the nuclear option is a real-world test with unknowing participants -- the other drivers on the road -- which they did. A parking lot would have worked just as well.
Second, they disabled the transmission. Aside from the fact that acceleration is sometimes necessary to avoid accidents, any significant slowdown below normal speeds on a freeway increases the risk of a collision. Keep in mind that he had music blaring full blast and windshield wipers and fluid obscuring his view at the same time, and
Re: (Score:2)
Like I said, cars stall on the highway all the time. Then they are freewheeling AND they lose power steering and brakes. People use the windshield washer all the time while in motion.
For real fun, try having your heater core burst at night while at speed. Still manageable.
Re: (Score:2)
Don't worry, when you grow up you'll understand the nuances of what I wrote and it will all become clear to you.
Re: (Score:3)
Straw man. There's no reason these exploits couldn't have been executed in a parking lot (where, in fact, the rest of the test was performed). They would hold the same impact without endangering the public.
This is the same reasons that dangerous medical research is performed in negative room pressure clean-rooms and vehicle safety crash tests are performed in controlled environments and not with vehicles on the interstate. You don't expose uninformed, uninvolved, and non-consenting members of the public whe
Re: (Score:2)
The vehicle was put into neutral. How is this any different than the loss of control of....running out of gas? Had this happen to me a couple weeks ago. I managed to merge from the left lane to an exit and eventually on the shoulder without rolling any vans.
If you are unable to deal with an issue such as this happening, you really shouldn't be a driver as this is a common enough occurrence that they teach you how to deal with it in drivers ed along with what do do when your gas pedal is stuck or breaks f
Re: (Score:2)
And what if the random swatter T-boned you in your car?
Sorry, public roads are not for "testing". There's a reason why car ads all say "Professional drivers on a closed road" - because you can seriously injure someone else.
Hell, these security researchers not only put thems
Re:Valasek and Miller are assholes and should be a (Score:5, Insightful)
You know, doing it in a real world setting and demonstrating it is a hell of a lot better than continuing to believe the lie these companies have done an adequate job at security.
And, once again, we see that consumer electronics are almost completely incompetent at any semblance of security.
Which is pretty damned unbelievable if you ask me.
In fact, it sounds like some pretty epic incompetence at security, and reaffirms that corporations need to be held to MUCH higher standards of liability with all of their computers, instead of just saying "oops, we didn't know".
Re: (Score:2)
"You know, doing it in a real world setting and demonstrating it is a hell of a lot better than continuing to believe the lie these companies have done an adequate job at security."
No, it isn't, and that's a false choice. It is analogous to shooting a gun in crowded room, observing no one was hit, and then claiming it is a good way to show the police are not doing an adequate job of security. You'd better hope they don't pull this stunt again and cause the car's driver to lose control and wipe out half of y
Re:Valasek and Miller are assholes and should be a (Score:5, Insightful)
You know, doing it in a real world setting and demonstrating it is a hell of a lot better than continuing to believe the lie these companies have done an adequate job at security.
Not if it goes wrong and completely innocent third parties pay the price, it's not.
I am struggling to believe that any rational and normally adjusted person would not see the deep ethical problems with the way this experiment seems to have been conducted, yet there are apparently multiple people in this thread defending it.
Auto technology is certainly an area that needs a lot more attention and probably heavyweight regulation and laws with real teeth to prevent profits taking priority over safety and privacy. But this isn't the way you do it. In fact, this is the way you get the grown-ups to treat you with contempt and want nothing to do with your research, lest they become contaminated by your methods themselves.
Re: (Score:2)
They did not ship a defective unit. The unit was shipped worked fine. The problem was it was exploitable, which is not a defect, it is a lack of foresight.
Any sufficient level of incompetence is indistinguishable from malice.
Re: (Score:3)
So you're saying it had a defect (the ability to exploit it), but it wasn't defective?
In general, companies don't tend to know about significant defects when they actually ship the item. That doesn't mean that they're not defects.
Re: (Score:2)
No, he is saying it is NOT A DEFECT. The cars are not designed to stop criminal actions. Is it a 'defect' that the windows can be 'exploited' by not being bullet-proof? Is it a defect that the body is not armored? Is it a defect that brake lines can be cut? Is it a defect that the car can be towed away by a criminal?
Re: (Score:3)
Mine has locks.
Re: (Score:2)
The locks are a convenience feature and not actual security.
Re: (Score:2)
The locks are a convenience feature and not actual security.
This is Not true at all, the government has laws on vehicle security, intended to slow the rate of auto theft.
Automobile locks in the US MUST be certified their security.
See: "The Anti-Car Theft Act of 1992", "The Anti-Car Theft Improvements Act of 1996"
Your insurance company would refuse to offer theft insurance on your car if it was easy to steal.
Re: (Score:2)
Because there's almost nothing under the sun that will keep out the most determined attacker by itself. Even gigantic safes, vault doors, etc, have a rating based on the number of man hours it's expected to take to breach them. The idea is that you want one that's long enough for the Police/SWAT/QRF to have arrived before the bad guys can breach it.
The locks on your car doors, alarms, etc are meant to deter and delay the casual intruder, and also to an exte
Re: (Score:2)
That depends entirely on whether the item was designed to withstand people attacking it.
A bomb shelter is defective if someone drops a bomb on it (at the designed distance and explosive power) and it collapses.
A skyscraper is defective if it was designed to withstand a plane impact and it does not.
A car is defective if it was designed to withstand people trying to hack it, and it doesn't.
A car's design is defective if it was not designed to withstand people trying to hack it.
Re: (Score:2)
A car is defective if it was designed to withstand people trying to hack it, and it doesn't.
I think what he's getting at is that the car wasn't designed to withstand people trying to hack it. i.e. security wasn't even a consideration in the design.
Re: (Score:2)
A car's design is defective if it was not designed to withstand people trying to hack it.
Why? Just because you said so? Since when it is a manufacturers responsibility to protect against criminal actions involving his product?
Re: (Score:2)
Why? Just because you said so? Since when it is a manufacturers responsibility to protect against criminal actions involving his product?
Crashing your vehicle into another is a violation of the traffic laws, and yet our automakers spend billions and billions of dollars to protect their customers from these criminal actions.
Re: (Score:2)
Re: (Score:2)
Why? Just because you said so?
No, because people are obviously going to die.
Since when it is a manufacturers responsibility to protect against criminal actions involving his product?
Since the manufacturer was making a machine capable of causing serious injury or death and was well aware of the potential risks. At that point, as with any other legal concept of a duty of care, playing the innocent third party doesn't always cut it. I have no problem with passing regulations or laws to reflect that, because otherwise people are obviously going to die.
Even if the manufacturers get to keep their ability to wash their hands of it legally speaking
Re: (Score:2)
That is what is known as a design defect.
Re:Valasek and Miller are assholes and should be a (Score:4, Insightful)
From the nature of the exploits being described:
They put this system on the CAN-BUS, which is used to control engine and control systems. There is NO REASON for an entertainment system to be on this bus. On-Star has the same issues. If you want these devices to have functionality that is on the CAN-BUS, it should be duplicated outside the CAN-BUS. Security researchers have been trying to explain this to the car industry for 10 years (at least) now, and the car industry keeps being willfully ignorant of the security implications of what they are doing. This is far past defect, it is more like intentionally dangerous and possibly malicious.
Re: (Score:2)
There is NO REASON for an entertainment system to be on this bus.
My car has precisely one display on the dashboard, used to display all information, from radio frequency to fluid levels to outside temperature. I like having all of this information on one display. The only way to accomplish this is to have the entertainment system connected to the car's bus.
Re: (Score:2)
None of those items are required to be on the CAN-bus. However, if they are CAN-bus sensors, there is no requirement for them to be on the same bus that controls the engine/steering/transmission/brakes/accelerator.
https://en.wikipedia.org/wiki/... [wikipedia.org]
This is an operational communications bus used for the engine to comunicate to the computer. There are already several buses in a car, so it isn't like this hasn't been done before. There are also one way communications firewalls like the AC above me suggested c
Re:Valasek and Miller are assholes and should be a (Score:4, Insightful)
These articles often are vague on the implementation requirements to achieve the exploit. That matters, IMHO.
With that said, standard control architecture practices should keep the key controls like steering, braking, acceleration, etc separate from the data monitoring and other systems, and where you can't separate entirely there are methods to manage that as well.
Re:Valasek and Miller are assholes and should be a (Score:4, Informative)
It's a perfect example of why encryption back doors are a fools errand. I'm sure it would be nice to stop a criminal who stole your car by turning off the engine...but that opens up the ability to remotely turn off the engine that could be used by anyone gaining the appropriate access. You can't make remote connections 'secure', only levels of security that come with risks.
Re: (Score:2)
Re: (Score:2)
Obviously the former is much easier to close, but since the 'fix' is a USB delivered patch me thinks they are directly connecting to the vehicle.
Re: (Score:2)
I guess I'll have to watch the vid, but cant' at work...., will be interesting to see how they knew the address of that particular car......did they find that specific car via owner account/name after hacking Uconnect?
Re:Valasek and Miller are assholes and should be a (Score:4, Informative)
Re: (Score:2)
the video even explains that the first time these guys did this to his car (years ago) they did need physical access - they were in the car with him while they did the hack. They use that point to explicitly note that this time they were miles away.
Re: (Score:3)
"STILL the automakers shipped defective product...is the problem."
Chrysler has been doing this for years. Perfect example is the head-gasket on the Neon. They produced an upgrade repair but NEVER upgraded the product.
Re: (Score:2)
The fact that they demonstrated vulnerabilities and then showed automakers multiple ways how to avoid such things (#1 firewall or separate networks; #2 technology to detect and kill anomalous signals)
Or, I don't know, how about not hooking up the car's controls to any network at all? Why is that even a thing?
Re: (Score:2)
Or, I don't know, how about not hooking up the car's controls to any network at all? Why is that even a thing?
The brake lights work better when they are connected to the network of wires that connects the front end of the car to the back end of the car.
Re: (Score:2)
As I felt with their first video [slashdot.org], these "security researchers" play with the steering on a car moving 40mph on a public road. Now they've gone and done this. Playing with the driving controls on a 2 ton vehicle moving at 70 mph on a busy road.
Excellant points. They could have made just as powerful a statement in a safe environment instead of running a test on an open road where they would endanger the driver and others if something went wrong. Expecting someone "not to panic" when they find themselves slowing down with no escape route and a semi on their tail is stupid at best and criminal at worst.
They had the ear of some powerful Senators. You want to get things done? Find a safe place to show what you can do, such as a parking lot where the o
Re: (Score:3)
Re: (Score:2)
to be fair, the "10 miles away" is arbitrary.
"anyone who knows the carâ(TM)s IP address gain access from anywhere in the country. âoeFrom an attackerâ(TM)s perspective, itâ(TM)s a super nice vulnerability,â Miller says."
though, I have to ask, why the car has a public facing IP in the first place? sounds like waste of ip. I assume it's provided cellular provider, which would make most of them sit behind.
still pretty shitty design though.
Fix It Again Tony (Score:2)
Re: (Score:2)
The last full-mechanical car which is vaguely recognizable as "modern" (it featured many firsts we now take for granted) is the Mercedes W126, e.g. 300SE, 300SD, 420SEL... The gassers get pretty poor mileage, though. The diesel will actually continue to operate (in spite of the automatic transmission — which is cable-controlled, and lacks a lockup TC, but does have OD in fourth) if the electrical system goes away completely. It can also be pull-started, in spite of the automatic. Push-starting, howeve
Re:Fix It Again Tony (Score:5, Informative)
I've taken all the sub-systems out of a 2005 Subaru WRX to build another car from the bits. Although there are a lot of electronic modules, very few of them are connected to each other. The cruise control, airbag, ABS, climate control, heating, entertainment, lighting, and engine control systems are all completely independent from one another. I can 100% guarantee that a compromise in any one of the systems cannot be used to control any of the others on this car.
My experience tells me that it's mostly cars from the past five years or so that are vulnerable to this type of exploit. Anything pre-CANbus has pretty much zero chance of having complex interconnections. Even most early CANbus cars only use the bus for mundane stuff like sending speedo and tach signals to multiple systems. It's a pretty recent trend to start adding things like door locks and brakes to the main bus.
Re: (Score:3)
You do realize that the earliest iterations of the CAN bus date back to the late 1980s [wikipedia.org], it has been in the majority of US-market vehicles for more than a decade [auterraweb.com], and by 2008 was a legal requirement in mass-market vehicles [canbuskit.com], right?
A heck of a lot more than just the last five years of vehicles use the CAN
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Fuck. You understand they have made cars in Detroit for generations, yes?
I understand they built a bunch of shitpiles there from about 1973 until... well, they're still building mostly shitpiles, although ironically Ford seems to have a few cars which are built OK. Most of them were designed for Europe. Notably, that 240Z I mentioned would beat the Corvette for half the money, and it was at least twice as reliable. Don't even get me started on how much better-designed in every way the W126 Mercedes is than anything ever produced in the USA. I have plenty of bad things to say abo
Re: (Score:3)
240Z beat a vette? You are on drugs.
Perhaps if you put a mouse (American engine, same as in most corvettes) in the Z it would be competitive. But the vette chassis will hold easily twice the power and you are basically talking about putting a vette drivetrain into Z car.
I owned a 280Z back in the day, they are fun cars, but not even in the vettes class.
We know you love your old benz, you'd have to get a caprice classic to get similar numbers from an American car.
Twice as reliable? Tell me that afte
Re: (Score:2)
Re: (Score:2)
As much as I want to lay the blame for this on it being a Chrysler, now Fiat, product it seems that all auto makers are making a mad rush to have these hyper connected cars. My current car has features I couldn't care less about but is still mostly mechanical linkages and not drive by wire
Drive by wire is not inherently bad. A lot of very good cars have DBW now.
The problem is that drive control systems are being connected to entertainment and communications systems that have links to the outside world.
There should be an air gap or at the very least a one way connection (as in the Tx pairs physically cut) between systems that have access to drive/engine controls and systems that have connections to the outside world. Sadly this wont happen until someone actually dies because of it (and
Re: (Score:2)
They rated cars on various factors that they thought would predict vulnerability to hacking. The Jeep they hacked rated highest, IIRC, but right up there with it were the Escalade and a Lexus sedan. It's an industry-wide problem. Actually, it's worse than that. These things are really baby SCADA systems, and SCADA security is pretty crappy in all industries.
Nobody Pays attention. (Score:4, Insightful)
I point you to Admiral Adama of (Battlestar Gallactica) wise words ... "Do not network the ships computers"
Re: (Score:2)
They had Baltar working for them, and I don't blame him. Who wouldn't give up secrets to Six?
the future of car accidents (Score:2)
i was hoping car accidents in the future would be much more interesting. [youtube.com]
Comment removed (Score:5, Insightful)
This doesn't surprise me One bit... (Score:4, Interesting)
The Uconnect system is one buggy piece of software. Most of my interactions with the system is working around bugs. It updates without you knowing about it in the middle of the night over the Satellite system. It is very order dependent on things working correctly (even though running an automobile isn't that order dependent. The fact that there are remote issues doesn't surprise me all that much. I had a day where the tire system when bonkers and was reporting all sorts of surprising things. Then it stopped. I have had the car not start in a particular order. I have accidentally had the car started and instead of turning off, grind the starter. And because it is all software driven, there is nothing to do but wait. It is also tied into the Media system and bluetooth where I have a lot of interactions that just do not seem to work all that well. But I have been well trained on how to get it to work, until the fix a bug or add a new one, and my workflows have to change.
Re: (Score:2)
I hope you did not buy the vehicle that you are having problems with. If so, I would seriously looking at returning it for a full refund as defective merchandise.
I am guessing all new cars are off the list now. GM has OnStar, Ford has shit that remembers where you drive, and Chrysler has buggy, remotely exploitable software. All of them have stuff that let's someone else control your vehicle.
What the fuck? Who would buy something like that? Perhaps the consumer just does not know...
Just patch your car .... (Score:2)
Not an issue, just patch it... It doesn't take that long, nor is it that hard...
On July 16, owners of vehicles with the Uconnect feature were notified of the patch in a post on Chrysler’s website that didn’t offer any details or acknowledge Miller and Valasek’s research. “[Fiat Chrysler Automobiles] has a program in place to continuously test vehicles systems to identify vulnerabilities and develop solutions,” reads a statement a Chrysler spokesperson sent to WIRED. “FCA is committed to providing customers with the latest software updates to secure vehicles against any potential vulnerability.”
You can be sure any new vehicles will have the fix too.... Nothing to see here, move along...
Re: (Score:2)
Just patch your car
Maybe in this case it's feasible. My Mazda3 cannot be customer patched and the dealership hates to do it because it takes two hours to do, but the factory only pays them for an hour of labor. I have zero trust that the auto industry will figure out patch rollouts in the near future. Also, even if they get patching right, it will just put them in the same shape that computers are now - which is sad shape.
Re: (Score:2)
Sure, that worked so well for operating systems. And smartphones. After those had been patched once or twice there were no more exploits ever.
If your smartphone gets hacked it's annoying. You format it, install the security update, and hope it doesn't happen too often. If your brakes get hacked you've got a bit bigger problem.
Re: (Score:2)
Windows has been "patching" their security holes for 15+ years. Is Windows now secure? No!
FIAT ==
Fix
It
AGAIN,
Tony
Re: (Score:2)
Fucked
In
All
Things
My Fiat 850 sport is just a shell that sits on a Suzuki chassis with Toyota axles and a weak little mouse for power. The local Fiat club doesn't like me.
Don't allow remote-control, except... (Score:2)
If the "car" part of the car were completely disconnected from any "outside" communication, the problem would go away.
Now, there are times where allowing outside control of the car is useful, such as remote-start of the heating and A/C systems so the car isn't an icebox or oven when you get in, and (perhaps) a remote-slowdown or remote-prevent-engine-start command as part of an anti-theft-system, but if you are going to do this, you have to do it right and you have to assume that even if you do it right, so
Re: (Score:2)
If the "car" part of the car were completely disconnected from any "outside" communication
my car has an FM radio
can you break in through it?
Roughly, how did this happen? (Score:3)
I remember thinking in the 90s "no one would be stupid enough to put safety critical computer systems on a network at all..."
And, here we are.
If someone gave me a blank sheet of paper and asked me to sketch out the system for a car's braking controller, I'd slap down a CPLD or microcontroller, and have it use some locked firmware to read the various sensors and send out the control signals.
Oh, they want networking? I'd isolate or use the inherent properties of a CPLD/FPGA programmed in combinatorial logic style (you can program a CPLD/FPGA to act like a microcontroller instead which is vulnerable)
In combinatorial logic style, all the processing is through various gates, and is a boolean combination of flip flops and logic gates. So, say they want the ability to read(but not alter) the current state of the vehicle's brakes. A tiny communication processor (a low pin count PIC is one choice) would receive from the vehicle's CAN bus the command to give the vehicle's brake state. The communication processor would toggle high an outpin pin connected to an input pin on the microcontroller/CPLD that actually controls the brakes. That high pin state would mean that every few control loop cycles, the microcontroller/CPLD would blast out the current state on a serial output pin.
Note that there's no opportunity for a hacker who got into that communication processor to do any worse than toggle a pin on and off. No effect on the steering/braking.
Ok, maybe now we want to be able to change the "style" of steering and braking. So now there's a finite set of legal states that are stylistically desirable. That's when you'd isolate with the inherent property of an FPGA/CPLD state machine to not be capable of any other states BUT the states you defined. (there's no global memory and no stack, so nothing a hacker can do to affect the machine's behavior)
Re: (Score:2)
The answer is easy; no one who really cares about security was at the design table.
Also, custom circuits seems to be expensive in the auto industry. I recently had to replace a daytime running light controller on a car - it cost about $130. I opened up the old one and it was nothing but about 20 discrete through-hole components on a custom circuit board, mostly transistors and resistors. If you build everything on a programmable general purpose platform, you only pay the hardware costs once.
Re: (Score:2)
it cost about $130.
silly silly you, buying new parts to put in a used vehicle. It would have been $15 at a junkyard.
Why no radio kill switch? (Score:5, Insightful)
Re: (Score:2)
Re: (Score:3)
Sure, that'll work.. and you'll probably void your car's warranty in the process, and very possibly damage the transceiver(s) using that antenna, if/when they try to transmit and and blow the final amplifier transistor(s) out because there's no antenna. Having a hardwired switch that kills power to the transceiver(s) would be a more elegant and practical solution.
Unless, as is common with automotive electronics, the circuit board containing the transceiver(s) is potted in epoxy and nearly impossible to physically access in such a way as to successfully perform these modifications without destroying it.
When US car makers think about their car's electronic security, their focus is on preventing the owners from being able to repair or alter it themselves.
Strat
Re: (Score:3)
Why? (Score:3)
Re: (Score:2)
Why does a car have a wireless system, and why is this wireless system accessible from outside the car?
So that the manufacturer can access the car, collect data on where and how it's been driven, and sell that information to anyone willing to pay for it.
The idea of sending "data" to the car was an afterthought, when they realized it could be useful for things like disabling a car that's behind on the payments.
Note that both of these motives contain the string "pay". That's the hint you need to figure out the other intended uses. ;-)
Public IP address (Score:2)
I am not a security expert, but does it strike you as insane that a car apparently has a public IP address? Anyone whatsoever can just portscan your car and look for vulnerabilities. I just have no words.
Re: (Score:2)
it is equally shocking that corporations like amazon.com have public IP addresses, anyone whatsoever can portscan them and look for vulnerabilities.
Re: (Score:2)
Amazon.com provides public services over the Internet by design. It would be pointless for them not to, as the whole point of the company existing is to do so.
A car's purpose is to move its occupants from point A to point B. It has zero need to provide any public Internet services, so why the hell does it need to be publicly accessible over the Internet?
Re: (Score:3, Funny)
Re: (Score:2)
Well, the Viper is quite nice....
Re: (Score:2)
Uhhhh? Do you somehow think that making a function private in the source code means that it's impossible to jump to that location at runtime? That's really not how it works.