Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Software Transportation

FBI Warns That Car Hacking Is a Real Risk (wired.com) 129

An anonymous reader writes: The FBI and the U.S. National Highway Traffic Safety Administration are voicing their concerns about the potential risk of cars being hacked. In an advisory note, they urge the public to be aware of cyber-security threats revolving around connected vehicles. From the advisory, "Modern motor vehicles often include new connected vehicle technologies that aim to provide benefits such as added safety features, improved fuel economy, and greater overall convenience. Aftermarket devices are also providing consumers with new features to monitor the status of their vehicles. However, with this increased connectivity, it is important that consumers and manufacturers maintain awareness of potential cyber security threats." They are also advising drivers and manufacturers to ensure the vehicle software is up-to-date, and keeping an eye out for recalls.
This discussion has been archived. No new comments can be posted.

FBI Warns That Car Hacking Is a Real Risk

Comments Filter:
  • Is anyone compiling a list of new cars you can get without this crap in them?

    • With the level of regulation involved it is probably pretty close to being illegal to make a car without electronic control of everything.
    • Yeah, it's pretty simple: don't get a car with OnStar (I think there's a competing service out there like this from one of the other makers), and don't pair your Bluetooth phone to the car. Viola! Your car is now immune to hacking.

      If there's no way to actually communicate remotely with your car, then there's no way to hack it remotely.

      It would be nice if the system architectures in cars were open and all their interfaces publicly documented, so we could see what attack vectors are possible. A well-archit

      • I wouldn't be so sure about this... high line TPMS sensors can be commanded to report using a LF transmitter. This triggers the sensor to broadcast it's status, thereby allowing the capture of the sensor's serial number. Even low line sensors transmit every 5 to 10 minutes. With a little patience, one can copy and replay the TMPS sensor data... modify it to show low tire pressure and high temp, etc. and cause the console to show a tire flat condition. Admittedly a lame hack, but easy way to vex a partic

        • Not all cars have TPMS sensors. Mazdas don't; they use a cheaper method with the ABS system that just looks for differences in tire rotation rates over time. It's of course not as sensitive or convenient as the systems with sensors, but it's cheaper and you don't have to worry about batteries dying, tire shops screwing them up, having to buy a new set for your winter tires, etc.

          • by Gr8Apes ( 679165 )
            I would actually prefer anything other than a transmitting TPMS in the wheel. They are nothing but an annoyance, and don't even work properly on my car.
          • Mazda uses TPMS in models without ABS. My 6 and my friend's 3, both 2012 models, for example.
            • Two problems here:

              2012 was 5 years ago (model year wise). They don't make those cars any more.

              ABS has been standard in all cars since the 1990s. There's absolutely no possibility your 2012 cars don't have ABS, unless you're in some 3rd-world country where it's not required.

              • Funny, neither the 2000 Civic and Corolla the Mazda 6 replaced (we're a 1 car household now, no need for two, really) had ABS. The 99 corolla the 2000 corolla replace didn't, either; nor did the 91 Accord the 99 Corolla replaced. You might be right about the 2102 Mazda models having ABS, I'll be honest here and say I never really looked; but I do know they also use TPMS, as they don't complain if you replace the wheels such that the overall diameter is one or two inches larger or smaller, but they do compla
              • My 1999 Ford Mustang disagrees with your ABS assertion.
              • Think again. I owned a 2002 Jeep Liberty which did not have ABS, and it was obvious when you tried to stop when the road was wet.
        • by Aaden42 ( 198257 )

          All you need is a vulnerability in the TPMS parsing code, and you have an exploit of the module that houses it. Near 100% odds that module is on a CAN bus and could be your foothold into more destructive systems.

          As far as cars that “don’t have” TPMS, don’t be so sure that absense of the light on your dash means it’s not there. I’d be shocked if there aren’t at least some vendors that ship one system with a radio receiver integrated for all models. Program it to n

          • As far as cars that âoedonâ(TM)t haveâ TPMS,

            All cars sold in the US are *required* to have TPMS, and have for several years now.

            Not all cars have TPMS sensors inside the wheels; many cars use a passive system instead as I described earlier. The passive system is cheaper and simpler.

            It's very doubtful there'd be a radio receiver for a car with passive TPMS, because that model is going to have that same system in every market. Radio receivers cost money, and they're not going to spend money p

            • Don't forget about the most popular radio receiver in the car... the actual AM/FM head unit. FM broadcasts have a sub-channel for providing the name of the song, the name of the artist, etc. which is displayed on the infotainment system. One does wonder how secure that system is too. These systems are admittedly harder to compromise than say, the insurance industry's OBDII dongles, or the cellular data systems, but they are all there and all present a little opportunity to hack in. The funny thing is, j

      • Yeah, it's pretty simple: don't get a car with OnStar

        Can you even get a new GM vehicle w/o OnStar?

        (I think there's a competing service out there like this from one of the other makers),

        1. UConnect from Chrysler/Dodge/FIAT /Jeep & Ram
        2. Sync on Ford
        3. Assist on BMW
        4. Mercedes mbrace
        5. Toyota Safety Connect
        6. Honda Entune
        7. Nissan NissanConnect
        8. Hyundai BlueLink
        9. Etc. and so on

        I don't know how many of those currently ship models w/o this, but I imagine it won't be too long before you can't even by a vehicle that doesn't come with this.

        I don't know about the newest vehicles, but I have two GM cars from the early 2000's that came with OnStar. it was 2 or thr

        • How many of these systems actually have cellular modems? My Mazda doesn't; it relies on Bluetooth from your phone for any kind of remote data. I was under the impression that most automakers except GM were like this these days. That cellular connection is extra money just for the hardware (Bluetooth radios are cheaper), plus someone has to pay the cellular provider for the monthly data charge.

          • Perhaps your current Mazda doesn't. But they're rolling out Mazda Mobile Start [mazdamobilestart.com] From a quick look it allows you to lock/unlock your doors, start the car, get it's location, etc. from your mobile phone.
            • No Mazdas do. That system is available for my car, but if you look closely at the site you'll find this nugget:

              "MMS hardware must be purchased and installed in your vehicle."

              The car, from the factory, does not have a cellular radio for this system to work. So to get MMS, you have to purchase the system and have it installed, which obviously includes a cellular radio. And of course, you have to pay a yearly fee for it to keep working.

              Of course, there's no telling if it'll stay this way or if they'll forci

              • You still have a blue tooth radio, it's certainly safer, but there's still a receiver in your car. My guess is that at some point it'll be easier for them to install it at the factory on all cars. Or it'll become a government mandate. Actually I wouldn't be surprised if the insurance companies start giving a paltry discount for having it. At that point most auto manufacturers will.probably follow GM and just put it in everything.
      • by Anonymous Brave Guy ( 457657 ) on Friday March 18, 2016 @01:57PM (#51726139)

        Yeah, it's pretty simple: don't get a car with OnStar (I think there's a competing service out there like this from one of the other makers)

        I'm afraid your information is out of date there. Maybe it's different where you are, but if you look through the web site of almost any mid-range or high-end brand here in the UK, connectivity features are all the rage and pretty much everyone now has them.

        Audi has Audi Connect [audi.co.uk].

        BMW has various features including Teleservices and Emergency Call [bmw.co.uk].

        Volvo has Sensus [volvocars.com].

        Ford has Ford SYNC [ford.co.uk].

        And the list goes on. Some of these seem, at the moment, to be primarily about things like hooking in your phone, presumably so you can do exciting things like kill someone while distracted by your car awkwardly mispronouncing the e-mail you just received. A few, the Volvo Sensus for example, sound downright creepy to me in terms of auto-updating software in your vehicle without any user interaction.

        And if you think every major car manufacturer and every major car insurer isn't eyeing up the possibilities of phoning home with driver performance data whether you like it or not, I know a prince in Nigeria who has a really great offer that might interest you.

        • And if you think every major car manufacturer and every major car insurer isn't eyeing up the possibilities of phoning home with driver performance data whether you like it or not, I know a prince in Nigeria who has a really great offer that might interest you.

          Insurers, perhaps, but manufacturers, I'm not so sure. If they really wanted to, wouldn't they have done so by now? But not every carmaker has put a cellular modem in their vehicle yet. Perhaps the cost of the cellular service per-car isn't worth t

          • by KGIII ( 973947 )

            uConnect does have cellular - they're Dodge. You see it in the Ram, Charger, Jeep, etc...

            If you want something without it then go for a fleet vehicle. You can order them by going to the dealership, you don't need to buy them in bulk. I've never ordered any online and never noticed a way to order them online. You probably can.

            My suggestion is to find a nice, reasonable, older car and get it full restored and then maintain it properly. It's usually much nicer on the environment than the costs that go into mak

          • Insurers, perhaps, but manufacturers, I'm not so sure. If they really wanted to, wouldn't they have done so by now?

            Realistically, the two have to go in sync, because manufacturers with phone-home technology are only likely to directly profit from it once they have deals in place with insurers or other third parties.

            Perhaps the cost of the cellular service per-car isn't worth the data they'd get from it.

            That is extremely unlikely, particularly when high-end cars increasingly have built-in data connections for sat-nav and similar facilities and these features are slowly working their way down into the mainstream.

            Finally, you're already proven my point. The systems you list do not have any kind of data connection.

            Some do, some don't. Volvo cars with their Sensus scheme do, for example. As I said in my first po

      • by Aaden42 ( 198257 )

        Just because you didn’t pair with Bluetooth doesn’t mean there isn’t an attack against the BT stack. Anything with an antenna attached to anything with a processor can be fuzzed remotely. Best-worst case is you over run something and DoS it, causing “weird” stuff for the interface in the car. Worst-worst case is you 0wn it and have access to the CAN bus to do more.

      • ...would probably disagree with you, if his car didn't accelerate out of control and explode against a tree. CANBUS manipulation is also an option.
    • Is anyone compiling a list of new cars you can get without this crap in them?

      Yes, here it is:

      1.

      • by TheCarp ( 96830 )

        Suddenly.... having to replace your points occasionally or clean out a needle valve is looking quite attractive isn't it?

        • All of my cars were made in the '90s. They all have electronic fuel injection, but none of them has a transceiver (other than the AM/FM radio). No need to go back to carburetors, unless you really want to for other reasons.

          (And yes, I drive cars that old on purpose, because of this issue.)

          • My Mazda was made in 2015, and it has a bunch of receivers: AM, FM, XM (yuck), GPS, and precisely one transceiver: Bluetooth. If you don't pair it with your phone, it has no ability to connect to the outside world.

            • My Mazda was made in 2015, and it has a bunch of receivers: AM, FM, XM (yuck), GPS, and precisely one transceiver: Bluetooth.

              How sure are you of that?

              Even if you weren't neglecting the other obvious communications devices -- the ones to communicate with the tire-pressure monitoring system, the keyless entry / push-button start, etc -- I would have no confidence whatsoever that there wasn't a cellular modem hidden away somewhere, just waiting to be activated by a Stingray or something. Hell, even if they did

              • How sure are you of that?

                I'm 100% sure of it.

                Even if you weren't neglecting the other obvious communications devices -- the ones to communicate with the tire-pressure monitoring system,

                There's no such system in my car. It uses passive TPMS.

                the keyless entry / push-button start

                You have a point there, I did overlook that one. It does have keyless entry. However it's one-way: the car has no way to transmit back to the keyfob, it can only receive. You can't communicate with something over a one-way data li

          • by Aaden42 ( 198257 )

            Does your radio support metadata for song title etc. transmitted over FM? Lots of even older cars had the capability even if very few radio stations in the US transmit anything. Wouldn’t surprise me much if even some basic radios that don’t have screens to display the info are ultimately built on chips that include the decode capability & just never display it. Find an exploit in the parser for metadata, 0wn the radio. Is the radio on CAN bus? Good chance that it is. Next stop, the ant

            • I have three cars: a '90 Miata, a '96 Ranger (with an aftermarket radio that does not support metadata), and a '98 Beetle TDI. Only the Beetle has any chance of having a CAN bus, and I don't think it does because the early '98s actually used some leftovers from the VW MK3 platform instead of being proper MK4s. For example, my Beetle is one of the few that came without anti-lock brakes, and when I got a chip tune the tuner had to de-solder the memory to re-flash it instead of uploading the tune via the OBDII

              • by Aaden42 ( 198257 )

                My better half has an '01 VW Cabi (another MK3.5...). It's not standard CAN bus, but it does have a fair bit of integration between the various modules, all accessible through the OBD port. Radio is queryable (or was when it was still factory...), which suggests that attack against radio would be a starting point to the rest. The other "interesting" stuff like ABS, etc. shows up too. It's not as strongly integrated as the newer standard CAN bus V/A Group cars are, but still a lot of stuff that can talk to o

          • by TheCarp ( 96830 )

            I know, tbh even my most recent motorcycle had fuel injectors.

            Though, I do occasionally think there is some benefit to using technology I can reasonably disassemble and troubleshoot. I would rather not do it, but I feel more comfortable rebuilding a carb, though in truth fixing the new car is probably easier...nothing to rebuild, the equivalent job is done by parts that you would just junk and replace rather than clean or repair.

            • Another neat option for the paranoid would be a '70s or '80s Mercedes diesel. Those things had completely mechanical fuel injection and (obviously) no ignition system, so if you were willing to bump-start the car it could be used with no electrical system at all. Totally EMP-proof.

              • by TheCarp ( 96830 )

                Is it really even paranoia? Sure an EMP is very unusual but, we certainly have the ability to make them and there are some rare natural events that could cause similar disruptions; and forget EMP, far more mundane things can happen to remove one from easy access to the comforts we know and love today.

                There are a whole host of scenarios that, while each one is of very low probabiliy of happening on any given day....given a time horizen of a few decades, the probability of one of them happening gets pretty hi

    • Is anyone compiling a list of new cars you can get without this crap in them?

      Cars are expensive. It likely doesn't take all that many people to say "thanks anyway" and walk off the lot before the message is received.

      • Cars are expensive. It likely doesn't take all that many people to say "thanks anyway" and walk off the lot before the message is received.

        Until a major incident occurs, damn near everyone in the public will remain totally oblivious to this issue. I've brought it up in conversation with quite a few tech people I know and not one has thought about it at all, and most never knew it was an issue.

    • by I4ko ( 695382 )
      VW is selling completely restored and refurbished beetles from the 60's at very competitive low 20Ks. My next car will be one of these... or a dump truck or a mining truck (you know, the ones with tires 10 feet high).
      • VW is selling completely restored and refurbished beetles from the 60's at very competitive low 20Ks. My next car will be one of these... or a dump truck or a mining truck (you know, the ones with tires 10 feet high).

        Same pollution per mile in those options. Although I would likely go with the haul truck (that is was they are called), I wouldn't mind having a 5MW mobile generator on hand just in case.

    • by umStefa ( 583709 )

      There is! The car you are looking for is called a Used Car and as an added bonus it is significantly cheaper than any new car on the market! Even better is with the money you save you can not only purchase a full set of tools to maintain and repair the car, so you won't need to take it to an overpriced mechanic!

  • Seriously? (Score:5, Insightful)

    by chubs ( 2470996 ) on Friday March 18, 2016 @12:56PM (#51725477)
    The FBI is warning the public that it should take steps to protect itself from people breaking into computers? Isn't it in a legal battle with Apple because Apply is taking steps to protect consumers from people breaking into computers?
    • by tsa ( 15680 )

      Indeed. I was just going to post that phone hacking is also a Real Risk.

    • Yes and no. What the FBI wants is a way to do something to a phone to disable the "account lockout/erase phone" functionality on an iDevice so that they can just run password attempt after password attempt at the device and bruteforce their way in totally unhindered. The whole encryption debate has blown into something where most people think the FBI wants to stop encryption. The specific order to Apple only specifies that Apple should allow them the ability to bruteforce their way in after supply a special
      • by frnic ( 98517 )

        Agreed there is no way the Government can win, since if they outlaw encryption only criminals will have encryption. And Apple turning off encryption does NOTHING to help or hinder the government, since the bad guys would simply add thier own as you say. However, if they turn it off, then everyone else suffers since they have no security - which Apple currently provides. Not all of Apples several hundred million iPhone users are geeks. I would hazard a guess that most aren't.

      • The FBI is making it difficult for law-abiding citizens to rely on encryption for security yet doing absolutely nothing to stop criminals and "the terrorists" from doing so because, as you said, they can't. So why bother? Why endanger everyone else for zero gain?
      • by Aaden42 ( 198257 )

        I think the FBI is content with having a publicly known method (IE real courts, not FISA) that they can access devices of not-all-that-savy criminals via standard warrant procedures. I doubt there are many at FBI that believe they can actually stop a highly dedicated adversary from using off the shelf encryption to prevent access. They’re looking for a non-extralegal way to get the low hanging fruit.

        For everything else, it’s entirely plausible that NSA has a catalog of bootloader exploits for

    • by Sloppy ( 14984 )

      The FBI is warning the public that it should take steps to protect itself from people breaking into computers? Isn't it in a legal battle with Apple because Apply is taking steps to protect consumers from people breaking into computers?

      No.

      The FBI is in a legal battle with Apple, because back in 2013 Apple didn't try hard enough (in hindsight) to protect consumers from people breaking into the computer Apple was selling at the time. Thus it turns out that with some minor changes to its firmware, it'll be pra

      • by KGIII ( 973947 )

        They're not bruteforcing the crypto. Not really. They're bruteforcing the PIN. It's not really a semantics argument. At least not in my head. This just just attacking the implementation of the crypto and not the crypto itself. Make sense?

  • by Revarg ( 4035425 ) on Friday March 18, 2016 @12:58PM (#51725507)
    The FBI can't complain about security flaws while taking Apple to court to mandate broken security. It is disturbing that they can't see how broken their logic is.
    • That's because you don't understand their logic.

      Their logic is that what they want Apple to do is to put in a back door so they can get the data on anyone's iPhone. They simply don't believe that this back door could possibly be used by anyone else.

      It's just like those dumb TSA master keys.

    • by Sloppy ( 14984 )

      Some people speculate the FBI would like to mandate broken security. That's a believable speculation (and it got more believable after the president's "black boxes" comment); I am not going to say you're wrong.

      But if you're trying to imply the Farook iPhone 5C case is about mandating broken security, then you are definitely wrong. That particular phone already has broken security.

      (How do we know it's already broken? Because the FBI has identified a plan to bruteforce the crypto in a reasonable amount of tim

    • Be afraid. Be very afraid. Sincerely, the FBI.

      PS: We are here to protect you.

  • by invid ( 163714 ) on Friday March 18, 2016 @12:59PM (#51725529)
    From now on I'm only buying cars built in the 20th century.
    • Re:Classic Cars (Score:5, Interesting)

      by WheezyJoe ( 1168567 ) <fegg@excite.cCOFFEEom minus caffeine> on Friday March 18, 2016 @01:48PM (#51726057)

      I sympathize, but don't get in no accident. I remember my little rocket from '94, fun but no sun-roof, no power windows, no power locks, had to jury-rig a chirp-chirp alarm/kill-switch, no side-airbags, no anti-lock brakes. Fast, but it did NOT crash well.

      Not quite the suicide machine as my college car, a '72 Olds with NON-POWER DRUMS on ALL WHEELS (you had to stand on the pedal to stop hard... if it worked at all due to a flaky master cylinder), but still, by today's standards, even my '94 was a death trap.

      Now, we're going to see all cars with automatic braking in six years [computerworld.com]. More electronics, more complexity. But if it works, it will save lives. Shit, I used to think anti-lock brakes were too complex to mass-produce and work well, like I didn't want some jiggy contraption getting between me and my brakes. Sho' nuff, it's 2016 and they work great. They even got 'em on motorcycles [americanmotorcyclist.com].

      So, particularly if you got kids, you're way better off in a new car then taking your chances in some old bolt bucket. Maybe car hacks raise the risk of theft, but older cars are child's play to break into. Maybe some monster hack might tinker with your car while you're driving, and that would be bad, but I'll warrant the BEST ODDS of that happening to you are TINY compared to being T-boned by a drunk. So, you're WAY better off in a new car, hackable or no.

      • You do know that there were non shit cars available in the 90s. My last daily driver was a '97. Sun roof, power windows, power locks, leather seats, tire boiling power if you wanted it, alarm, side air bags, brakes that could put you through the windshield if you weren't belted it. Even in the '80s there were non shit cars, just mostly non american ones. Hell even my '85 528e had an air bag (first year available IIRC), power windows, power locks, 4 wheel disk, sun roof, power seats, power mirrors. That 528
        • by Nethead ( 1563 )

          I love my '98 Volvo V70 wagon. Most comfortable car I've ever had. I travel and rent a lot of the newer cars and none of them I'd want to have to spend +$30k to "upgrade." Yeah, the new Avalon is very nice, but not $30k nicer. Did I mention that I got the V70 for $1,800. It has traction control, ABS, power windows, 4 wheel disc, sun roof, and the nicest power leather seats.

          Even my 2001 Volvo S60 has side bags.

          • by Nethead ( 1563 )

            Oh, it has a fucking ashtray too!

            • Ashtray??? Fuckin' WORD!

              Kids today expect cupholders, but back in the day we had ashtrays! My '94 had back seats that no-one bigger than a tween would fit into, but they had a fuckin' ASHTRAY!

          • Even my 2001 Volvo S60 has side bags

            Side bags? How quaint? Why would you want airbags? The current Volvo S60 barely crash at all with collision avoidance systems, auto breaking on the highway, lane keeping technology, driver alertness detection, better automated highbeams, adaptive cruise control, queue assist to help you not screw up in stop / start traffic, cross traffic alert while reversing, and some other older features like traction control too.

            Point is, for every "good car" you can quote from 15 years ago, if you compare them to curren

    • From now on I'm only buying cars built in the 20th century.

      I've got a 93 Escort Wagon that I'd let go... for the right price.

      More seriously - I use this thing mainly for the few-mile trip between our house and the transit station. It's been pretty reliable, all things considered, and has saved us a ton of money (having to put $1000 or so into it every two or three years is nothing compared to most car payments). But we are looking at replacing it mainly because I don't particularly want my daughter driving a car without air bags or antilock brakes.

      • by KGIII ( 973947 )

        Dude, that car is your namesake. It's your moniker. You can't just let that go. That's against the rules. It either needs to be kept and treated accordingly, perhaps like a shrine or, alternatively, it needs to go out in spectacular fashion which may, or may not, cause injury, maiming, or death. Seriously, you can't just let that car go. No way... That'd be against some sort of rule. I don't know which rule but it's certainly a rule.

        At the very least, it needs to go in spectacular fashion. This can be as si

  • ...is to backdoor those bitches!
  • by Anonymous Coward

    Your friendly neighbourhood FBI agent.

  • The manufacturers should be forced to do something to make cars unhackable. And then to add a backdoor, so the FBI can get in, because else the terrorists win.
  • by Anonymous Coward

    Yeah, and next week the FBI will say they need to be able to remotely control/track our vehicles to be able to catch terrorists -> criminals -> tax evaders -> jaywalkers -> politically inconvenient people. It will be totally secure though, because only the FBI/Government will be able to do it, and it's completely legal because of 16th century English common law and they have secret court rulings we can't read to back them up.

  • Did you really need the FBI telling you this to know it's a problem?
  • That's what Volkswagen is trying to tell everyone, their cars emission control software has been hacked!!!
  • So Slashdot accepted this story, but they rejected my submission that "Car Hackers Warn That FBI Is A Serious Threat".
    • You say that like you're trying to make an Onion-style joke headline, but -- like the Onion often is -- it turns out to be more valid than you think.

      However, I'd say the bigger threat in that case [wired.com] is copyright law and DRM, rather than the FBI.

  • by Anonymous Coward

    promoted in the spirit of safety (which is laudable in an era of distracted driving, etc)... but, did anybody else see this as a way to mandate that law enforcement had a means of remotely/electronically disabling your vehicle?
    http://www.usatoday.com/story/money/cars/2016/03/17/automatic-emergency-braking-coming-all-cars-2022/81907516/

  • by nashv ( 1479253 ) on Friday March 18, 2016 @02:20PM (#51726307) Homepage

    The FBI would like to have the keycodes to open every car in America. It stands to reason that terrorists are using cars to get around their bombing/gunfight missions. To screen for potential terrorists, the FBI will now use the All Writs Act to force all car manufacturers to give the FBI the key to every car sold.

  • Back in 2012 or 2013 I was really annoyed when Verizon started blocking access to my favourite IRC servers, and they never did give me a satisfactory answer for why they were doing it. So I switched to Sprint. Within the past few months Sprint also started blocking IRC and it didn't make sense until I read the linked FBI announcement just now.

    "Before the researchers report was released, the cellular carrier for the affected vehicles blocked access to one specific port (TCP 6667) for the private IP addre
    • I still use IRC and no network I know of only uses that port. heck, a couple even run servers that will take connection on any port

  • by j2.718ff ( 2441884 ) on Friday March 18, 2016 @03:19PM (#51726749)

    The only thing that can protect you from a bad guy with backdoor access to your secured system is a good guy with backdoor access.

  • by Anonymous Coward

    Hey I know you are trying patch the security holes in your product but please, just for us (wink wink), add a security hole for us to get in...

  • by JustAnotherOldGuy ( 4145623 ) on Friday March 18, 2016 @03:54PM (#51727009) Journal

    Dear FBI,

    No shit.

    Signed,

    Everyone in the universe who's been paying attention

  • Wasn't this in the news over a year ago. I though by now everyone knew this... I guess not the US Gov...much like the fact that you can do things... good and sometimes bad with computers.. this must be a recent and frighting revelation for them.

  • by Larry Lightbulb ( 781175 ) on Friday March 18, 2016 @04:31PM (#51727249)
    Do any of the three letter organizations really want secure systems? Or just ones that look secure but really have enough holes so that they can monitor the use?
  • The whole reason a hacker can remotely disable your engine is because police asked for that capability and now hackers have it.
  • This is what happens when someone thinks it's a good idea to have real time connections of the internal workings of your Vehicles and appliances on the internet. How long has windows been out and they are still finding security flaws? How long has Linux and Unix been around, same thing? This OS's have been around for decades and we still have monthly patches on them. I kinda like older tech for my vehicles. I like carburetors and points and distributors, why because they are Simon simple and you can fi

We are each entitled to our own opinion, but no one is entitled to his own facts. -- Patrick Moynihan

Working...