Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
Transportation Security

Unpatchable 'Flaw' Affects Most of Today's Modern Cars (bleepingcomputer.com) 40

Posted by msmash from the ahead-of-time dept.
Catalin Cimpanu, writing for BleepingComputer: A flaw buried deep in the hearts of all modern cars allows an attacker with local or even remote access to a vehicle to shut down various components, including safety systems such as airbags, brakes, parking sensors, and others. The vulnerability affects the CAN (Controller Area Network) protocol that's deployed in modern cars and used to manage communications between a vehicle's internal components. The flaw was discovered by a collaborative effort of Politecnico di Milano, Linklayer Labs, and Trend Micro's Forward-looking Threat Research (FTR) team. Researchers say this flaw is not a vulnerability in the classic meaning of the word. This is because the flaw is more of a CAN standard design choice that makes it unpatchable.

Unpatchable 'Flaw' Affects Most of Today's Modern Cars More | Reply

Unpatchable 'Flaw' Affects Most of Today's Modern Cars

Comments Filter:
  • So let me get this straight: If a component on the network starts sending out uncontrolled messaging that looks like a denial of service, or an out of control / perpetually errored state, the network corrects for this problem by disconnecting the component causing chaos. That sounds like the CAN network is doing exactly what it should be doing: maintaining the integrity of the shared network at the expense of disconnecting an infected or malfunctioning node. What am I missing?
  • Most vehicles have at least two CANs. A public one, that is accessed through the OBD port shown in TFA. They also have a "private" CAN. That network should be used for vital communications between modules, and the messages are largely proprietary.

  • My approach so far is to avoid buying cars that include communications. Eventually, though, even older used cars will have this crap.

    At that point, I'll have to disable the comms. Right now, that appears to be easy to do in almost every car (just locate and remove the antenna). Hopefully, that will get me through the rest of my car-driving years.

  • This exploit is too subtle. (Score:1)

    by Anonymous Coward

    If one has physical access, I think you will find it is also vulnerable to simple voltage injection, say 110v.

    This is easily created using capacitors when a wall outlet is inconvenient.

    Why knock out one device when you can kill the whole bus? Am I missing the point? Abs breaks won't work, just time the injection correctly.

  • It's so we can shut down your cars when you try to drive them into high security areas that are federally controlled.

    For exactly that reason.

  • Exploit requires access (Score:3)

    by klossner ( 733867 ) on Thursday August 17, 2017 @03:37PM (#55036275)
    To perform this DOS attack, you must have a device physically connected to the CAN bus. If an attacker has that kind of access to your car, a DOS attack is not your biggest problem. The attacker could just as easily pump 120 volts into the bus and fry every component. Or leave a time bomb on the driver's seat.

    • you must have a device physically connected to the CAN bus.

      Which *for now* means a laptop connected on the ODB port.

      But which could mean in the future hacking into some component of the car that is on the CAN bus it self (like the infotainment center, which needs to get information about fuel consumption and a few other stuff).
      Hack remotely (Bluetooth, some even support Wifi and 3G/4G) that component and then you get full access to the CAN bus.

      Expect *high range cars* to have two separate CAN bus and the infotainment only talking on the "public" CAN bus (and all

    • THIS!

      Seriously, if you have physical access to a vehicle to access the CAN Bus, you can cut a break line or otherwise mess with anything on the car. Safety systems, Security systems, entertainment systems, you name it. Physical access implies all the same risks as this CAN buss "vulnerability" and MORE.

      I'm not seeing the huge problem here, at least not for car owners.

  • okay (Score:3)

    by ArylAkamov ( 4036877 ) on Thursday August 17, 2017 @03:38PM (#55036279)

    This is nothing new, anyone who has developed a CAN device before knows this, no "shocking new research" needed. It was never designed to be secure, it was designed to be extremely resistant to noisy environments, and does a damn good job at it.
    tl;dr if you are a political target, get an older car without an electric throttle body and electric power steering bullshit.

    • if you are a political target, get an older car without an electric throttle body and electric power steering bullshit.

      Why only if you're a political target? This seems like wise advice for everybody.

  • From TFA:

    Special device needed to carry out local attacks
    The research team says that all it takes is a specially-crafted device that attackers have to connect to the car's CAN bus through local open ports.

    So, to be clear, a specially-crafted device, connected directly to an open local port.

    "The only current recommendation for protecting against this exploit is to limit access to input ports (specifically OBD-II) on automobiles," said ICS-CERT experts in an alert released last month.

    Um... So don't let strangers with car hacking gear ride along with you in your car -- or watch them *very* closely -- check.

    • Ah, I stand corrected. This isn't so bad, then.

      I will continue to avoid buying cars that have wireless communications facilities, though.

  • There is another approach. CAN traffic happens over a differential pair. I have a specially-constructed device that can jam CAN traffic. I call it a "paperclip." I bend it and plug it into both data lines on the OBD port and the network is dead.

    We need to ban these dangerous hacking paperclips.

  • I dont see any problem with this as long as the CAN bus is not accessible from the outside.
    I can also create an DoS attack on my PC if I short pins on the motherboard.
    You don't need an arduino to get CAN nodes to get into bus-off state, just short the two CAN bus signals together a couple of times.
    If you have physical access then you can also disable Airbags, and ABS brakes with a sidecutter.

    • Re: (Score:2)

      by harrkev ( 623093 )

      Well, you have found the problem: "not accessible from the outside."

      Car makers have jumped on the "smart everything" revolution, so they built devices into the cars that can bridge CAN with cell phone networks (On-Star, for example). If you own the On-Star, you can do pretty much whatever you want.

      The problem is not with CAN, however. The problem is with the typical crappy security between things that bridge CAN to other data sources.

      The one thing to remember about CAN is that it is a SHARED BUS. There i

  • Most of us would just dismiss it as some hype, because it requires physical access to the cars.

    But plenty of people have access to cars of family members and friends. More than 75% of the homicide victims know their perps. Stranger on stranger murder rate is less than 25%. [quora.com]

    So one could sabotage a car of a family member in a manner very difficult to detect using a device plugged into the network, targets the brake system once the car speed is above 75 mph. An average dumb criminal, (all criminals are du

  • So glad I did not go for the remote network accessibility option in my new car. Seemed like such a bad idea; yep!

Slashdot Top Deals

How many Unix hacks does it take to change a light bulb? Let's see, can you use a shell script for that or does it need a C program?

Close