Can Chinese-Made Buses Be Hacked? Norway Drove One Down a Mine To Find Out (msn.com) 52
An anonymous reader shares a report: This summer, Oslo's public-transport authority drove a Chinese electric bus deep into a decommissioned mine inside a nearby mountain to answer a question: Could it be hacked? Isolated by rock from digital interference, cybersecurity experts came back with a qualified yes: The bus could in theory be remotely disabled using the control system for the battery.
The revelation, presented at a recent public-transport conference, has spurred officials in Denmark and the U.K. to start their own investigations into Chinese vehicles. It has also fed into broader security concerns across Europe about the growing prevalence of Chinese-made equipment in the region's energy and telecommunications infrastructure.
The worry is the same for autos, solar panels and other connected devices: that mechanisms used for wirelessly delivering system updates could also be exploited by a hostile government or third-party hacker to compromise critical networks. [...] The Oslo transport authority, Ruter, said the bus's mobile-network connection via a Romanian SIM card gave manufacturer Yutong access to the control system for battery and power supply. Ruter said it is addressing the vulnerability by developing firewalls and delaying the signals sent to the vehicles, among other solutions.
The revelation, presented at a recent public-transport conference, has spurred officials in Denmark and the U.K. to start their own investigations into Chinese vehicles. It has also fed into broader security concerns across Europe about the growing prevalence of Chinese-made equipment in the region's energy and telecommunications infrastructure.
The worry is the same for autos, solar panels and other connected devices: that mechanisms used for wirelessly delivering system updates could also be exploited by a hostile government or third-party hacker to compromise critical networks. [...] The Oslo transport authority, Ruter, said the bus's mobile-network connection via a Romanian SIM card gave manufacturer Yutong access to the control system for battery and power supply. Ruter said it is addressing the vulnerability by developing firewalls and delaying the signals sent to the vehicles, among other solutions.
At lot of USA auto vendors also do OTA updates (Score:1, Flamebait)
Eg Tesla, and I am sorry to have to say it but with the current president anything seems to go at the drop of a whim. I would not buy a car made in the USA.
Re:At lot of USA auto vendors also do OTA updates (Score:4, Insightful)
Re: (Score:2, Insightful)
Why is Ukraine going with French and Swedish planes then...
They know best what an unreliable partner America is.
Re: (Score:2)
Why is Ukraine going with French and Swedish planes then...
It's called live fire testing. Europe is getting its turn now.
Re: At lot of USA auto vendors also do OTA updates (Score:2)
Re: (Score:1)
If my car catches on fire, I could not care less about what lead up to it. I'd just go buy another car.
Re: (Score:2, Troll)
So you don't care if the next car has the same flaw, and catches fire in your garage and burns down your house in the process? Even though that flaw could have been - possibly quite easily - identified and fixed if those logs had been available?
Or that the same thing might happen to your neighbor, whose burning house might also burn yours down? While you're in it?
Or that your insurance company might double or triple your rates because your car is designed to be unsafe? If they're cover it at all?
Or that the
Re: (Score:2)
Log availability is great. Automatic export to an untrusted party is not.
The NHTSA does its just just fine with vehicles that don't export their logs overseas.
Re: (Score:2)
So you don't care if the next car has the same flaw, and catches fire in your garage and burns down your house in the process?
No. Given the rarity of my catch catching on fire, which has not happened in 55 years, I'll take my chances.
Besides which, my car is almost 20 years old. I couldn't go out and buy a new one like it no matter how much I wanted to.
Even though that flaw could have been - possibly quite easily - identified and fixed if those logs had been available?
Or that the same thing might happen to your neighbor, whose burning house might also burn yours down? While you're in it?
Or that your insurance company might double or triple your rates because your car is designed to be unsafe? If they're cover it at all?
Or that the guy who just rear ended you (and his car caught fire) might be uninsured for those reasons?
I'll bet you run with scissors, too.
Nope, don't care about any of that shit, for the reasons specified above.
I try not to worry about shit that is so rare, it virtually never happens.
Re: (Score:3)
Baking in call-home and automatic-update functionality is a disease that people are only starting to wake up to.
Re: (Score:2)
It was probably marketed as a feature when they bought the busses. "Remote monitoring and diagnostics", to help warn of any maintenance issues that may arise soon, so you can plan for the bus to be off the road for a while. GPS tacking so you know where you fleet is and can show expected arrival times at bus stops.
Presumably some European bus manufacturer saw that it was being out-competed, and started spreading a bit of FUD.
Re: (Score:2)
I do agree that it was probably marketed openly, and if the purchasers had been in communications with threat assessment guys, it never would have gone forward.
This is a common problem in large bureaucracies, and why Western countries are ripping hardware out that never should have been installed to begin with.
To be clear- I don't think the Chinese company in question is the bad guy. They're following regular business practices, here.
Re: (Score:3)
At least tea doesn't get OTA updates :)
Re: (Score:1)
I would not buy anything other than a Toyota or a Honda.
Not due to politics or concerns about hacking, but simply because I would t want to deal with anything else.
Re: (Score:2)
We've been putting shady spy shit into our "American made" products for 80 years, and famously caught doing it a few times too.
Switching off the battery... (Score:1)
...of a bus that had an accident to avoid people burning alive inside is bad now?
I'd hope that the fire department can do that with ANY vehicle.
Re: (Score:2)
But this isn't about the fire department, or the bus company, doing so. It's about the manufacturer - literally halfway around the world - doing so with zero information about the crash.
(And the fire department has their own way of cutting out the batter, that involves bolt cutters and clearly marked access points on the outside of the vehicle.)
Re:Switching off the battery... (Score:4, Insightful)
This has nothing to do with the fire department shutting down a vehicle in the event of a crash, which is an odd thing to even be concerned about.
Vehicles shut themselves down in the event of a crash, and have for many, many decades.
This applies to electrical vehicles as well.
If your method of shutting down the battery in the event of something catastrophic requires 2-way communications over a cellular modem, you've seriously lost the fucking plot.
Re: Switching off the battery... (Score:5, Funny)
Thank you for calling the 24/7 emergency battery cutout line. Your call is very important to us. We are experiencing unexpectedly high call rates at this time. You are number 8366538 in the queue. Please hold.
Re: (Score:2)
Re:Switching off the battery... (Score:5, Informative)
Most vehicles. They have a computer where they can look up where the battery disconnect cable is - it's a bright orange cable with sticker tags with the firefighter logo on it. The computer has documents from the manufacturers on where to cut into the car to cut this cable. Cutting this cable disables the battery. It's not actually carrying battery power - it's a low voltage line that powers the battery contactor inside the battery. Basically a loop of wire where the battery contactor signal goes through. Cut it and the contactor disconnects disabling the battery.
Re:Switching off the battery... (Score:4, Informative)
Opening the contactor will not stop the battery fire that is underway, and the contactor remaining closed improperly is unlikely since the battery is fail-safe (requires signal for contactor to close) so a situation where the vehicle is unable to disable the battery, but a fireman is is pretty hard to imagine.
Beyond that, it's also hard to imagine that anything that will cause a fire won't also trigger over-current protection.
I think this scenario is basically entirely contrived.
How dense can they be? (Score:2)
Re: (Score:2)
Yeah it's the classic not my problem syndrom.
"Look I'm amazing, I did it cheaper, where's my bonus, look at my resume as I leave to next company, look how awesome I was at previous company and saved them money....nO wAy! IT's all cheap and security risk because it's from china? I had no idea! Good thing I don't work there anymore!"
Re: (Score:2)
I will pause judgment until they conduct the same test on domestically made buses.
Re:How dense can they be? (Score:5, Insightful)
>"I will pause judgment until they conduct the same test on domestically made buses."
Most new vehicles have all kinds of spyware and remote control crap (mine certainly does). But, presumably, domestic ones are nowhere near as much of a threat than a foreign, potentially hostile nation-state.
Re: How dense can they be? (Score:2)
That is not what this story is about.
You have lost the plot.
This is about whether a hostile third party can affect a vehicle remotely because of manufacturer incompetence.
Re: (Score:2)
>"This is about whether a hostile third party can affect a vehicle remotely because of manufacturer incompetence."
Oh, well, both are important :)
I have often wondered if it is reasonable to just find the antenna(s) and put a keyswitch across it/them, so you have absolute control over when/if they can be accessed remotely at all.
Re: (Score:2)
It's not impossible, but the switch would be expensive. It's probably easier and just as effective just to shield them, and tie the shield to the chassis ground.
Another option would be to switch power to the radio chip, if it's in a package which makes that convenient. This might also disable bluetooth if you do it to the infotainment system, or cause a code to be set...
Re: (Score:2)
FTA:
The worry is the same for autos, solar panels and other connected devices: that mechanisms used for wirelessly delivering system updates could also be exploited by a hostile government or third-party hacker to compromise critical networks.
"Norway and Denmark alerted us to the existence of dual-use kill switches in Chinese-made electric buses. These switches allow China to switch off buses and bring chaos to transport systems,” British lawmaker Alicia Kearns warned during a debate this week on Chinese security risks.
Re: (Score:2)
It depends who you are. If you are the government, then obviously you don't consider yourself much of a threat, so the biggest risk is other nations accessing your vehicles.
If you are a citizen, the biggest threat is your own government. The Chinese government likely has little to no interest in you, but your own government certainly does.
Re: How dense can they be? (Score:1)
Have you ever thought that the USA may be considered a âoepotentially hostile nation-stateâ by other nation-states, besides China (and Russia and all the usual suspects)?
Re: (Score:2)
Sure. I would expect that each country would want to protect themselves from other countries.
Re: (Score:1)
I tend to agree with you. But, looking at it from another side: why must it be like this? As if I was your enemy, like you wanted to take something from me or whatever... It kinda sucks, right?
Re: (Score:2)
Sweden (and most of Europe) has more trust in their own government than those of us in the US. And certainly more trust in their own government than in any other government. And quite possibly more trust in a rabid dog playing fetch with a hand grenade with the pin pulled than in the Chinese government.
Re: (Score:2)
It's not like the Chinese are evil in doing this. All manufacturers of this shit are doing this now.
The problem arises when you consider the fact that China may, at some point, become an actual enemy of your country.
A domestic company is unlikely to become a credible threat to your country.
The concern is legitimate. No judgement needed.
Re: How dense can they be? (Score:2)
You can't really say "no" to really cheap stuff that is of acceptable quality, aka "good enough".
Re: How dense can they be? (Score:2)
Possibly a worse problem? (Score:4, Insightful)
Ruter said it is addressing the vulnerability by developing firewalls and delaying the signals sent to the vehicles, among other solutions.
It wouldn't surprise me to learn that there's some programming equivalent to a dead-man switch that disables vehicles - and perhaps other electronic devices - if they haven't successfully 'phoned home' within a programmed time.
After all, if you're going to the trouble of designing and installing remote-kill capabilities - for all kinds of possible motives - it would be very short-sighted to NOT disable the equipment if it fails to contact the mothership within a specified period. The tricky part is making it look like a mundane failure rather than a 'Trojan horseless', so to speak...
Re: (Score:2)
This is why governments need to demand the full source code for all computers in any vehicles they buy, along with a build environment that can demonstrably build a working version of the object code from source, and the ability to install the object code themselves.
Anything less is utterly unacceptable from a national security point of view.
you did not buy the extended warranty so we are go (Score:2)
you did not buy the extended warranty so we are going to kill your car at the 4 year mark!
cellular modem (Score:2)
"the bus’s mobile-network connection via a Romanian SIM card gave manufacturer Yutong access to the control system for battery and power supply", I don't know why they had to drive it into a mine to find this out.
Obviously the buses are equipped with a cellular modem, probably encased in a box that's hard to get into. I've got cellular modem capability on the devices I make and they can reach my servers from anywhere just fine, no different from the cellphone in your pocket. It isn't expensive and it
pop quiz hot shot I have an software bomb on a bus (Score:2)
pop quiz hot shot I have an software bomb on a bus what do you do what do you do?
Re: (Score:2)
What you don't do: slow down
The Next Open Source Frontier (Score:4, Interesting)
This sort of thing isn't just a problem with Chinese vehicles. It's a problem with all new cars. They are all thoroughly wired up with locked-down, proprietary computer systems that monitor your every move and provide this data to the manufacturer, your insurance company, and any government agency that is interested. They allow your engine to be throttled or shut down completely by a remote operator. They allow the manufacturer to disable heated seats or other features in your car if you stop paying subscription fees. We need to provide an open-source car operating system that will allow car owners to control who is monitoring them, as well as allowing them to operate and repair the cars they own and not be captured by proprietary repair policies from vendors.
Utter BS (Score:2)
Bullshit alarmism (Score:2)