(in fact I had a problem with my turbo seal blowing, and the engine oil drained into the intake, and the engine suffered a brief runaway condition (diesel). I figured that the solution to the WOT issue was simply to take the car out of gear. (I’d love to broaden my knowledge and find a career in the automotive industry working on communication networks and security but sadly it’s a fading market here in the UK) If I’m only a hobbyist grade hacker and I know all of this through tinkering around and a couple of hours research every month, what is a dedicated professional going to achieve? Even if you managed to turn the engine off, you’re still moving faster than when you started and most likely without power-assisted brakes, either way it’s a potentially fatal situation. You try to turn the ignition off, the dongle continues to spoof the presence by flooding the network with packets to say the key is still turned “on”. Wait for the vehicle to be at speed, as soon as the brake is applied it disables the brakes and aggressively accelerates the car. It would be frighteningly easy for a determined hacker to trigger the ABS system and simulate WOT (wide-open throttle) with a low profile OBD-II dongle surreptitiously installed onto the diagnostic port. Subsequently migrated into the GM CANBUS arena and it’s even more scary what you can do. It would constantly try to unlock the wheels and made braking useless. I’ve done a lot of work with late 90’s / early 00’s Mitsubishis using the old MUT-II / MUT-III protocols, you could effectively disable the brakes simply by logging the ABS system whilst the vehicle was in motion. (so it makes a dumb tool for assassination/murder – for the tinfoil hats out there). The only saving grace is that there’s probably no reliable way to wipe any leftover code or logging, so there would never be a guarantee that an attacker could erase evidence of a hack. Cell-to-ECU connectivity is just a really horrible idea. Remote keyless entry is a bad-enough backdoor. If I had a car with any kind of remote-assistance package, (even if it was a standard model that had the equipment only-enabled for the luxury model) – I would pop the panel and physically remove the f*cking antenna/receiver. On-Star has permitted manufacturers (and, presumably, law enforcement) to do remote unlocks, and engine disables for quite a while – maybe 10 years or longer? download whatever software you have cobbled together to do whatever, theoretically, do all-of-the-above hacks in response to a live cell-phone link, remotely, in real-time. send the proper handshakes and authentication, 3. Some recent models (2012 and later) are sporting packages in their On-Star system, that allow remote ECU firmware updates: 1. Posted in Transportation Hacks Tagged can-bus, defcon, prius Post navigation It certainly gives us an idea of what we’ll see in the next Bond film. The purpose of the work is to highlight areas where auto manufacturers need to tighten up security. Oh the pedal still moves, but the brake calipers don’t respond. Worst of all is the ability to disable the brakes while the vehicle is in motion. Other devilish tricks include yanking the steering wheel to one side by issuing a command telling the car to park itself when driving down the road. But things start to get interesting when they take that speed readout from 199 down to zero instantly, which has the effect of telling the car you’ve been in a crash (don’t worry, the airbags don’t fire). The hacks shown off start as seemingly innocent data tweaks, like misrepresenting your fuel level or displaying 199 mph on the speedometer while the car is standing still. We haven’t had this much fun looking at potentially deadly car hacking since Waterloo Labs decided to go surfing on an Olds. They gave a Forbes reporter a turn in the driver’s seat in order to show off. This one’s a treasure trove of CAN bus hacks that will scare the crap out of an unsuspecting driver - or worse. and are getting ready to present their findings, which were underwritten by DARPA, at this year’s Defcon.
0 Comments
Leave a Reply. |