Intel Team Takes On Car Hackers 153
nk497 writes "Intel has set up a team of McAfee researchers to protect computer systems in cars, hiring Barnaby Jack — the researcher who forced ATMs to spit out cash and cause medical pumps to release lethal doses of insulin. Bruce Snell, a McAfee executive who oversees his company's research on car security, said the car industry was concerned about the potential for cyber attacks because of the frightening repercussions. 'If your laptop crashes you'll have a bad day, but if your car crashes that could be life threatening,' he said. 'I don't think people need to panic now. But the future is really scary.' The move comes as Ford and other car makers start to invest in ways to keep car code secure."
Interesting readings (Score:4, Informative)
http://www.autosec.org/publications.html
Boy, does this have the potential for bad (Score:5, Insightful)
Don't like the government-mandated shutdown of your vehicle in certain areas (i.e. your self-driving car will refuse certain destinations)? We'll make sure you can't hack the nav system.
Re:Boy, does this have the potential for bad (Score:5, Interesting)
A more likely short-term motivation is that they want exclusive ability to sell expensive repairs and required-for-maintenance devices.
Re:Boy, does this have the potential for bad (Score:5, Informative)
Not to mention the ability to charge for different levels of performance using the same underlying hardware, kind of like ATI & Nvidia do, and Intel was planning to do with their value-priced CPUs.
Here's an easy way to tell whether they're doing it for "safety", or just to increase their own profits -- if they give copies of the security key to end users, their motives are probably good. If they won't even give the code to mechanics, and force field replacement of expensive parts that could be repaired if the mechanic had the code, then they're doing it for their own benefit. It's just like UEFI. If I have a copy of the key, it's awesome. If the only copy of my key is held by Microsoft or Sony, it's a shameless pwnage of my consumer rights whose physical and political defeat is a moral imperative.
Re:Boy, does this have the potential for bad (Score:5, Interesting)
Here's an easy way to tell whether they're doing it for "safety", or just to increase their own profits -- if they give copies of the security key to end users, their motives are probably good. If they won't even give the code to mechanics, and force field replacement of expensive parts that could be repaired if the mechanic had the code, then they're doing it for their own benefit.
Oh, they'll give it to the mechanic's, alright - that is, the one's who work for their dealership.
Cars have actually been going that way for years, in a shameless attempt to kill of independent shops and shadetree mechanics; the process goes like this:
- new model of Car X comes out
- new model requires a special tool for trivial adjustment, i.e. toe adjustment on the steering wheels
- manufacturer patents the tool, so only they can make/sell it
- manufacturer refuses to sell the tool to anyone other than one of their own branded shops
- customers are forced to take Car X to the manufacturer branded dealership to have trivial repair made, at more than double what it would cost for an independent shop to make the same repair
Source: One of my many trades (one, specifically, that I actually have an education in) is 'auto mechanic.')
Re:Boy, does this have the potential for bad (Score:5, Funny)
Re: (Score:3)
Not to mention the ability to charge for different levels of performance using the same underlying hardware, kind of like ATI & Nvidia do, and Intel was planning to do with their value-priced CPUs.
They already do this to an extent, it's called chip tuning [wikipedia.org], and it usually costs a couple hundred bucks for a high-performance shop to do it. Or you can buy a plug-in chip or your own programming device [sctflash.com], but these are pricey too.
How I miss the days of timing lights, carburetors, and cars that actually let you tinker with them on the weekend...
Re: (Score:2)
That's one reason, I'm currently looking to relive a bit of my childhood...and try to buy an older muscle car.
I'm currently looking at '74-'76 Trans Ams, 455cu 4-speed....something of an old school torque monster. Nothing much but an engine, and drive train to play with. And as long as you aren't trying to go back further and get a SD-455....the prices aren't that bad.
Re: (Score:2)
Don't like the government-mandated shutdown of your vehicle in certain areas (i.e. your self-driving car will refuse certain destinations)? We'll make sure you can't hack the nav system.
It's more like not letting the parameters being altered so as to run on water. One for BIG OIL.
the highway goes right though there maybe the GPS (Score:2)
the highway goes right though there maybe the GPS is off and showing me on a local road that I was on the main road next to it.
Re: (Score:2)
fine my cost is $40 hr + all parking fees + $0.55 a mile
Re: (Score:2)
No need for the mileage charge, if you don't show, they'll come give you a ride for free. If you still resist, they'll throw in a few days of free room and board.
Signed Code (Score:2)
Re: (Score:1, Funny)
That solution is too easy. They brought in McAfee researchers because they want a 30MB solution that will continuously scan the car software, causing unpredictable hiccups, pop ups, and all that good stuff.
Re: (Score:3)
McAfee, hmm? I even remember the good ol' days on Win98, when after installing McAfee the darn thing simply refused to boot.
Now you won't be able to turn on your engine, or what?
Well, one could argue that with WIn98, that was the appropriate response.
Re: (Score:2)
So long as they keep the "infotainment" systems off the vehicle bus everything should be fine. However, there are some nice things that can be done if these devices can talk to each other....
Distributed Processing (Score:2)
If they need to communicate at all (I would argue no), it should be in one direction only: control signals from the main processor outward, with nothing in the other direction except for hard-wired feedback such as "Yes, I am turned on." By that I mean: they should be separate hardware systems with their own specialized softw
Re: (Score:2)
That's the main thing. Devices that are irrelevant to essential system services, like sound systems, climate control, phone and WiFi, should be kept apart from the central processor.
If they need to communicate at all (I would argue no), it should be in one direction only: control signals from the main processor outward, with nothing in the other direction except for hard-wired feedback such as "Yes, I am turned on."
Seems more complicated in real life - my car has a very nice display in the dash, primarily for the nav system. But that is also where I check the oil, and the tire pressure, and change various settings. So the display and its associated controls are shared devices. To keep the isolation you want the interface between the devices has to be broader, increasing the attack surface, or you need to find room for a whole bunch of controls, instead of using the very nice display already in the vehicle.
Re: (Score:2)
" So the display and its associated controls are shared devices."
Fine. But it doesn't have to be part of essential systems control. It can share some inputs (oil pressure, etc.), but there is no reason to combine it all with the essential control of the vehicle (engine timing, abs, auto braking, etc. etc.)
There are very strong system design reasons to keep them separate. As mentioned before, those reasons include bugs and security vulnerabilities.
Re: (Score:2)
"To keep the isolation you want the interface between the devices has to be broader, increasing the attack surface, or you need to find room for a whole bunch of controls, instead of using the very nice display already in the vehicle."
That is not true at all. Sharing hardware inputs does NOT "increase the attack surface", and very nicely isolates the systems. You can still have control FROM your essential core system to the peripherals, just not in the other direction.
You can still have a "central control" for most of your car's systems, it just doesn't cross over to the core system that has to do with driving, engine control, and safety.
Yes, there is a bit of redundancy there, but not much.
Re: (Score:2)
You have a systems feedback bus, which contains information like "the headlights are on", "the stereo volume level is X", "the temperature control is set at 70 degrees", and "internal cabin temperature is 60 degrees", "current speed is 70 mph", etc.
These inputs can be shared by both your peripheral control system and your core "engine and driving" system... without combining the two.
How
Re: (Score:1)
Re: (Score:2)
Its almost as if you'd want a system that only ran signed code...
And only ran signed code that was verifiably resistant to unexpected or undesired behavior in the face of maliciously crafted input...
Just plain installing and running a malicious binary certainly is a handy; but the world is rotten with bad things being done, entirely with unintended features provided by officially installed legitimate programs that have taken a bite of malicious input...
Or you could.... (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Dear Moron:
Having a computer control the breaks reduces wear and tear and increases fuel mileage, as well as decreasing the chance that a driver will die in a car accident. This is but one example of how phenomenally clueless you are.
Re: (Score:2)
Re: (Score:2)
I highly doubt that you can even buy a car these days that doesn't contain dozens of microprocessors and microcontrollers exercising all sorts of software.
I actually think it would be cool if you could buy a decent car that didn't use this type of technology. A car where you could be reasonably sure that you couldn't be tracked or shut down by the government. Also, something that would remain largely functional or at least something that could be repaired with basic mechanical tools after an EMP event.
Cal
Re: (Score:3)
Call it the "Ford Paranoia" or the "Chevy Technophobe".
I find your ideas intriguing and would like to subscribe to your newsletter.
Re: (Score:1)
Uh huh... (Score:3, Insightful)
Sounds like the auto makers are getting tired of individuals being able to change their own cars engine/transmission settings, and or, do fixes that usually require paying the dealer.
Congress mandated an open set of engine/car diagnostic codes due to them not releasing service information some years back. Sounds like they're investigating the possibility of re-imposing something similar via "security" concerns.
"Think of the children that could be put at risk if $evil-auto-hacker isn't protected against!"
Re: (Score:2)
In truth, I was more ignoring that point. There's a legitimate concern that whenever you provide interfaces that can do powerful things on a system, they can almost by definition be abused.
Often though, locking down things in the name of security doesn't do a thorough job of protecting against real mischief. A half measure job won't prevent real attackers from getting in. But, it will often prevent anyone but "authorized" service personnel from doing anything. For an industry that makes a good bit off of th
And as per usual (Score:1)
want to get famous, or just for the lulz. Nothing has changed, this was a problem from the beginning,
signed code or not (that is a step in the right direction though IMO).
CAN is cool, but... (Score:5, Insightful)
I played with having a computer in my car for a few years and it is shocking what you can do once you have access to the CAN bus. I mean it's cool that I can plug a device in and program it so that it will catch the commands from my window switches and have them instead activate my blinkers, but that (theoretically as far as I know) a compromised update to your radio could let it do the same thing is a bad thing and that there is a growing trend for cars to be more connected (e.g. wifi hotspots, etc..) is outright scary.
Maybe they could start by separating networks for the critical functions and entertainment systems. The only possible access to the critical systems should be by a physical connection. They don't need (bad) software security experts to help solve this problem. They need good network architects. It shouldn't simply be a matter of the engine verifying that the "more gas" command came from the ECU and not the radio. The radio should simply never be able to get a message to the engine without wiring changes.
Re:CAN is cool, but... (Score:4, Informative)
The radio should simply never be able to get a message to the engine without wiring changes.
My father's decade old SUV talked to the transmission to control radio volume based on road speed.
The hard part is making a single RW bus read only in the proper direction at all times.
Thankfully it didn't run windows so there's no virus issue. But radios and engine/transmission computers have been talking for quite awhile.
Re: (Score:2)
Thankfully it didn't run windows so there's no virus issue.
Ha. Hahah, wow, this is... well, just straight up completely wrong. Just because it isn't Window's doesn't mean it can't get virii or other malware, not by a long shot. But anyways, even assuming you want the radio talking to the transmission, it should be a one-way communication: the radio shouldn't be able to send the transmission commands. It's odd to think of needing a firewall on your car, but with that's definitely needed for a situation like that.
Re: (Score:2)
Re: (Score:2)
"The hard part is making a single RW bus read only in the proper direction at all times."
That's not hard at all. If you want to be really sure you use an optoisolator.
Re: (Score:2)
"The hard part is making a single RW bus read only in the proper direction at all times."
That's not hard at all. If you want to be really sure you use an optoisolator.
Doesn't work with I2C, RX needs to send an ACK back, or the TX gets all out of whack and times out.
From what I skimmed over for canbus it also requires ACKs on a bidirectional bus.
What I'm getting at is written in deep in the protocol specification there is no such thing as a unidirectional unack'd packet. You could build a sniffer and have "something else" periodically poll and the sniffer could sniff and then your optoisolator-like design would work...
Maybe a way to rephrase it is at the hardware level t
Re: (Score:2)
Yes, I was thinking of a control line NOT running CAN. A unidirectional CAN bus doesn't make any more sense than a unidirectional TCP/IP network.
However, you could have a doohickey that talks CAN to the transmission on one side, CAN to the radio on the other, and the link between the two sides is a simple one way signal, optoisolated if you want to make absolutely sure. There isn't really any reason the radio has to be on the same CAN bus as the important stuff except convenience.
Re:CAN is cool, but... (Score:5, Interesting)
Not just theoretically -- University of Washington researchers crafted an MP3 that let them at the CAN via the MP3 player: http://www.newscientist.com/blogs/onepercent/2011/03/how-an-mp3-can-be-used-to-hack.html [newscientist.com]
Re: (Score:2)
LOL... or, one manufacturer might use such exploits to create a series of improbable events labeled "malfunctions" which damages their competitor's sales and forces large scale and costly recalls. Hmmm... Industria
Re: (Score:3)
There is no way a single processor should be involved in all these things. For example, a sound system could talk to your transmission more-or-less directly (or share input from the transmission, at any rate) without sharing any processor or code with the central control system.
Similarly, there is no reason that other devices like Bluetooth, WiFi, cabin temperature, phone, and so on should be connected to the main contr
Re:CAN is cool, but... (Score:4, Insightful)
Maybe they could start by separating networks for the critical functions and entertainment systems.
Cars used to have multiple busses, but they unified them to save weight to improve fuel efficiency.
That is, they chose fuel efficiency over security. Remember, right now fuel efficiency will sell more cars than a more nebulous "security" that few can appreciate (until something really bad happens).
I hope it's not band-aid (Score:4, Interesting)
McAfee makes me think of AV, and AV makes me think band-aid. Please, please let's not end up with a situation where cars are susceptible to viruses, therefore an AV application scans for viruses. Cars (or at least, the important bits of them) should be secure from the ground up.
The problem has been that the designers have given computer security no thought *whatsoever*, and applied techniques already well known to security people, too late for some victims.
For example, the first remote keys were susceptible to replay attacks. Anyone with half a clue about computer security already knew at that time that needed a challenge/response scheme. But keys with challenge/response came later. And keys with sufficiently secure crypto algorithms came later still.
For example, it's common to have the audio system, the ignition, the satnav, etc. all on the same data bus, with no authentication. From a security point of view, that's a disaster waiting to happen. Researchers have already demonstrated hacking the MP3 player to unlock the doors -- pointing out it's not much of a stretch to having hacked cars unlock themselves and email their GPS location to the attacker.
Re: (Score:2)
got to love classic cars
Re: (Score:2)
got to love classic cars
Because who needs a comfortable car that starts reliably and uses fuel efficiently?
Re: (Score:2)
that's not true.
I've got an MG Midget, that after a fair amount of modifications from original, is extremely reliable, extremely fun to drive, and gets better gas mileage than my wife's civic and my miata.
Re: (Score:2)
I've got a decent job, and can afford the gas, so that's not a real concern of mine. Heck, I'm currently looking to by an old '70s muscle car for fun...with your basic 10mpg....
I have a short commute, so yes..it will be my main daily driver too. Why buy a fun toy, and only use it on the weekends?
I died because of Farmville?!?!? (Score:2)
Worked on some of the first Microsoft-based car nav radios, a Windows-CE based auto-specific system. MS was in the mode of "Hey, 3rd party apps are a feature!" and the auto companies were like, "Not gonna happen."
Not in the land of Congressional hearings and $100 million recalls. You think Facebook dodging the class action suit in that other thread is a big deal, imagine a lawyer trotting broken or dead bodies before the camera because one of the Big Three didn't properly vette Angry Birds: Cruisin' Down
Re: (Score:2)
I prefer a multi-player FPS type game... imagine an augmented reality interface where you can see the virtual turrets mounted on your hood and aim them at other cars logged into the game. You could see those cars taking damage and then eventually being "destroyed". Of course, you also have to watch your six and consider your shield levels as well. If you had passengers in the car, maybe they could man the rear guns or monitor system health and repairs...
I thi
Re: (Score:1)
I prefer a multi-player FPS type game... imagine an augmented reality interface where you can see the virtual turrets mounted on your hood and aim them at other cars logged into the game. You could see those cars taking damage and then eventually being "destroyed". Of course, you also have to watch your six and consider your shield levels as well. If you had passengers in the car, maybe they could man the rear guns or monitor system health and repairs... I think I just made family road-trips much more fun...
sounds awesome, just imagine all the drivers on the highway competing to get line of sight for a good shot...
Never connect the critical systems to the internet (Score:3)
Needless to say, never connect the critical systems to the internet or to other computers connected to the net. Besides security concerns-- ever since consoles got internet connections/updates, what happened? It started a trend among publishers to have games were no longer tested as rigorously, pushed out the door, and depend on internet updates to fix any issues.
Re: (Score:2)
ever since consoles got internet connections/updates, what happened? It started a trend among publishers to have games were no longer tested as rigorously, pushed out the door, and depend on internet updates to fix any issues.
Most importantly an attempt to eliminate the resale market.
Perhaps in the future you'll have to register and buy annual (or more often) updates for your car from the app store, and you won't be allowed to change the owner of the car, why the heck would you be permitted to do that, are you some kind of car thief?
I'm sorry sir your engine computer hardware is yours, but the software that runs on it is only licensed to the original buyer. You can only buy an engine computer software license with the purchase
Re: (Score:1)
and you won't be allowed to change the owner of the car,
That's pretty far fetched; unless all the car manufacturers did this at the same time, the sales for those cars with this 'feature' would drop through the floor since they would have no resale value. If all the car manufacturers *did* do it at the same time it would probably be some sort of cartel issue and illegal.
Much more likely is that you would have to officially update the registration with the manufacturer in order to carry on receiving necessar
Re: (Score:2)
Re: (Score:1)
A revolutionary idea (Score:1)
Ready?
Are you sure?
Don't make the car computer have a wi-fi antenna.
Groundbreaking, isn't it?
Re:A revolutionary idea (Score:5, Informative)
Don't make the car computer have a wi-fi antenna.
There are plenty of other vectors. The keyless ignition system. The remote central locking. The MP3 decoder. The digital radio. With physical access -- direct connection to the bus.
Re: (Score:3)
Re: (Score:2)
Surely they should just have a physical separation between the busses - one for safety-critical features (Engine, Transmission, ABS, Lighting etc.) and one for entertainment and other 'utility'. If a controller needs to link between the two then it should only support a very limited range of commands, and there should be no direct method for passing a command or data from the 'utility' bus to the 'safety' bus. Ideally these critical controllers should be read-only on the 'utility' bus. These portions of
Stupid stuff again (Score:5, Informative)
Why do car companies feel the need to hook their CD players or whatever into the critical systems of the car?
How about this: Just mount an iPad (or Galaxy) into the console.
Done.
But, no, they want to show you the oil level on a touchscreen instead of in front of the steering wheel. Meaning they have to hook it into the engine computer. Giving attackers an in.
Re:Stupid stuff again (Score:4, Insightful)
Why do car companies feel the need to hook their CD players or whatever into the critical systems of the car?
Because it's the cheapest way to provide features that customers want, and competitors will deliver.
Re: (Score:2)
I wouldn't be so concerned if the car computer was only outputing data. That might be fun and useful with few, if any, security risks for most drivers. I do, however, have a problem with my accelerator or brake system being controlled by some external device rather than my hard-wired foot pedal. For what it's worth, many military aircraft are triple-redundant, meaning that your flight stick is primarily fly-by-wire, but in the event of a failure your flight stick is also directly connected to hydraulic line
Re: (Score:3)
Re: (Score:2)
You gave a single redundant system... what are the other two?
If your doors don't open after a crash it's not very likely your windows will. And windows have this great manual override - they break. you do have something to break windows with in your car, don't you?
To capture audio system revenue? (Score:2)
I always wondered if this wasn't at least partly done to capture the customer's audio system spending.
Car makers traditionally have been way behind the times in terms of car audio, and even simple upgrades were always really expensive due to the highway robbery prices they charged (since they were nearly always a dealer add-on).
So you bought the base model radio and then went to Best Buy or wherever and bought a better model, speakers, power amp for less money than the car maker wanted.
At first car makers s
Re: (Score:1)
It is not just that, What does Onstar or similar service do? They have 100% full access to the vehicle. They can start it, they can monitor your fluid levels, tell you how to get someplace, etc. This mean you are GPS tracked, and they have full access to shutdown or start your car at all times. I never wanted that system in my cars and I typically find the fuse for the onstar circuit in my car and pull it once the free year (or 3 months) is out. They cannot tell me where I am if they cannot work. All
Re: (Score:2)
I think it's just one of those cases where the demands for new features and capabilities have created problems that the original spec never anticipated or intended to solve.
The 'CAN' bus spec has been around seemingly forever. It was developed to solve wiring issues. A single serial data bus which all systems and peripherals could be connected to was a great idea at the time. I'm guessing that it probably just became SOP to tie every new system into the CAN bus and nobody stopped to wonder why the MP3 pl
More likely case (Score:2)
The car manufactures risk being held liable for people stealing their cars through remote exploits. For years now insurance claims have been denied for certain auto theft claims based on the theory that certain types of keys couldn't be replicated. During the interim of course hackers had figured out how hack the key systems and started stealing the cars without the keys.
Sooner or later the inevitable happened and they got caught on video doing so. I believe there was a story over the UK a few weeks ago abo
Re: (Score:2)
For years now insurance claims have been denied for certain auto theft claims based on the theory that certain types of keys couldn't be replicated.
I find this hard to believe as everyone knows tow truck drivers and repo men (often one and the same) can tow anything. A quick snip and the parking brake doesn't matter either.
Same problem with motorcycles. You don't need a lockpick to steal a cycle, you need a pickup truck with a ramp and one of those mounting bar things. I've seen harleys stuffed into vans too.
Re: (Score:2)
Citations
http://www.wsoctv.com/news/news/action-9-insurer-denies-stolen-car-claim-because-m/nGTHX/ [wsoctv.com]
http://www.leftlanenews.com/gone-in-20-minutes-using-laptops-to-steal-cars.html [leftlanenews.com]
Re: (Score:2)
The second link has no citations of a claim being denied.
The first link is pretty good. Note that insurance companies make money but not paying claims... its not unusual, if they think you don't have the resources to fight back, for them to deny a claim. Happens all the time with medical too.
Re: (Score:2)
Additional citations:
http://www.mcsalaw.com/html/SIU_CR.html [mcsalaw.com]
http://www.wired.com/wired/archive/14.08/carkey.html [wired.com]
In fact I found an entire earlier slashdot disussion about this very issue.
http://slashdot.org/story/06/07/31/1549238/rfid-enabled-vehicles-pinch-my-ride [slashdot.org]
On your point of car thieves simply using tow trucks, I couldn't agree more. After all why bother picking locks when you can just tow the whole car? I would imagine most car theft is done this way anymore. My point was on the car keys being used a
Re: (Score:2)
It would have been highly amusing if Gen. Alexander's car had refused to either arrive or depart Defcon this year... Or whatever car he was being chauffeured in.
so is this good or bad? (Score:2)
few months back there was an article here about how car computers are ripe for hacking and everyone said the car companies suck for such crappy security
now that they are doing it the car companies suck for locking down their cars
Grammar Nazi (Score:3)
Re: (Score:2)
Re: (Score:2)
Security is haaaard, woo woo! (Score:2)
We need updates "over the air", without operator intervention! It's too inconvenient for owners to have to come into a dealer for updates, that's unreasonable!
And it won't allow us to do the updates as often as we like! We're always fixing bugs, so we need the ability to update the software every 6 hours... sometimes even less! Look at Firefox and Windows - how often do they update? It's an industry standard!
And encryption? That's haaaard! It takes time and effort to implement and it adds no value to the en
LEXUS fallout (Score:2)
So that fiery CHIPS officer and his family in San Diego for whom no human amount of effort could save themselves from terror by electronic FAILUNDER comes down to ' its not our fault?' someone reprogrammed the blackboxen?
My car is theft proof (Score:2)
It's got two things going for it
(a) it's a manual
(b) it's a TVR
(for those that don't get (b), you really have to know what you are doing to start one, look up Top Gear for more info)
Re: (Score:2)
(a) it's a manual
I can top that. My car has a device sure to stump all but the most expert car thieves:
A knob on the dashboard labeled 'Choke'.
Now get off my lawn!
What about trailer tractors? (Score:1)
Between McAfee and the hackers. (Score:2)
I'll take the hackers, thank you--with them I at least have some chance of purging *their* malware from my computer system.
Re: (Score:2)
I'll take the hackers, thank you--with them I at least have some chance of purging *their* malware from my computer system.
Back in the BBS days there was a virus group called "YAM" — Youth Against McAfee. Maybe it's time to get the band back together. :o)
Biometrics, no? (Score:2)
McAfee researchers? Really? (Score:2)
Sorry Officer ... (Score:3)
Bonus points to the first person that talks their way out of a traffic ticket with the excuse that their car has been hacked.
McAfee On Board (Score:3)
Insecure Code (Score:2)
Let's assume ENIAC and 1943 as the start date for modern computing. In nearly 70 years of computing one thing we should all know very well by now is that there is no such thing as secure code. If a user has access to the system it operates on it's inherently insecure.
Re: (Score:2)
They're not necessarily trying to keep the user out. They're trying to keep non-owner hackers out. If someone hacked the OnStar system, for example, they could stall every car on the network. Worse if they could figure out how to make every car accelerate out of control. Or what if they could change the engine settings to timing that would damage the engine over time. Or if the OnStar system stays secure, what if they could do the equivalent using the internet connectivity in some cars? or break in usi
Re: (Score:1)
Why would you be loading fishing software onto a car?
Re: (Score:2)
Or worse... they start treating oil filters like laser toner, and declaring them to be "expired" the moment your odometer ticks off 3,000 miles.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
"Manual controls for all key systems - keys and the like."
We had that, and the result was that cars were hotwired. In today's cars, there are cryptographic challenge/response schemes with the key, making them much harder to steal. Of course, this introduces a wireless digital interface...
Car systems are incredibly robust to random failures, but they don't do well against intentional failures that bypass the failsafe mechanisms.