The Wall Street Journal reported that two hackers were able to hack into a vehicle and take control if it while moving:
Two computer-security researchers demonstrated they could take control of a moving Jeep Cherokee using the vehicle’s wireless communications system, raising new questions about the safety of Internet-connected cars.
Fiat Chrysler Automobiles NV, owner of the Jeep brand, on Tuesday blasted the researchers for disclosing their ability to hack into the sport-utility vehicle’s software and manipulate its air conditioning, stereo controls and control its speed by disabling the transmission from a laptop many miles away.
The hackers, one of whom works for Twitter Inc. and is a former analyst for the National Security Agency, counter they are bringing attention to an issue auto makers have for too long ignored.
Nearly all modern automobiles, not just those manufactured by Fiat Chrysler, feature computer controls that are potential targets for hackers.
The problem has caught the attention of most major car companies. General Motors Co. , for example, has been working with the National Highway Traffic Safety Administration on ways to protect the loads of data that a vehicle carries, and fortify a car’s control system from outside tampering.....
The two hackers, Charlie Miller, a Twitter employee based in St. Louis, and Chris Valasek, a director at the security firm IOActive, demonstrated in an article and video published in technology magazine Wired their ability to wirelessly access a vehicle’s systems. The researchers, who have been probing vulnerabilities in connected automobiles for years, previously could only take over a car by hacking from a laptop connected by cable to a moving vehicle.
Messrs. Miller and Valasek have kept some of the flaws they uncovered under wraps to prevent copy cats from wreaking havoc on the highway. But they do show in a video that they can effectively disengage a car’s transmission or, when it is moving at slower speeds, its brakes. The two researchers say they will show more details during a talk at the Black Hat hacker conference next month. Rest of article.
11 comments:
Conspiracy theorist have been making claims for years that the government can take control of vehicles to eliminate a target. Check out the death of the blogger Michael Hastings, he was looking into certain topics that Uncle Sam wasn't happy about. The hackers proved that the conspiracy theorist might have not been so crazy.
What year did vehicles start installing this particular computer?
Wasn't it 2009?
That '85 Oldsmobuick for sale down the street is starting to look pretty good about now, ain't it?
Two computer experts expose a flaw in Jeeps that could wipe out my family, and all Fiat Chrysler can do is "blast" the two do-gooders? I know what brand of automobile I WON'T be buying next time.
I can see Don Evans now.......
We live in a time when most any product we buy is now computerized. Anyone who's been around I.T. for most of their lives can tell you that what's going on right now is not too smart and many people are unwittingly putting themselves in a vulnerable spot and our Government is the last thing one needs to be concerned about. Facebook wants all of your information besides your ss number. If you give it the wrong information on purpose, you could be very well be guilty of at least breaking the contractual agreement that you have to agree to in order to use the service. That's not very smart from a privacy standpoint.
Newer cars seem to be computers disguised as automobiles. We rely way to much on the perceived safety of the Internet. If it's profitable, the hacks will never stop. When we started digitizing our bank accounts on a large scale and most every one wound up with a debit card I knew what could happen. Now we see hacks all of the time that are aimed @ big box retailers and other large companies that store our info. If there is money to steal or valuable information to be gained, then the hack attacks will never end. I don't want to think about the chaos a hacker with mal intent could cause by wrecking cars that can be remotely controlled from a computer. It's all getting very strange. If we were to slowly make this shift with safety in mind, then we wouldn't be that vulnerable, but we've done it rather quickly with little to no choice. Most people only think about the consequences after they are victims and most companies simply do not care until they've hit a P.R. nightmare or their profits are interrupted. to say the least, it's wreckless.
We've been lucky that these people who can hack anything have, for the most part, been on the side of the common good for the people. Soon enough china, iran, isis, or anyone else who hates America will figure out how to take out the power system, food stamps, stock market, or any of the other fragile systems that we rely on for our normal day to day activities. They're all aware of our weaknesses. They're just working on trying to exploit them, or waiting.
The problem is car manufacturers who don't know how to implement these car infotainment systems securely. There should be segregation between the components that the vehicles requires for driving and the infotainment systems that are coming in most vehicles. This becomes difficult when nannies are in place that won't let you enter a GPS destination while driving or watch a DVD while driving. The systems must talk to each other to enforce the nannies, but they are not linked securely.
This week's Economist magazine has an article about this & similar problems. Is your DVR part of a botnet? Mmmmmaybe.
It seems that *anything* connected to the internet has got to have some serious encryption, and some companies are going to take it on the nose until they get on board with that.
If it's connected to the internet, somewhere there's a person that can hack it. All security measures do is make it difficult, at best. From what I understand from my IT friends is the real hackers are always a step ahead of the people trying to come up with new security measures. Your anti virus software and encrypted data might be great, and stop a highschool kid on a vengeance, but it's months, maybe even years behind what a skilled hacker is capable of.
The government can't even keep classified plans and specs for our most secret weapons secure.
Good Lord, someone here is worried about potentially "breaking the contractual agreement" they have with Facebook?
Post a Comment