Wednesday, July 22, 2015

Do you trust your car?

The Wall Street Journal reported that two hackers were able to hack into a vehicle and take control if it while moving:





Two computer-security researchers demonstrated they could take control of a moving Jeep Cherokee using the vehicle’s wireless communications system, raising new questions about the safety of Internet-connected cars.

Fiat Chrysler Automobiles NV, owner of the Jeep brand, on Tuesday blasted the researchers for disclosing their ability to hack into the sport-utility vehicle’s software and manipulate its air conditioning, stereo controls and control its speed by disabling the transmission from a laptop many miles away.

The hackers, one of whom works for Twitter Inc. and is a former analyst for the National Security Agency, counter they are bringing attention to an issue auto makers have for too long ignored.
Nearly all modern automobiles, not just those manufactured by Fiat Chrysler, feature computer controls that are potential targets for hackers.

The problem has caught the attention of most major car companies. General Motors Co. , for example, has been working with the National Highway Traffic Safety Administration on ways to protect the loads of data that a vehicle carries, and fortify a car’s control system from outside tampering.....

The two hackers, Charlie Miller, a Twitter employee based in St. Louis, and Chris Valasek, a director at the security firm IOActive, demonstrated in an article and video published in technology magazine Wired their ability to wirelessly access a vehicle’s systems. The researchers, who have been probing vulnerabilities in connected automobiles for years, previously could only take over a car by hacking from a laptop connected by cable to a moving vehicle.

Mr. Miller defended releasing the information, arguing he is improving auto safety by drawing attention to the issue. “We both want the same thing, to keep drivers safe from a cyberattack,” said Mr. Miller, who used to work on hacking tools for the NSA. “All I can do is point out flaws in their vehicles, get other researchers working on this issue and make suggestions.”
Messrs. Miller and Valasek have kept some of the flaws they uncovered under wraps to prevent copy cats from wreaking havoc on the highway. But they do show in a video that they can effectively disengage a car’s transmission or, when it is moving at slower speeds, its brakes. The two researchers say they will show more details during a talk at the Black Hat hacker conference next month. Rest of article.

11 comments:

Anonymous said...

Conspiracy theorist have been making claims for years that the government can take control of vehicles to eliminate a target. Check out the death of the blogger Michael Hastings, he was looking into certain topics that Uncle Sam wasn't happy about. The hackers proved that the conspiracy theorist might have not been so crazy.

Anonymous said...

What year did vehicles start installing this particular computer?

Wasn't it 2009?

Messick said...

That '85 Oldsmobuick for sale down the street is starting to look pretty good about now, ain't it?

Anonymous said...

Two computer experts expose a flaw in Jeeps that could wipe out my family, and all Fiat Chrysler can do is "blast" the two do-gooders? I know what brand of automobile I WON'T be buying next time.

Kingfish said...

I can see Don Evans now.......

Anonymous said...

We live in a time when most any product we buy is now computerized. Anyone who's been around I.T. for most of their lives can tell you that what's going on right now is not too smart and many people are unwittingly putting themselves in a vulnerable spot and our Government is the last thing one needs to be concerned about. Facebook wants all of your information besides your ss number. If you give it the wrong information on purpose, you could be very well be guilty of at least breaking the contractual agreement that you have to agree to in order to use the service. That's not very smart from a privacy standpoint.
Newer cars seem to be computers disguised as automobiles. We rely way to much on the perceived safety of the Internet. If it's profitable, the hacks will never stop. When we started digitizing our bank accounts on a large scale and most every one wound up with a debit card I knew what could happen. Now we see hacks all of the time that are aimed @ big box retailers and other large companies that store our info. If there is money to steal or valuable information to be gained, then the hack attacks will never end. I don't want to think about the chaos a hacker with mal intent could cause by wrecking cars that can be remotely controlled from a computer. It's all getting very strange. If we were to slowly make this shift with safety in mind, then we wouldn't be that vulnerable, but we've done it rather quickly with little to no choice. Most people only think about the consequences after they are victims and most companies simply do not care until they've hit a P.R. nightmare or their profits are interrupted. to say the least, it's wreckless.

Anonymous said...

We've been lucky that these people who can hack anything have, for the most part, been on the side of the common good for the people. Soon enough china, iran, isis, or anyone else who hates America will figure out how to take out the power system, food stamps, stock market, or any of the other fragile systems that we rely on for our normal day to day activities. They're all aware of our weaknesses. They're just working on trying to exploit them, or waiting.

Anonymous said...

The problem is car manufacturers who don't know how to implement these car infotainment systems securely. There should be segregation between the components that the vehicles requires for driving and the infotainment systems that are coming in most vehicles. This becomes difficult when nannies are in place that won't let you enter a GPS destination while driving or watch a DVD while driving. The systems must talk to each other to enforce the nannies, but they are not linked securely.

Anonymous said...

This week's Economist magazine has an article about this & similar problems. Is your DVR part of a botnet? Mmmmmaybe.

It seems that *anything* connected to the internet has got to have some serious encryption, and some companies are going to take it on the nose until they get on board with that.

Anonymous said...

If it's connected to the internet, somewhere there's a person that can hack it. All security measures do is make it difficult, at best. From what I understand from my IT friends is the real hackers are always a step ahead of the people trying to come up with new security measures. Your anti virus software and encrypted data might be great, and stop a highschool kid on a vengeance, but it's months, maybe even years behind what a skilled hacker is capable of.

The government can't even keep classified plans and specs for our most secret weapons secure.

Anonymous said...

Good Lord, someone here is worried about potentially "breaking the contractual agreement" they have with Facebook?



Recent Comments

Search Jackson Jambalaya

Subscribe to JJ's Youtube channel

Archives

Trollfest '09

Trollfest '07 was such a success that Jackson Jambalaya will once again host Trollfest '09. Catch this great event which will leave NE Jackson & Fondren in flames. Othor Cain and his band, The Black Power Structure headline the night while Sonjay Poontang returns for an encore performance. Former Frank Melton bodyguard Marcus Wright makes his premier appearance at Trollfest singing "I'm a Sweet Transvestite" from "The Rocky Horror Picture Show." Kamikaze will sing his new hit, “How I sold out to da Man.” Robbie Bell again performs: “Mamas, don't let your babies grow up to be Bells” and “Any friend of Ed Peters is a friend of mine”. After the show, Ms. Bell will autograph copies of her mug shot photos. In a salute to “Dancing with the Stars”, Ms. Bell and Hinds County District Attorney Robert Smith will dance the Wango Tango.

Wrestling returns, except this time it will be a Battle Royal with Othor Cain, Ben Allen, Kim Wade, Haley Fisackerly, Alan Lange, and “Big Cat” Donna Ladd all in the ring at the same time. The Battle Royal will be in a steel cage, no time limit, no referee, and the losers must leave town. Marshand Crisler will be the honorary referee (as it gives him a title without actually having to do anything).


Meet KIM Waaaaaade at the Entergy Tent. For five pesos, Kim will sell you a chance to win a deed to a crack house on Ridgeway Street stuffed in the Howard Industries pinata. Don't worry if the pinata is beaten to shreds, as Mr. Wade has Jose, Emmanuel, and Carlos, all illegal immigrants, available as replacements for the it. Upon leaving the Entergy tent, fig leaves will be available in case Entergy literally takes everything you have as part of its Trollfest ticket price adjustment charge.

Donna Ladd of The Jackson Free Press will give several classes on learning how to write. Smearing, writing without factchecking, and reporting only one side of a story will be covered. A donation to pay their taxes will be accepted and she will be signing copies of their former federal tax liens. Ms. Ladd will give a dramatic reading of her two award-winning essays (They received The Jackson Free Press "Best Of" awards.) "Why everything is always about me" and "Why I cover murders better than anyone else in Jackson".

In the spirit of helping those who are less fortunate, Trollfest '09 adopts a cause for which a portion of the proceeds and donations will be donated: Keeping Frank Melton in his home. The “Keep Frank Melton From Being Homeless” booth will sell chances for five dollars to pin the tail on the jackass. John Reeves has graciously volunteered to be the jackass for this honorable excursion into saving Frank's ass. What's an ass between two friends after all? If Mr. Reeves is unable to um, perform, Speaker Billy McCoy has also volunteered as when the word “jackass” was mentioned he immediately ran as fast as he could to sign up.


In order to help clean up the legal profession, Adam Kilgore of the Mississippi Bar will be giving away free, round-trip plane tickets to the North Pole where they keep their bar complaint forms (which are NOT available online). If you don't want to go to the North Pole, you can enjoy Brant Brantley's (of the Mississippi Commission on Judicial Performance) free guided tours of the quicksand field over by High Street where all complaints against judges disappear. If for some reason you are unable to control yourself, never fear; Judge Houston Patton will operate his jail where no lawyers are needed or allowed as you just sit there for minutes... hours.... months...years until he decides he is tired of you sitting in his jail. Do not think Judge Patton is a bad judge however as he plans to serve free Mad Dog 20/20 to all inmates.

Trollfest '09 is a pet-friendly event as well. Feel free to bring your dog with you and do not worry if your pet gets hungry, as employees of the Jackson Zoo will be on hand to provide some of their animals as food when it gets to be feeding time for your little loved one.

Relax at the Fox News Tent. Since there are only three blonde reporters in Jackson (being blonde is a requirement for working at Fox News), Megan and Kathryn from WAPT and Wendy from WLBT will be on loan to Fox. To gain admittance to the VIP section, bring either your Republican Party ID card or a Rebel Flag. Bringing both and a torn-up Obama yard sign will entitle you to free drinks served by Megan, Wendy, and Kathryn. Get your tickets now. Since this is an event for trolls, no ID is required. Just bring the hate. Bring the family, Trollfest '09 is for EVERYONE!!!

This is definitely a Beaver production.


Note: Security provided by INS.

Trollfest '07

Jackson Jambalaya is the home of Trollfest '07. Catch this great event which promises to leave NE Jackson & Fondren in flames. Sonjay Poontang and his band headline the night with a special steel cage, no time limit "loser must leave town" bout between Alan Lange and "Big Cat"Donna Ladd following afterwards. Kamikaze will perform his new song F*** Bush, he's still a _____. Did I mention there was no referee? Dr. Heddy Matthias and Lori Gregory will face off in the undercard dueling with dangling participles and other um, devices. Robbie Bell will perform Her two latest songs: My Best Friends are in the Media and Mama's, Don't Let Your Babies Grow up to be George Bell. Sid Salter of The Clarion-Ledger will host "Pin the Tail on the Trial Lawyer", sponsored by State Farm.

There will be a hugging booth where in exchange for your young son, Frank Melton will give you a loooong hug. Trollfest will have a dunking booth where Muhammed the terrorist will curse you to Allah as you try to hit a target that will drop him into a vat of pig grease. However, in the true spirit of Separate But Equal, Don Imus and someone from NE Jackson will also sit in the dunking booth for an equal amount of time. Tom Head will give a reading for two hours on why he can't figure out who the hell he is. Cliff Cargill will give lessons with his .80 caliber desert eagle, using Frank Melton photos as targets. Tackleberry will be on hand for an autograph session. KIM Waaaaaade will be passing out free titles and deeds to crackhouses formerly owned by The Wood Street Players.

If you get tired come relax at the Fox News Tent. To gain admittance to the VIP section, bring either your Republican Party ID card or a Rebel Flag. Bringing both will entitle you to free drinks.Get your tickets now. Since this is an event for trolls, no ID is required, just bring the hate. Bring the family, Trollfest '07 is for EVERYONE!!!

This is definitely a Beaver production.

Note: Security provided by INS
.