Jump to content

Can Your Car Be Hacked?


unit731

Recommended Posts

Posted

You might be behind the wheel, but increasingly, computers control your car’s every function.

 

Microprocessors direct braking, acceleration and even the horn these days. “Because they are hidden, people don’t often understand that there can be anywhere from 30 to 40 microprocessors in most cars and even up to 100 different ones running different functions in some vehicles,” says Stephan A. Tarnutzer, chief operating officer for DGE Inc., which provides electronic designs and consulting for auto manufacturers and suppliers.

 

But could a hacker compromise these systems? Recently, several news reports have raised the issue of car-hacking risks, including:

 

 

•Vehicle disablement. After a disgruntled former employee took over a Web-based vehicle-immobilization system at an Austin, Texas, car sales center, more than 100 drivers found their vehicles had been disabled or their horns were honking out of control.

 

•Tire pressure system hacking. Researchers from the University of South Carolina and Rutgers University were able to hack into tire pressure monitoring systems. Using readily available equipment and free software, the researchers triggered warning lights and remotely tracked a vehicle through its unique monitoring system.

 

•Disabling brakes. Researchers at the University of Washington and University of San Diego created a program that would hack into onboard computers to disable brakes and stop the engine. The researchers connected to onboard computers through ports for the cars’ diagnostic system."

 

 

 

 

 

 

LINK

Posted

Not sure about point #1, but 2 and 3 are pure BS-

 

You might be able to trigger a warning lamp but you absolutely cannot track a car through TPMS- they're extremely short range transmitters. That has about as much a chance of happening as someone with a bluetooth ear piece in California pairing it with my phone here in NH.

 

 

Brakes on all cars still have a mechanical connection from pedal to the master cyl. If the engine stalls, you still have brakes, no power assist though. But it's unreasonable to expect the media to be truthful.

Posted
No way someone can hack your computer in your vehicle. If your worryed then install Norton 2012 in your vehicle.

 

:lol:

Posted
No way someone can hack your computer in your vehicle. If your worryed then install Norton 2012 in your vehicle.

 

 

 

lol... well..

 

 

Tuners "hack" the computers in vehicles.. that is the premise on how they work, the programmers hacked GMs code to create a device that can modify the vehicles computer system.

 

 

as for no way... Anything can be hacked- anything..

 

 

I hacked my 2005 Chrysler 300c, and my wife's 2007 Camry hybrid, and modified the Navigation system in both to allow address entry while the vehicle was moving by patching the firmware on the Navigation DVD long before the lock-pick was invented..

 

 

and the new GM's all have a wireless (cellular) data connection provided by the OnStar system via the Verizon network.. and if someone can hack a celebrities cell phone what makes you think they can't hack the OnStar data network?

 

it can very well be done, and hell the toyota keyless (keeloq) entry system has already been hacked, allowing someone with the proper equipment to send a signal to the car and unlock the doors and start the motor.. (and BTW GM also uses the "keeloq" hardware)

 

 

http://en.wikipedia.org/wiki/KeeLoq

 

http://consumerist.com/2007/08/researchers...ry-devices.html

 

 

Remote keyless entry system for cars and buildings is hacked

RUB security experts discover major vulnerability

 

 

Access from a distance of 300 feet without traces

 

 

Bochum, Germany, March 31, 2008

Researchers from Ruhr University Bochum, Germany, presented a complete break of remote

keyless entry systems based on the KeeLoq RFID technology. The shown vulnerability applies to

all known car and building access control systems that rely on the KeeLoq cipher. “The security

hole allows illegitimate parties to access buildings and cars after remote eavesdropping from a

distance of up to 100 meters” says Prof. Christof Paar. His Communication Security Group in the

Electrical Engineering and Information Sciences Department has developed the break as part of

their research in embedded security.

 

 

 

Two Intercepted Messages are Sufficient

Prof. Paar’s team applied the newest code breaking technologies for developing several attacks.

With the most devastating attack, car keys (or building keys) can be cloned from a distance of

several 100 meters. “Eavesdropping on as little as two messages enables illegitimate parties to

duplicate your key and to open your garage or unlock your car”, says Prof. Paar. With another

malicious attack, a garage door or a car door can be remotely manipulated so that legitimate keys do

not work any more. As a consequence, access to the car or the building is not possible any more.

 

 

 

Newest Code Breaking Techniques

A KeeLoq system consists of an active Radio Frequency Identification (RFID) transponders (e.g.,

embedded in a car key) and a receiver (e.g., embedded in the car door). Both the receiver and

transponder use KeeLoq as encryption method for securing the over-the-air communication. The

attack by the Bochum team allows recovering the secret cryptographic keys embedded in both the

receiver and the responder. The attack is based on measuring the electric power consumption of the

receiver. Applying what is called side-channel analysis methods to the power traces, the researchers

were able to extract the manufacturer key from the receivers. The attack – which combines sidechannel

cryptanalysis with specific properties of the KeeLoq algorithm – can be applied to all

known variants in which KeeLoq is used in real world systems. The practicality of the attack has

been confirmed by attacking actual systems which are using KeeLoq.

 

 

 

KeeLoq: widely used since the mid-1990s

KeeLoq has been used for access control since the mid-1990s. By some estimates, it is the most

popular of such systems in Europe and the US. Besides the frequent use of KeeLoq for garage door

openers and other building access applications, it is also known that several automotive

manufacturers like Toyota/Lexus base their anti-theft protection on assumed secure devices

featuring KeeLoq.

 

 

 

IT Security Research in Bochum

Prof. Paar’s group is part of the Horst Görtz Institute for IT Security (HGI), one of the largest

university-based security research centres in Europe. Prof. Paar’s group is internationally renowned

for their work in securing and analysing embedded security systems. Ruhr University Bochum has

the most comprehensive offerings in IT security education (Bachelor, Master, distance learning) in

Germany.

 

 

 

Further Information

Prof. Dr.-Ing. Christof Paar, Communication Security Group, Faculty of Electrical Engineering and

Information Science, Ruhr University of Bochum, D-44780 Bochum, Germany

Email: [email protected]

Phone: +49 234 32 22994

 

 

 

Web links

More information about the KeeLoq attack:

www.crypto.rub.de/keeloq

Chair of Communication Security

Posted

Yes, yes. I am a card carrying member of the Tin Hat Society. But moving on.

 

Here is one opinion from one person concerning OBDIII. I did state an opinion. And no, OBDIII is not yet produced. OBDIII may or might be in all future vehicles.

 

Anyway here is one opinion of OBDIII. An opinion.

 

"There's talk about when the new OBD-3 system comes out it will be almost impossable to get away with performance up grades that don't meet smog requirements. The system will have benifits also like self diagnosis, the capabilities of controling each cyclinder seperatly, these are some of it's good points. Theres one major bad point that will be installed into the system. Smog tests will no longer be performed on OBD-3 equiped vehicles, instead the vehicles computer will moniter how much emissions the vehicle is putting out and if it exceeds the maximum allowed it will set off the vehicles check light. So when your vehicle needs a smog test the technician simply hooks a scanner up to computer and makes sure that no codes have been set off and that the computer is functioning as it should be. But wait I haven't even gotten to the worst part yet. Just like our cars now if something goes bad on them they usually set off a check engine light but on the new OBD-3 systems whenever a check engine light is set off the computer sends a signal to the nearest cell phone tower containing your vehicle I.D. number straight to DMV. DMV then in turn sends you a letter in the mail saying you have 30 days to get it fixed If you let it go beyond the 30 days you will then recieve another letter saying you have 10 days to fix it or they will suspend your license. How's this for technology!!! "

 

LINK

Posted
Yes, yes. I am a card carrying member of the Tin Hat Society. But moving on.

 

Here is one opinion from one person concerning OBDIII. I did state an opinion. And no, OBDIII is not yet produced. OBDIII may or might be in all future vehicles.

 

Anyway here is one opinion of OBDIII. An opinion.

 

"There's talk about when the new OBD-3 system comes out it will be almost impossable to get away with performance up grades that don't meet smog requirements. The system will have benifits also like self diagnosis, the capabilities of controling each cyclinder seperatly, these are some of it's good points. Theres one major bad point that will be installed into the system. Smog tests will no longer be performed on OBD-3 equiped vehicles, instead the vehicles computer will moniter how much emissions the vehicle is putting out and if it exceeds the maximum allowed it will set off the vehicles check light. So when your vehicle needs a smog test the technician simply hooks a scanner up to computer and makes sure that no codes have been set off and that the computer is functioning as it should be. But wait I haven't even gotten to the worst part yet. Just like our cars now if something goes bad on them they usually set off a check engine light but on the new OBD-3 systems whenever a check engine light is set off the computer sends a signal to the nearest cell phone tower containing your vehicle I.D. number straight to DMV. DMV then in turn sends you a letter in the mail saying you have 30 days to get it fixed If you let it go beyond the 30 days you will then recieve another letter saying you have 10 days to fix it or they will suspend your license. How's this for technology!!! "

 

LINK

 

 

 

yeah I've been reading that for awhile.. what it means to me is that I won't be buying a new car if I intend to mod it.. I will be looking for an older muscle car or truck to mod.. but i'm sure at some point those will become outlawed somehow as well, especially in the retarded republik of kornifornia.

Posted
Yes, yes. I am a card carrying member of the Tin Hat Society. But moving on.

 

Here is one opinion from one person concerning OBDIII. I did state an opinion. And no, OBDIII is not yet produced. OBDIII may or might be in all future vehicles.

 

Anyway here is one opinion of OBDIII. An opinion.

 

"There's talk about when the new OBD-3 system comes out it will be almost impossable to get away with performance up grades that don't meet smog requirements. The system will have benifits also like self diagnosis, the capabilities of controling each cyclinder seperatly, these are some of it's good points. Theres one major bad point that will be installed into the system. Smog tests will no longer be performed on OBD-3 equiped vehicles, instead the vehicles computer will moniter how much emissions the vehicle is putting out and if it exceeds the maximum allowed it will set off the vehicles check light. So when your vehicle needs a smog test the technician simply hooks a scanner up to computer and makes sure that no codes have been set off and that the computer is functioning as it should be. But wait I haven't even gotten to the worst part yet. Just like our cars now if something goes bad on them they usually set off a check engine light but on the new OBD-3 systems whenever a check engine light is set off the computer sends a signal to the nearest cell phone tower containing your vehicle I.D. number straight to DMV. DMV then in turn sends you a letter in the mail saying you have 30 days to get it fixed If you let it go beyond the 30 days you will then recieve another letter saying you have 10 days to fix it or they will suspend your license. How's this for technology!!! "

 

LINK

 

:lol: seeing as the majority of vehicles on the road today are roughly 15 years old i'm not too concerned...let alone local and fed goverments can't afford to dump money into a system like this when they can't afford to fix roads or help with disaster relief, let alone most people now a days in the USA can't afford to keep gas in their car so how are they going to fix a bad cat? i could see this happening sometime in my generations lifetime, but by then i'll be old and shitting myself so i won't care

Posted

Computers on vehicles should be more "hackable" if you ask me... Way too much proprietary @#$% and encrypting of systems that should be open. I can understand having tamper sensors, but once it's out of warranty or you void the warranty everything should be open to modify and access.

Posted
:lol: seeing as the majority of vehicles on the road today are roughly 15 years old i'm not too concerned...let alone local and fed goverments can't afford to dump money into a system like this when they can't afford to fix roads or help with disaster relief, let alone most people now a days in the USA can't afford to keep gas in their car so how are they going to fix a bad cat? i could see this happening sometime in my generations lifetime, but by then i'll be old and shitting myself so i won't care

 

 

I assume this is in jest. I rarely see older cars. Some yes. I still drive my 1992 Mercury Grand Marquis as a daily driver. Maybe in the Sun Belt there are more older cars and trucks. But not up here in rust country.

 

The national government is broke with a 14 billion plus debt. Correct. Opps. That is trillion. But the perception that a decline of unlimited money watching you is a big mistake. Take an hour and watch this video. Then state that this will never happen. Is this video opinions or facts? Are "they" watching you right now? And what does Ratheon, Boeing, Lockheed Martin, Grumman, etc. have to do with all?

 

For those with Attention Deficit Disorder - you have to watch the entire video to obtain the full impact of the unlimited funds going to the watching of you and your activities.

 

http://video.pbs.org/video/2117159594/

Posted

People also said OBDII, fuel injection and other smog gear would be the death of performance. It wasn't. People said IFS would mean the end of lifted trucks. It wasn't. New emissions systems will just be another thing to challenge the aftermarket. They'll beat it, their livelihood depends on it.

Posted

looks like big brother is watching. there will be ways of getting around it. Im sticking with older vehicles and no onstar.

Posted
:D seeing as the majority of vehicles on the road today are roughly 15 years old i'm not too concerned...let alone local and fed goverments can't afford to dump money into a system like this when they can't afford to fix roads or help with disaster relief, let alone most people now a days in the USA can't afford to keep gas in their car so how are they going to fix a bad cat? i could see this happening sometime in my generations lifetime, but by then i'll be old and shitting myself so i won't care

 

 

I assume this is in jest. I rarely see older cars. Some yes. I still drive my 1992 Mercury Grand Marquis as a daily driver. Maybe in the Sun Belt there are more older cars and trucks. But not up here in rust country.

 

The national government is broke with a 14 billion plus debt. Correct. Opps. That is trillion. But the perception that a decline of unlimited money watching you is a big mistake. Take an hour and watch this video. Then state that this will never happen. Is this video opinions or facts? Are "they" watching you right now? And what does Ratheon, Boeing, Lockheed Martin, Grumman, etc. have to do with all?

 

For those with Attention Deficit Disorder - you have to watch the entire video to obtain the full impact of the unlimited funds going to the watching of you and your activities.

 

http://video.pbs.org/video/2117159594/

 

 

:) if the goverment was watching me their isen't a damn thing i can do about it..so i live my life and not worry about things...theirs more to life then conspiracy theorys

Posted

Yes, of course. If you live a good clean life you have nothing to worry about. Right?

 

But you obviously did not view the video. It is not necessarily about 'watching' but about the unlimited and unaccounted tax money being spent to watch your good clean living. In these days of record deficits. Is the tax money well spent watching you?

 

All I hear on the tele from the candidates is 'big government' and wasteful spending by 'big government'. How many billions or trillions are spent watching your good clean living?

 

In my state, the state police have an airplane that they use to send speeding tickets to offenders. They mark the highway in increments and just time speeders. Is this the bestest way to spend limited state funds? An airplane and a paid pilot? The airplane was provided by the federal government as a gift/grant. Is this the best way to spend federal tax monies?

 

Recently, my state acquired - free from the federal government - a drone plane. Yes, a drone plane to monitor speeders on highways. Is this be bestest way to spend federal tax monies? Drone planes still require a licensed pilot. Is this "big government" or not? This drone if you lived in my state could fly right over your house and view what is going on in your yard. In real time. Of course, if you are leading a good clean life then who cares? Right? Except that there is a great deal of federal income tax monies that go to the operation of this drone airplane. Is the the best way to spend federal income tax monies in these days of massive deficits? And I really don't think that my state is the only state to acquire a 'free' drone airplane from the federal government. What about your state? Any 'free' drone airplanes acquired from the federal government for 'law endorcement' purposes?

 

I don't think any of this is a conspiracy. More like information not widely known by all.

 

But again, you lead a good clean life. You are employed. You don't think that taxes are too much.

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Forum Statistics

    250.4k
    Total Topics
    2.7m
    Total Posts
  • Member Statistics

    342,835
    Total Members
    8,960
    Most Online
    ballencd
    Newest Member
    ballencd
    Joined
  • Who's Online   0 Members, 0 Anonymous, 409 Guests (See full list)

    • There are no registered users currently online
×
×
  • Create New...