Welcome to the Colorado AR-15 Shooters Club Discussion Forums.
Vehicles with Uconnect vulnerability
Imagine someone hacks your car... or watch this video and see it for yourself.
https://www.yahoo.com/autos/jeep-che...667401327.html
Does anyone develop secure software anymore?
ΜΟΛΩΝ ΛΑΒΕ, we are the III%, CIP2, and some other catchphrase meant to aggravate progreSSives who are hell bent on taking rights away...
No.Originally Posted by 68Charger
Why? Companies do not want a "secure software" because it will slow down the sales process.... Sales organizations are revenue generator and they pressure IT groups to disable as much security features as possible. They do not care about a hack that may happen next year, because what matters is the bottom line at the end of this month.
"The French soldiers are grand. They are grand. There is no other word to express it."
- Arthur Conan Doyle, A visit to three fronts (1916)
And I know a lot of people that want "driverless" cars. Yeah...that'll work out great.
Every time I hear about self driving cars, I think of this:
Light a fire for a man, and he'll be warm for a day, light a man on fire, and he'll be warm for the rest of his life...
Discussion is an exchange of intelligence. Argument is an exchange of
ignorance. Ever found a liberal that you can have a discussion with?
http://market-ticker.org/akcs-www?post=230407
Oh Stop
Toyota has someone on CNBS right now talking (a bit) about security (and hacking) while trying to pump fuel-cell vehicles (which amuses me greatly for thermodynamic reasons.)
The problem is that he says "We're trying very hard to stay ahead of {security issues}."
The way you "stay ahead" of them is to physically airgap the bus that is responsible for life-safety-critical functions such as engine, transmission, brake and steering management (e.g. ABS, traction control, ECU, etc) and any externally-accessible or accessing components such as "infotainment" or "convenience" functions such as door locks.
That has not been done in any of the recent models I've seen. I have a handful of CanBus tools here that I use for both poking around and various diagnostic functions and on the same bus that handles engine management I can typically see signals from convenience functions such as door lock actuation -- and the radio.
This crap started with OnStar and the older AMPS systems in GM vehicles but it has now spread and gotten much worse. OnStar can open your doors and do "remote diagnostics"; the latter means it has access to the engine management CANBUS!
This is where the problem comes from and you can claim you've "security audited" the car but we've seen how well that works over time with your computer and smartphone, right?
The difference is that when your car gets hacked there's a decent chance that you die.
The car manufacturers took this design decision this for both "convenience" and economic reasons. Having a completely-separate bus for life-safety-critical devices costs a few more dollars. Remote diagnostics remains possible if there is a one-way gateway that allows reading data off the engine management bus but not sending commands to it. The problem is that it is not possible to retrofit vehicles in the field where the design decision was made to save a few dollars.
PS: While I really like the economic opportunity this event presents for BlackBerry's QNX -- I note that despite many attempts nobody has managed to break the bootloader and security model on BB10 thus far -- the fact remains that a mistake is always possible in code, and the only means to avoid it is to airgap life-safety-critical components from anything in the vehicle that can be accessed externally. Period.
whomever wrote that article isn't very up to date... CANBUS isn't just engine management- it's connected to almost every system on newer cars... allows diagnostics and digital activation of accessories. Anti-lock braking modules, steering servos, engine & transmission management to radios, electric door locks and windows, HVAC, wipers, etc...
ΜΟΛΩΝ ΛΑΒΕ, we are the III%, CIP2, and some other catchphrase meant to aggravate progreSSives who are hell bent on taking rights away...
I believe that is his point.
They have weed in computers?
The Great Kazoo's Feedback
"when you're happy you enjoy the melody but, when you're broken you understand the lyrics".
Winning post! Lol
"The French soldiers are grand. They are grand. There is no other word to express it."
- Arthur Conan Doyle, A visit to three fronts (1916)
What models of vehicles are susceptible to this so far? The only new cars I drive are company vehicles and I want to know if there could be an issue.
"There are no finger prints under water."
Posting Permissions
Reply With Quote
