back to article Newsflash: Car cyber-security still sucks

In 2015, infosec gurus Charlie Miller and Chris Valasek demonstrated that they could take over and turn off a jeep from afar as it was being driven, a feat that magnified interest in car hacking. Their wireless attack was conducted on an active vehicle. But it turns out the engine doesn't have to be running. This is separate …

  1. This post has been deleted by its author

    1. Doctor Syntax Silver badge

      Re: Technology Moving Faster Than Security ???

      Technology moving faster than common sense. All sorts of wireless interfaces added to something that really needs a minimally small attack area just so some numpty with a new car and a smartphone can sit in the pub and say "hi, guys, just look at this".

    2. Lars Silver badge
      Happy

      Re: Technology Moving Faster Than Security ???

      "What we do need, is a backdoor to encryption. Does anyone know how it can be done, and if anyone would want it......".

      You may find a friend in May.

  2. Herby

    Dude...

    Where's my car...

    Not far off, as one might think. We will soon have autonomous vehicles, and after you "park" and go into the pub, you whip out your smartphone app and ask the vehicle to meet you at the front door. I see all sorts of problems here, including getting the wrong car (probably the same make).

    Of course if it is the boss's car, there are all sorts of BOFH scenarios available (sorry about that cliff/river).

  3. Anonymous Coward
    Anonymous Coward

    For added/extra electronics in a car all I want is electronic fuel injection and radio, if the radio needs to be stated, all the rest is just stuff that breaks down faster and is more expensive to replace. Now, of course, there are other more dangerous issues, as well. I do like an automatic transmission too. I live in a hilly city and am a bit lazy :)

    1. Black Betty

      Newsflash: Electronics are more reliable than mechanics.

      Modern motor vehicles routinely operate for hundreds of thousand kilometres and thousands of hours without breakdown with routine maintenance. Furthermore servicing intervals are considerably further apart.

      Yes when stuff breaks, it's a whole lot more expensive to replace, and complexity issues makes owner serviceability difficult, impractical or even downright impossible. However, (absent a lemon) stuff does not generally break down faster. End of life obsolescence notwithstanding.

      It may seem like that, but just take a look around you, and look at exactly how much "stuff" you have lying around. Just how much of it is perfectly good, but collects dust because it's no longer relevant to you?

      Now go back generation by generation, and think about how much LESS "stuff" each of them had, and yet how often it required maintenance and repair. Or even had to be built from scratch.

      Imagine if you would a 50's/60's household with, as many gadgets as we have today. It would be a breakdown nightmare.

    2. Anonymous Coward
      Anonymous Coward

      "all the rest is just stuff that breaks down faster"

      Rubbish.

      Electronic ignition has been around decades. Are you trying to tell me a modern car is less reliable than one from the 70's and 80's?

      I agree that they "can" be more expensive, but trying to argue that something like a carb system is somehow more reliable, cheaper (think how much more petrol they drank) and better, in terms of day to day use, is better than a modern system is just rose tinted glasses. I had a "major" engine fault, that just needed a £80 part off eBay to be un-clipped and clipped into place (knock sensor if you are interested). Many of this so called "hard to self fix" requires little more than a laptop, a cable and a bit of software. Far "easier" than correctly getting the carbs in tune and the timing belt to line up; how many here have had to do that on a car in the last decade?

      Source:

      Old enough to remember my dad having to call the AA at least once a year and building my own car with "just" electronic ignition.

    3. Eddy Ito

      Sorry AC, I'm going to disagree and say the electronic thermostatically controlled cooling fan is far superior and more efficient than the belt driven wind generator of yesteryear. And the electric in tank fuel pump that is immune to vapor lock. Oh and thank heaven for the new electronic ignitions with the electronic spark advance.

      Come to think of it I'm happy electronics and wires have replaced all but maybe one or two vacuum lines in the engine compartment. My mid '70s Civic was just a mess of vacuum hoses running every which way to mechanical controllers. Hell it looked like a plate of spaghetti and if even one of those hoses was loose or a controller started to leak the car ran poorly and burned fuel like mad. It also meant chasing down every single damn line to see if it was loose or developed a split somewhere; it was a nightmare. Yeah, I'll stick with a scanner plugged into the OBD2 port and type the resulting code into DuckDuckGo.

      I'll add that my early '80s feulie VW wasn't much better.

  4. Anonymous Coward
    Anonymous Coward

    hohum

    Don't get me wrong, I'm all for better security, but if access to the OBD-II port is required, there's no story there. It's like a scary sounding computer vulnerability that requires physical access to the PC. Sorry, if you're there, you own the box (which is less the case with OBD-II than with PCs).

    Hey, I've got one: I invented a new DOS attack for a car that can render it undriveable, render the keyless entry inoperable, disable the headlights, disable the starter, and brick the entire car. All you need is a big resistor, jumper cables, and access to the engine compartment. Where do I sign up for my presentation?

    1. Anonymous Coward
      Anonymous Coward

      Re: hohum

      RTFA numbnuts:

      "The attacks assume access to the in-vehicle network via a compromised ECU, which can be accomplished wirelessly"

      1. John Brown (no body) Silver badge

        Re: hohum

        The operative word there being "compromised". The way it's worded, it seems to me that the ECU needs to be compromised already by some other method, probably requiring physical access.

    2. Rob D.

      Re: hohum

      The study acknowledges that these are not immediate threats but just indicators that the attack vectors potentially exist.

      For example, if access to the OBD-II port is obtained by smashing a window it's pretty obvious, but a bit of hacking kit able to compromise the system sufficiently to pivot and deal with the alarm and immobiliser plus start the engine, makes this look a lot like the old days of hot wiring cars physically. Smash, plug, drive - thank you for your car. Even bricking your car takes on a new meaning.

      (BTW, not trivialising the work involved with developing and exploiting that vector, nor the intended system separation that should exist in the car systems already.)

  5. Jaap Aap

    I think my car has one ECU, for fuel injection. I'm quite happy with that setup, I only need 12 Volts to open my windows. I can also start my car when my brake lights aren't working.

    But hasn't this already been years now? Now security issues are introduced, but before, cars were also fitted with nifty electronic systems. Once something broke, nobody could fix it however, because most mechanics are not electricians. After a replacement unit it would hopefully work again, but at a price.

    1. Peter Gathercole Silver badge

      @Jaap

      Ah, but yours is an Engine Control Unit (ECU) not an Electronics Control Unit (ECU). See the difference?

      I do wish people would not re-use acronyms, especially in the same field!

      1. Jaap Aap

        Re: @Jaap

        According to wikipedia my ECU is also an ECU:

        https://en.wikipedia.org/wiki/Electronic_control_unit

  6. Anonymous Coward
    Anonymous Coward

    Drone vehicles

    give a whole new meaning to "Taking someone out".

  7. Voland's right hand Silver badge

    Err...

    or directly, via a OBD-II dongle connected to the target vehicle's OBD-II diagnostic port.

    If you have gotten your mitts on the OBD2 or its equivalents like Tech 2 in geographies which do not mandate OBD it is game over already.You can reprogram nearly anything in most cars produced in the last two decades.

    1. Anonymous Coward
      Anonymous Coward

      Re: game over already

      "If you have gotten your mitts on the OBD2 or its equivalents like Tech 2 in geographies which do not mandate OBD it is game over already."

      But where's the PhD, where are the "security research" brownie points for porfessor and student, where are the page views, where's the PROFIT, in that inconvenient fact?

      Rate this article: 2 out of 10, and the two points it does get are awarded mostly for the comments :)

  8. imispgh2

    What is missing is the fact that most organizations, commercial and government, purposefully avoid several critical cybersecurity best practices. Like Privileged Account Management. If I hack in to the organization that can control the vehicle or download code there is a problem. And there are folks like comma.ai who make weaponization much easier by giving away the code.

    Lockheed DHS Whistleblower - Equifax & most hacks root cause = Organizations literally avoiding a critical best practice

    https://www.linkedin.com/pulse/lockheed-whistleblower-equifax-most-hacks-root-cause-michael-dekort/

  9. cantanko

    Not exactly novel...

    Ask any owner of a P38A (1994-2000) Range Rover: _ANY_ 433MHz-ish signal would wake up the body electronics control module, energise the dash and so on, just in case it was an actual valid unlock command, draining the battery in the process. Seem to remember there were many after-market companies modding the BECM to prevent this. Many others just chopped the antenna so you could only unlock the car whilst being right next to it :-D

  10. elip

    So wrong it hurts.

    "These ECUs turn out to be poorly protected because they've been designed to prioritize simplicity."

    Sorry, I disagree completely. These ECUs as well as the larger whole of the vehicle, has been re-designed in the recent decade+, to prioritize complexity (as has every other piece of technology). Worse yet, this new generation has been brainwashed into believing, the best way to secure something that has grown (largely needlessly) in complexity, to fulfill a bizarre, self-destructive human craving for convenience, is to throw yet MORE complexity at the problem. Example of this backward (or forward depending on your perspective) thinking:

    "As a mitigation, the researchers suggest car makers implement an intrusion detection system that operates even when the vehicle is off, though they acknowledge this could tax the car battery."

    Brilliant.

  11. 7teven 4ect

    When I was little back in the 70s a family friend had a yellow VW beetle. One day I saw him loading logs into it so he told me it ran on logs, my big brother confirmed this.

    This is the new millenium, and cars can now brick themselves just by producing overly large electronic logs.

  12. Not also known as SC
    Joke

    Already Happening?

    I think that a large number of cars have been hacked where I live. The exploit involves disabling indicators and forcing the car to accelerate through amber traffic lights instead of stopping. Only two manufacturers are involved though, BMW and Audi. I can't think of any other explanation.

    1. Anonymous Coward
      Anonymous Coward

      Re: Already Happening?

      I would add to the list, based solely on anecdotal local observations -- seems like a widespread issue:

      - Chrysler/Dodge/Jeep/Ram (all the US marques, not Fiat)

      - Mercedes-Benz and Land/Range Rover (to go with BMW)

      - Infiniti (to complement Audi; Lexus gets a pass from me)

      - ...and ex-GM marque Hummer.

  13. Anonymous Coward
    Alert

    Tech + Knowlegy

    Technology doesn't really infer anything about achieving good things.

    Sadly most technology introduces 99% of problems while it provides only 1% solutions.

    This can largely be due to the ISM ISM of hard capitalist commercialisations greedy grab for cash.

    ABS braking is great assistive tech, but is not included in most vehicles.

    Air bags would be good if they didn't injure so many people, though I'm sure they save some lives.

    The black box that replaces the distributor for timing in the petrol engines is great.

    these will be negated by electric vehicles,

    So soon we will have self driving cars lulling us to sleep while we are hacked by near-do-wells.

    I don't see this as a security issue but purely as a regulatory one.

    Do not allow wireless interaction with the vehicles (most essentially whilst it is moving).

    Use a cable to exclude others.

    Prevention is better than cure.

    1. Dazed and Confused

      Re: Tech + Knowlegy

      > ABS braking is great assistive tech, but is not included in most vehicles.

      Errr since when?

      You might still be able to buy something like a Caterham 7 without ABS, but according to Wikipedia

      ABS are required on all new passenger cars sold in the EU since 2004. In the United States, the NHTSA has mandated ABS in conjunction with Electronic Stability Control under the provisions of FMVSS 126 as of September 1, 2013.

      You can of course have non electronic ABS, Ford used to do this on Escorts and Onions in the late 80s, but ... lets not go there.

      1. Bruce Ordway

        Re: Tech + Knowlegy

        >>ABS

        This reminds me of a presentation by someone at DARPA. I'm thinking late 90's? The person spoke about different levels of talent with technology and where it is deployed in the workforce. He expressed some concern about how the most talented people tended to gravitate away essential industries. He suggested mostly "average" programmers could be working on critical systems. One example he used was automotive manufacturing and ABS. The scenarios he described have always haunted me just a little. I wish I could remember the guys name or find that talk and revisit today.

        1. Zolko Silver badge
          Alien

          Re: Tech + Knowlegy

          Your comment seems furiously not unlike when Arthur Dent says:

          - These are the times when I wish I remembered what my Mum used to say when I was young.

          - Why, what did she say ?

          - That's the point: I don't remember

  14. allthecoolshortnamesweretaken

    Cars and electronics just don't mix.

  15. MachDiamond Silver badge

    Conspiracy factor

    By hacking into a car or reverse engineering it's very weak security system, you have violated the US DMCA. This shifts the responsibility of going after the hackers to government agencies rather than putting liability on the manufacturer.

    All of the wirelessly controlled "features" of new cars and many of the built in ones leave me wanting a good schematic so I can rip them out first thing. I don't need my phone to be able to switch on the heater or start the car. I find opening the trunk remotely as something to be avoided. I certainly don't need to do any of these things from half way around the world. I don't want my phone to be the key to the car. It's bad enough to have somebody nick your phone, but even worse if they can then walk through the car park and have your vehicle too. Phones break very easily and if your battery goes flat, you could be locked out. A more secure key fob would be better. You can press the button on the remote from a short distance away and if that doesn't work, you have a mechanical lock that will at least get you into the car if the car has lost a quantity of magic smoke or its battery has gone flat.

    It should be a recognized law that anything that is made more convenient is less secure.

  16. Anonymous Coward
    Anonymous Coward

    IMHO- to the car industy

    Car manufacturers should get out of the software game.

    It is not a revenue stream for you to lock me into your app, I want a car, not a second mobile phone. I have a perfectly good satnav and entertainment system on my device, I don't see the benefit of subscribing to yours (crap) services even though they are built in and difficult to dodge.

    Your development lifecycles are orders of magnitude longer than electronics manufacturers, software companies, and various sets of bad guys attempting to steal data, your car, or have lolz.

    And no, I don't want to buy a car as an iPhone accessory as it only has an apple dock built in, you are not Steve Jobs reincarnate.

    I don't want your rubbish voice recognition that can't manage a simple search or telephone function - my phone assistant seems quite capable even over road noise, this is clearly not your forte either.

    and, and and,

    deep breath...

    </RANT>

  17. annodomini2
    Thumb Down

    Sceptical about some of the statements

    There are 2 attacks:

    1. The battery drain one may be achievable by just attempting to connect to the in-car wireless (depends how the system is configured). Getting the Infotainment to trip the Wake-on-CAN.

    2. The DOS attack would require either a compromised ECU or Diagnostic port interface.

    I think they are trying to state that the OTA update system has been compromised, but if you could reprogram ECU's all bets are off.

    "The denial-of-body-control attack is more pernicious. The attacker wakes up the ECU to make it respond to injected messages and then switches the bit-rate. According to the researchers, this generates errors on the ECU's Controller Area Network (CAN bus) and forces it to shut down.

    Some but not all ECU units will be bricked as a result, depending upon the bus-off recovery specification, making the car unable to be turned on with an inserted key fob and leaving the doors locked.

    As a mitigation, the researchers suggest car makers implement an intrusion detection system that operates even when the vehicle is off, though they acknowledge this could tax the car battery.

    They're skeptical that MAC or message encryption will do much to prevent ECUs from being woken up because the encrypted message would still include the same 010 bit-sequence used for ECU activation."

    Bricked my arse, CAN has been around for 30+years, bus-off recovery is simple, worst case pull the battery.

    Besides the Door lock systems typically operate over LIN.

    MAC will do nothing against WOC or DOS attacks yes, because it's not intended to, it's for spoofing attacks, to inhibit takeover of remote control functions.

  18. Stjalodbaer

    angst

    Is this the Reg Spinoza page ? They’ve solved the mind-body problem ?? By denying the body ?!? Kewl. Actually, also what about out-of-body experiences ?

  19. Nimby
    Facepalm

    defenses are required only when the vehicle’s ignition is turned on – does not hold

    Strawman slain, film at 11.

    Seriously, the whole premise is pretty lousy to begin with. Why would anyone assume that the car is "off" just because the engine is? Do they think remote key fobs just operate on magic or something?

    The only important thing about electronics in cars is that the design really should keep the critical control components on a separate bus, using a more secure protocol, from the generic infotainment junk. Do that basic premise right any you're 95% there to a secure-enough car.

    Battery life, however, will always be a problem. Again, remote key fob anyone? Always-on means always draining, even if very slowly.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon