Backseat Driver: DARPA Hacks Car Through OnStar Service

Backseat Driver: DARPA Hacks Car Through OnStar Service

A bit of malicious code leads to near-full remote control of a Chevy Impala.

DARPA does all sorts of crazy, interesting stuff with it's multi-million-dollar budget. From bullets that change direction to laser defense weapons on business jets, the government's kooky, skunkworks-y research division usually lives somewhere between the crazy futuristic, and the bleeding edge.

And their latest demo is no different, even if it's a little scary. While being profiled by 60 Minutes, DARPA's Dan Kaufman demonstrated how a hacker can assume control of certain vehicles through cellular data connections. In other words: Kaufman hacked into a Chevy Impala through the car's OnStar cellular service connection.

Kaufman, who runs DARPA's Information Innovation Office, offers up some details, but keeps most of the technical details on the down-low. To start, Kaufman floods the car's OnStar connection with traffic. During the flood, a data packet is transmitted to the vehicle's internal computers, complete with code that allows the remote control to go through. Once the connection is established and the code is executed, many of the vehicle's functions are under remote control -- braking and acceleration included. Kaufman even turns the windshield washer fluid jets on, just for kicks.

And this demo isn't just for kicks. Senator Ed Markey (D-MA) today published a report on how hackable new cars can be. (Full report is here.) That report, among other findings, says that "Only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time."

The primary takeaway? So much of the computer hardware and software used in cars today is proprietary and deemed confidential by automakers, so it's difficult to get a bead on which manufacturers are pushing forward in data security. Even Senator Market's report doesn't name specific manufacturers, generating just as many new questions as there are answers.

Source: Jalopnik

Permalink

Yeah... fuck that. I am never ever getting a car that has any wifi capability. I don't want nor do I need such a vehicle.

However shit like this is my worst fear of some asshole who hacks a bunch of cars on an interstate and causes a massive pileup "for the luls". Don't tell me there's no one out there that would do this... 7 billion people in the world, one of them is guaranteed to be that fucked in the head.

pretty sure more than a few folks thought this was already the state of play after the death of Michael Hastings...

regardless the Manhattan project protocol still likely applies: ie no admittance of technological capability until operational capability has been achieved.

or to put it another way: when they publicly demonstrate something like this you can be damn sure the same technology has already been "weaponised"...

So despots of the world are rejoicing, now they don't even need a weapon to eliminate political rivals, just jack their car, disable the brakes and jam that accelerator to 100%.

Mr Mugabe must be very excited, he does love a good car crash.

I'm not big into cars, but couldn't this be fixed by just making old fashion cars without all the fancy tech?
I'm pretty sure cars couldn't be hacked in the 90s...

azurine:
I'm not big into cars, but couldn't this be fixed by just making old fashion cars without all the fancy tech?
I'm pretty sure cars couldn't be hacked in the 90s...

There are cars being sold today that can't be hacked, mostly cause they're either cheap, reasonable, or simply don't have a wireless connection to the outside world.

Just don't buy a car with a wireless connection, there's absolutely no smart reason for a car to have it. There are some cars that have a wireless system that can talk to emergency vehicles, such as ambulances. But I don't see the point in it, seeing as emergency vehicles have a blasting sound which communicates, "Get out of the f**king way!" And that's all you really need to know.
There's the other functions of warning you about congestions, vehicle accidents that are in your path, etc.

If a car company can't 'live without' those features, just install a separate unit, like a GPS, with those features.

I have no idea why there would be a need to be a direct connection to the car itself, unless it's for 'security' like bringing a high speed chase to a halt in 5 seconds.

And my trust in the first generation of self-driving cars is lower than ever now.

You'd think they'd at least make attempts at security on current cars. If they aren't even doing that, I don't buy that they'd do any decent pass at securing the first self-driving ones because "All our software is proprietary".

I've been saying this for fucking years. Electric power steering, ABS, electronically shifting automatic transmissions, and complete computer control over the engine; with a compromised wireless link, all of those features make a car practically drivable via remote. (Maybe the control is no where as good as the Mythbuster's 2-ton RC toys but still good enough for hijinks, assassinations and terrorism.) Without the wireless, they are still things that can go wrong, although they either save fuel or are safety measures in themselves that outweigh their negatives. The only good thing is the brake pedal is still a physical link, and jamming that down as hard as you can will hopefully slow you down safely. (I don't know how strong the power steering motors are, but I doubt you will have an easy time fighting that.)

Those On Star and equivalent systems also call home even after you cancel the subscription, or even if you never bought a plan with the car but the module was installed. Dealers are also hesitant to remove it for you, as they could be held liable for disconnecting them in case of an accident where emergency services could not be contacted. So, you either have to do it yourself (while ignoring their lies about affecting other systems, besides any car phone features that use the module's cell modem) or demand a waiver they neglect to mention when you first ask about getting rid of the system. I wonder how well integrated Tesla Motor's internet update system is. That was kinda a deal breaker when I read about it last week.

I'll stick with something that doesn't talk to the outside world. Updating the CAN-bus modules via a secure laptop or scan tool with a well tested file is one thing, but letting the brains that control every aspect of your car be constantly within reach of anyone else with the right equipment and program is another. The day when wireless safety systems that take control away from the driver, or could give hackers that ability, is the day I make something like a '69 Charger my daily driver (after my old car rusts away).

Nothing new here,..............certainly not to Michael Hastings (too soon?)

Apparently not. I was already ninja'd by Sleekit.

azurine:
I'm not big into cars, but couldn't this be fixed by just making old fashion cars without all the fancy tech?
I'm pretty sure cars couldn't be hacked in the 90s...

I solved the issue when I got my 2013 computer on wheels by getting the manual transmission, which on a V8 makes for a better drive too. Granted I lose the auto parking and some fuel efficiency features but the gear stick, clutch etc are manual and this not computer controlled. Nice to have the "Manual override" feature in emergencies ;-)

You see, this is what I thought ATMOS would really do, turn millions of cars into automated killing machines.

Heh, Maximum Overdrive, anyone?

Well that's kinda horrifying. Dunno why you'd need a car with wireless though. Could the same or something similar be done with bluetooth cars?

azurine:
I'm not big into cars, but couldn't this be fixed by just making old fashion cars without all the fancy tech?
I'm pretty sure cars couldn't be hacked in the 90s...

90s cars can be hacked. if you want cars that cant be hacked go to 70s and back. as in, go to the time when the onboard comptuer didnt regulate the engine by simply not existing. engine control was one of the first thing on-board computers could do and they did it since 80s. (well late 80s).

Yes, this could be fixed by simply keeping car technology back in dark ages.

Areloch:
And my trust in the first generation of self-driving cars is lower than ever now.

You'd think they'd at least make attempts at security on current cars. If they aren't even doing that, I don't buy that they'd do any decent pass at securing the first self-driving ones because "All our software is proprietary".

when you create a proof of concept prototype your not shielding it for security, your trying to make it work and make it secure afterwards. if this was a car sold as self-driving car and i could go and buy one today them i would agree. so far what we see is basically testing phase where these things have to be caught and weeded out. they are doing their job right.

Devin Connors:
That report, among other findings, says that "Only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time."

The sad part is that this keeps being talked about as if it's a point in those two manufacturer's favour, when it's actually the exact opposite. If they can respond in real time, that means there's a long-range wireless data connection (usually GSM) to the car. Which is exactly the problem in the first place. Most cars only have short-range wireless links intended for internal communication or for technicians to diagnose and adjust things. That means that at least any attacker has to be close to, or potentially even inside, the car in order to do anything. Far from increasing security, adding a phone link just gives a much more open line of attack that can potentially be accessed by anyone in within miles of the car. Plus, what exactly is a real-time response supposed to achieve in the first place? This isn't a '90s hacker film with two people on keyboards seeing who can type the fastest to win the hacking battle, the whole point of competent security is to stop unauthorised access in the first place. Once someone has hacked in and inject whatever code they wanted to, responding after the fact is almost entirely pointless. At that point nothing short of a full factory reset is going to help.

Jiggle Counter:
Just don't buy a car with a wireless connection, there's absolutely no smart reason for a car to have it.

That's not entirely true. One of the main reasons cars are so much more efficient and reliable (yes, they are much more reliable even though many don't see to believe it) than they used to be is because they have all kinds of sensors computers keeping things under control, correcting for the conditions, noticing when there's a problem, and so on. But the more little computers you have in there, the harder it becomes to physically connect to them. Having wireless connections allows people to diagnose, and in many cases actually fix, problems just by sitting near the car with a laptop rather than having to spend half an hour digging around under the engine to find the right computer to plug in to. Then there's bluetooth which is frequently used for stereos and hands-free phones, but which can present another potential attack vector to at least some computery parts. Good design would not include anything critical that could be attacked that way and at worst would just mean you can't see your fuel economy or whatever, but that relies on all manufacturers actually using good design, which they clearly don't.

So yes, there are plenty of perfectly good reasons to have at least some wireless connectivity in cars. The problem is that many modern cars just have it slapped in willy-nilly on to every component they can think of, and that this frequently includes long-range connections that serve no useful purpose - all they do is allow the manufacturer to collect personal data and forcibly update bits of your car whether you want them to or not. Wireless in cars is not inherently bad, it's just the unthinking addition of it to everything regardless of need or security that presents a problem.

Strazdas:

Areloch:
And my trust in the first generation of self-driving cars is lower than ever now.

You'd think they'd at least make attempts at security on current cars. If they aren't even doing that, I don't buy that they'd do any decent pass at securing the first self-driving ones because "All our software is proprietary".

when you create a proof of concept prototype your not shielding it for security, your trying to make it work and make it secure afterwards. if this was a car sold as self-driving car and i could go and buy one today them i would agree. so far what we see is basically testing phase where these things have to be caught and weeded out. they are doing their job right.

Well, the car demonstrated isn't a self-driving car. It's just a modern Impala - my understanding is that it's not a self-driving car at least.

My point was more of a "If car manufacturers have lax or utterly lacking hacking security on CURRENT cars because 'it's cool because our stuff is proprietary', then my belief they'll try any harder for the first generation of self-driving cards is pretty much non-existent".

Hopefully this shames them into stepping their game up though.

Kahani:
But the more little computers you have in there, the harder it becomes to physically connect to them. Having wireless connections allows people to diagnose, and in many cases actually fix, problems just by sitting near the car with a laptop rather than having to spend half an hour digging around under the engine to find the right computer to plug in to.

You don't have to dig through the car to plug into a computer. The only things that are guaranteed to be wireless are the tire pressure sensors in each wheel. For everything else, there's is one plug, located under the dash around the driver, called the OBDII connector. Using that gives you access to every module hooked up to the CAN-bus and able to communicate in the car. I've used a laptop several times at my old job and I could pull up over a dozen modules and pull DTCs about everything from calibrations needing to be performed to failed modules from the rest of the system there. The only way you wouldn't see a computer was if it was damaged or purposefully disconnected. And, honestly, if I want a connection to do diagnostic work away from the front seat, I would rather have a long cable or plug a wireless transmitter into the OBD port. (I even have one that does plug into that port and connect to my phone. But, I don't leave it plugged in for long, and the only thing someone could do to my old truck if they hijacked that connection is see my O2 sensor readings and my poor gas mileage.) It's just more secure when the transmitter is removed from the car after work is done, not with it built into the car.

Then there's bluetooth which is frequently used for stereos and hands-free phones, but which can present another potential attack vector to at least some computery parts. Good design would not include anything critical that could be attacked that way and at worst would just mean you can't see your fuel economy or whatever, but that relies on all manufacturers actually using good design, which they clearly don't.

So yes, there are plenty of perfectly good reasons to have at least some wireless connectivity in cars. The problem is that many modern cars just have it slapped in willy-nilly on to every component they can think of, and that this frequently includes long-range connections that serve no useful purpose - all they do is allow the manufacturer to collect personal data and forcibly update bits of your car whether you want them to or not. Wireless in cars is not inherently bad, it's just the unthinking addition of it to everything regardless of need or security that presents a problem.

I would imagine the bluetooth modules themselves can not send any commands that override the mechanical components of the vehicle,[1] but I wouldn't be surprised if it did happen someday, with how insecure they make these things while adding features most drivers will never figure out. The good news is standard bluetooth signal strength only goes for about 10 meters, IIRC.

It is really stupid how the engineers put all of this advanced technology into cars, yet they don't consult security experts that can easily point out flaws it the designs. They were so used to needing access to the interior to do anything that they didn't really think about outside attacks. It reminds me of plenty of game publishers that plan out something, but forget how powerful internet traffic could possibly be or how profane and hack-happy the users could be.

[1] Then again, I did watch a video of thieves breaking into a new BMW with a smartphone through WiFi a few years ago.

I just wonder when we will start seeing automobile anti-virus software

Well good fucking morning, this shit has been doable from the very start of one computer car systems.
But hey why would we put critical systems on a separate computer when we can save money and put everyone at risk.

 

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here