Car Tech – Part Deux: The Hacking

PRN'D!I’ve already ranted about cars and technology making it unsafe for all of you to drive around me, but I fear I must take it further. Car hacking isn’t totally new, but with the advances in wireless communications, we all knew this was coming.

Car Shark software has been used in the past to disrupt communications on the CAN (Controller Area Network) via the OBD-II diagnostic port and the brief wireless communications between air pressure sensors in the tires. The OBD-II connections are fairly safe for hacking, because it requires direct access to the interior of the car. You might notice that. The wireless pressure sensors just proved that injected signals can mess with the car. Now we have the mix of both.

The newer technologies of GM’s OnStar and Ford’s Sync technologies have opened up new doors to car hackers. Since both systems make use of Bluetooth to provide safer, hands-free calls to the driver, this leaves a giant area open to hackers. BlueJacking isn’t new – in fact it was quite a problem with Bluetooth 1.0. Tools are widely available to hack encrypted Bluetooth signals. Combine them with new research presented to the Committee on Vehicle Controls and Unintended Acceleration, and you get people driving your car from afar. Well, afarther away than the drivers seat.

In their findings, assistant professor Tadayoshi Kohno of University of Washington and professor Stefan Savage, of UCSD discuss a vulnerability in the Bluetooth system that allows execution of code from within the cars network. They weren’t limited to just the Bluetooth system, which was easily accessed via illegitimate pairings. The car’s media players also presented attack surfaces. But these are the least of my worries. What’s really problematic is what can be done once the vehicle’s computer is accessed.

Source : Technology Review