WHy are cars able to be hacked in the first place?

Forums › Transport (cars, bikes and boats) › WHy are cars able to be hacked in the first place?

ghettomaster

387 posts

Ultimate Geek
+1 received by user: 130

#181399 14-Oct-2015 10:36

In reading about the now infamous hacks on cars these days it begs the question for me - why is this even remotely possible?

Why does a car need to be built in such a way that the brake pedal or steering wheel or any other driving component can be operated by the computer? I understand this may be helpful for diagnostics but surely the risk outweighs the benefit?

If, for some reason I cannot fathom, these capabilities must be in a car these days why is the entertainment and internet capable side of the system not air-gapped from the critical systems? Surely it's not hard to design things so these kind of hacks will be impossible.

Am I missing something here?

lxsw20

3689 posts

Uber Geek
+1 received by user: 2174

Subscriber

#1405551 14-Oct-2015 10:47

Stability control and park assist are the main reasons the car can control the braking and steering.

https://en.wikipedia.org/wiki/Electronic_stability_control

If you watch the full video on how those guys hacked a jeep (I think it was a jeep) what you and I assume to mean air gapped and what Jeep meant by air gapped were two very different things.

wasabi2k

2102 posts

Uber Geek
+1 received by user: 860

#1405560 14-Oct-2015 10:59

There was a biiiig long thread about this when the car hacking stories came out....

I believe the result was it is useful for some cases and more to the point, whoever designed the systems did a spectacularly bad job of securing them.

Dairyxox

1595 posts

Uber Geek
+1 received by user: 455

#1405563 14-Oct-2015 11:03

Because car manufacturers haven't thought it through completely....basically.
There should be an isolation between 'outside world communications' and mission critical systems (brakes, drivetrain etc), like you suggest.

I'd imagine future systems will have this.

Part of the issue stems from the fact that many new "assets" these days are internet connected by default out of the factory, even if you didn't ask for/specify, or even pay for the 'feature'.

Inphinity

2780 posts

Uber Geek
+1 received by user: 1184

#1405575 14-Oct-2015 11:17

Because some manufacturers didn't consider the possibility it could get hacked. Poor design. Some did, and aren't as at risk.

ghettomaster

387 posts

Ultimate Geek
+1 received by user: 130

#1405577 14-Oct-2015 11:19

Thanks for the replies - I'll go hunt that thread down.

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#1405616 14-Oct-2015 12:22

Cost, not bad design Id bet you'd find is the main reason. To properly separate you'd need two CAN buses = cost.

Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight

Samsung

Shop now on Samsung phones, tablets, TVs and more (affiliate link).

Wade

2225 posts

Uber Geek
+1 received by user: 373

#1405704 14-Oct-2015 14:47

Am i right in assuming though that without a wireless data connection to the car it would not be possible to hack?

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#1405707 14-Oct-2015 14:49

Wade: Am i right in assuming though that without a wireless data connection to the car it would not be possible to hack?

Harder as you need physical access. But I wouldn't say impossible.

BlueShift

1692 posts

Uber Geek
+1 received by user: 969

#1405710 14-Oct-2015 14:51

Wade: Am i right in assuming though that without a wireless data connection to the car it would not be possible to hack?

Its still possible, but requires physical access to the vehicle. Sneak in, hook up the hackery equivalent of a mobile data stick to the ONT, and the car is yours remotely whenever you feel like it.

RUKI

1405 posts

Uber Geek
+1 received by user: 422

#1407263 15-Oct-2015 13:37

Every Geek knows - it is "Because you live in a Matrix"

Your Phone, Tablet, Laptop, PC, Electricity Meter, Smart Home System, your IP cameras in your CCTV system have already been hacked.

It is that old car with no internet connection is what makes YOU incompatible with the Matrix's OS.

The real question is - how long before Matrix will disallow you that uncontrolled ride?

lchiu7

6521 posts

Uber Geek
+1 received by user: 543

Trusted

#1410931 22-Oct-2015 10:28

Well this is a particularly germane example !

http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11533005

Staying in Wellington. Check out my AirBnB in the Wellington CBD. https://www.airbnb.co.nz/h/wellycbd PM me and mention GZ to get a 15% discount and no AirBnB charges.

Samsung

Shop now on Samsung phones, tablets, TVs and more (affiliate link).

graemeh

2080 posts

Uber Geek
+1 received by user: 226

#1410932 22-Oct-2015 10:30

lchiu7: Well this is a particularly germane example !

http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11533005

Not if the reports of a "factory key" are correct. If they are it is more like "thief stole car using master key".