WHy are cars able to be hacked in the first place?

Forums › Transport (cars, bikes and boats) › WHy are cars able to be hacked in the first place?

ghettomaster

284 posts

Ultimate Geek

# 181399 14-Oct-2015 10:36

In reading about the now infamous hacks on cars these days it begs the question for me - why is this even remotely possible?

Why does a car need to be built in such a way that the brake pedal or steering wheel or any other driving component can be operated by the computer? I understand this may be helpful for diagnostics but surely the risk outweighs the benefit?

If, for some reason I cannot fathom, these capabilities must be in a car these days why is the entertainment and internet capable side of the system not air-gapped from the critical systems? Surely it's not hard to design things so these kind of hacks will be impossible.

Am I missing something here?

lxsw20

2325 posts

Uber Geek

Subscriber

# 1405551 14-Oct-2015 10:47

Stability control and park assist are the main reasons the car can control the braking and steering.

https://en.wikipedia.org/wiki/Electronic_stability_control

If you watch the full video on how those guys hacked a jeep (I think it was a jeep) what you and I assume to mean air gapped and what Jeep meant by air gapped were two very different things.

wasabi2k

2092 posts

Uber Geek

# 1405560 14-Oct-2015 10:59

There was a biiiig long thread about this when the car hacking stories came out....

I believe the result was it is useful for some cases and more to the point, whoever designed the systems did a spectacularly bad job of securing them.

Dairyxox

1495 posts

Uber Geek

# 1405563 14-Oct-2015 11:03

Because car manufacturers haven't thought it through completely....basically.
There should be an isolation between 'outside world communications' and mission critical systems (brakes, drivetrain etc), like you suggest.

I'd imagine future systems will have this.

Part of the issue stems from the fact that many new "assets" these days are internet connected by default out of the factory, even if you didn't ask for/specify, or even pay for the 'feature'.

Inphinity

2544 posts

Uber Geek

# 1405575 14-Oct-2015 11:17

Because some manufacturers didn't consider the possibility it could get hacked. Poor design. Some did, and aren't as at risk.

ghettomaster

284 posts

Ultimate Geek

# 1405577 14-Oct-2015 11:19

Thanks for the replies - I'll go hunt that thread down.

davidcole

4625 posts

Uber Geek

Trusted

# 1405616 14-Oct-2015 12:22

Cost, not bad design Id bet you'd find is the main reason. To properly separate you'd need two CAN buses = cost.

Previously known as psycik

OpenHAB: Gigabyte AMD A8 Brix, OpenHAB with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Xiaomi Humidity and Temperature sensors and Bluetooth LE Sensors
Media:Chromecast v2, ATV4, Roku3, HDHomeRun Dual
Windows 10 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex ,NextPVR Metadata Agent and Scanner for Plex

Wade

2213 posts

Uber Geek

# 1405704 14-Oct-2015 14:47

Am i right in assuming though that without a wireless data connection to the car it would not be possible to hack?

davidcole

4625 posts

Uber Geek

Trusted

# 1405707 14-Oct-2015 14:49

Wade: Am i right in assuming though that without a wireless data connection to the car it would not be possible to hack?

Harder as you need physical access. But I wouldn't say impossible.

BlueShift

1472 posts

Uber Geek

# 1405710 14-Oct-2015 14:51

Wade: Am i right in assuming though that without a wireless data connection to the car it would not be possible to hack?

Its still possible, but requires physical access to the vehicle. Sneak in, hook up the hackery equivalent of a mobile data stick to the ONT, and the car is yours remotely whenever you feel like it.

RUKI

1149 posts

Uber Geek

# 1407263 15-Oct-2015 13:37

Every Geek knows - it is "Because you live in a Matrix"

Your Phone, Tablet, Laptop, PC, Electricity Meter, Smart Home System, your IP cameras in your CCTV system have already been hacked.

It is that old car with no internet connection is what makes YOU incompatible with the Matrix's OS.

The real question is - how long before Matrix will disallow you that uncontrolled ride?

lchiu7

5175 posts

Uber Geek

Trusted

# 1410931 22-Oct-2015 10:28

Well this is a particularly germane example !

http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11533005

Staying in Wellington. Check out my AirBnB in the Wellington CBD. https://www.airbnb.co.nz/rooms/32019730 Mention GZ to get a 10% discount

System One: Popcorn Hour A200, PS3 SuperSlim, NPVR and Plex Server running on Gigabyte Brix (Windows 10 Pro), Sony BDP-S390 BD player, Pioneer AVR, Raspberry Pi running Kodi and Plex, Panasonic 60" 3D plasma, Google Chromecast

System Two: Popcorn Hour A200 , Oppo BDP-80 BluRay Player with hardware mode to be region free, Vivitek HD1080P 1080P DLP projector with 100" screen, Denon AVRS730H 7.2 Channel Dolby Atmos/DTS-X AV Receiver, Samsung 4K player, Google Chromecast, Odroid C2 running Kodi and Plex

graemeh

2078 posts

Uber Geek

Subscriber

# 1410932 22-Oct-2015 10:30

lchiu7: Well this is a particularly germane example !

http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11533005

Not if the reports of a "factory key" are correct. If they are it is more like "thief stole car using master key".