Car electronics increasingly hackable

Here is a crazy idea right out of the shoot!

http://www.fightback.com/2011/10/gm-will-help-you-rent-your-...

Did you notice they didn't mention anything about your insurance company and what they have to say about this

I cannot see this really happening in most situations. Sounds more like movie criminal stuff. Instead of cutting a guy's brakes now you will control their car off a bridge or cliff.

But you can't control someone with bad intentions. Sounds like the car needs to be powered up in most of the situations so far, but soon I worry that criminals will just roll through the neighborhood with their laptop looking for lights flashing because their laptop unlocked a close car. Then they can grab your radar detector or what-not.

alarms, motion detectors and firearms!

You can buy a code grabber for about $100, they will pick up alarm codes and garage door openers.

Nothing is SECURE! Because it was made by Human-being. There is no such thing called Hack-Proof to my knowledge.. For example, the PlayStation Network, ABC, CNN, DIRECTV, DISH-NETWORK etc... ALL WERE hacked.

First off,

Look at who "discovered" this procedure. A research project out of a college. In order for this to escape from the quirks uncovered by by people looking to learn how to better protect devices, there has to be value to the object being attacked. Just how much value is there to the average automobile anyway? Probably not much. Yes, some high-end vehicles could be attacked, but do you honestly think anyone cares about your car?

What was interesting, if you managed to read between the lines, the vehicles that have a cellular number or links into the internal computer systems to do things like unlock doors all come from a single manufacturer. None of the other vehicles having built-in cellular systems. Try as these students and advisors will, they can't break into a system that isn't connected to the Internet through its own connection. The Sync system by Ford is truly a watershed concept in that the connection isn't in the vehicle as a permanent part, it is brought into the vehicle by the owner. In order to access the vehicle through its Bluetooth you would have to either have compromised the phone or be within the limited range of the vehicle's Bluetooth system.

All in all, the story is, in my estimation, a filler piece that will inspire some major changes at one manufacturer and a little increased vigilance at others.

As Box Car summarized, a filler piece. Any communications link is susceptible -- if not to spoofing and/or fuzzing, then to outright jamming or DOS (denial of service) attacks. This means ANY communications link -- including pushbuttons -- do a google search on "Therac-25" for example.

Overall, the embedded systems folks are still trying to hide under a rock and pretend these issues don't exist.

The tire pressure monitors in newer cars mostly operate on the 318 MHz band, as do the keyless entry systems on cars such as BMWs and Minis -- a wonderful opportunity for DOS.

(We've already seen examples of DOS in this 318 MHz band, with garage door openers in various parts of the country rendered inoperable due to Air Force operations nearby.)

While many of these systems are airgapped or separated from systems with wireless capabilities, hitting those wireless-based systems can still cause confusion in the driver, which could result in at least distraction, if not accidents.

(In my Mini-Cooper, the network operating the sound - entertainment system is separate from the network that runs the engine, transmission, braking, and stability control systems.)

A huge issue with these embedded systems is updates -- suppose a fuzzing attack is discovered that crashes the bluetooth stack, throwing the entertainment system in your car into some bizarre mode that can only be cleared by disconnecting the battery. Want to guess the chances of a bug fix to the bluetooth stack? Or someone documents an inexpensive device to spoof wireless tire pressure monitors -- you think the automotive industry has troubles with recalls on faulty steering or brake lines?

(The industry solution will be the same as what the old AMPS (analog) cellular industry did when people discovered their phone calls could be easily monitored -- the industry didn't want to fix the problem, because that would cost money, so they paid someone to make intercepting calls illegal. That didn't stop the interception of AMPS cell calls.)

The real solution is to design and test systems, insure safe failure modes, and provide for upgrade paths. But that takes time and costs money.

With rolling security codes, code grabbers really aren't that useful...

All garage doors and recent cars (in last 5-10 years) use rolling security codes.