Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Cars are getting hacked now

  1. #1
    Venturi3D.com for the FUTURE MR2 Fan's Avatar
    Join Date
    Jan 2014
    Location
    Tampa Bay, Florida
    Posts
    3,494

    Cars are getting hacked now

    http://www.wired.com/2015/07/hackers...mbid=social_fb

    All of this great big beautiful connected tomorrow

  2. #2
    Senior Member
    Join Date
    Jan 2014
    Posts
    10,171
    I think we have a piece of this technology on the Fiat, and it's pretty terrifying from a user perspective. Hacks aside, security is WEAK. Thank God the Fiat 500e is different than all the cars electronically. Half the "things" that dealer tools can do with regular cars don't work at all on the e version.

    It's absolutely crazy that amidst all the other widely-publicized hacks of things nobody at Chrysler said, "Hey, maybe some security here."

  3. #3
    Senior Member
    Join Date
    Jan 2014
    Posts
    5,223
    Fucking yikes.

  4. #4

  5. #5
    Venturi3D.com for the FUTURE MR2 Fan's Avatar
    Join Date
    Jan 2014
    Location
    Tampa Bay, Florida
    Posts
    3,494
    the big question for me is....is this something where only individual cars can be hacked, or is it possible for all cars of a certain make be hacked at once? (which is VERY scary)

  6. #6
    We All Live in a Yellow BRZ The359's Avatar
    Join Date
    Jan 2014
    Location
    Pennsylvania
    Posts
    1,300
    From what they mentioned in the video, they're going through the car's onboard cellular system, which requires them to know the number for that specific car, which they easily were able to get because it's their own Jeep. The only way to get into random guy's Jeep is if they know that car's number. So no, they couldn't just hack into all Jeeps at once and control them all at once. It'd have to be a single vehicle only. And I'd think commands would vary from vehicle to vehicle.

    This is similar to the hacks before where people managed to get through the car's onboard Bluetooth systems.
    Last edited by The359; July 24th, 2015 at 10:53 AM.
    Nulla Tenaci Invia Est Via

  7. #7
    Senior Member
    Join Date
    Jan 2014
    Posts
    10,171
    You do have to know the car's IP, but it doesn't take long to scan a whole mess of them. Since IPs are tracked by carrier, it wouldn't take long to find out what block is assigned to whomever carries Chrysler and then scan all of those. Since IPs on connecting systems don't typically change very often, it would not be difficult to spend a month scanning a block of IPs, find the Chryslers, and then hack them all at once. All good hacks take time and patience, this one would be no different.

    That assumes you don't just set up a fake cell tower and do it that way. For example, an IMSI catcher. https://en.wikipedia.org/wiki/IMSI-catcher. Plop one of those down on a limited access, high-traffic roadway (like a bridge) and make all the Jeeps plow into each other. Not had to imagine, not all that hard to do (apparently).

  8. #8
    Corvette Enthusiast Kchrpm's Avatar
    Join Date
    Jan 2014
    Location
    Cincinnati, OH
    Posts
    6,854
    The article disagrees with the video, then, or is at least unclear.

    Sitting on a leather couch in Miller’s living room as a summer storm thunders outside, the two researchers scan the Internet for victims.

    Uconnect computers are linked to the Internet by Sprint’s cellular network, and only other Sprint devices can talk to them. So Miller has a cheap Kyocera Android phone connected to his battered MacBook. He’s using the burner phone as a Wi-Fi hot spot, scouring for targets using its thin 3G bandwidth.

    A set of GPS coordinates, along with a vehicle identification number, make, model, and IP address, appears on the laptop screen. It’s a Dodge Ram. Miller plugs its GPS coordinates into Google Maps to reveal that it’s cruising down a highway in Texarkana, Texas. He keeps scanning, and the next vehicle to appear on his screen is a Jeep Cherokee driving around a highway cloverleaf between San Diego and Anaheim, California. Then he locates a Dodge Durango, moving along a rural road somewhere in the Upper Peninsula of Michigan. When I ask him to keep scanning, he hesitates. Seeing the actual, mapped locations of these unwitting strangers’ vehicles—and knowing that each one is vulnerable to their remote attack—unsettles him.
    Get that weak shit off my track

  9. #9
    Senior Member
    Join Date
    Jan 2014
    Posts
    10,171
    Quote Originally Posted by Kchrpm View Post
    The article disagrees with the video, then, or is at least unclear.
    That sounds exactly like I'd expect the attack to work. This attack against cell phones has been demonstrated numerous times - a car is no different.

  10. #10
    Venturi3D.com for the FUTURE MR2 Fan's Avatar
    Join Date
    Jan 2014
    Location
    Tampa Bay, Florida
    Posts
    3,494
    Quote Originally Posted by thesameguy View Post
    You do have to know the car's IP, but it doesn't take long to scan a whole mess of them. Since IPs are tracked by carrier, it wouldn't take long to find out what block is assigned to whomever carries Chrysler and then scan all of those. Since IPs on connecting systems don't typically change very often, it would not be difficult to spend a month scanning a block of IPs, find the Chryslers, and then hack them all at once. All good hacks take time and patience, this one would be no different.

    That assumes you don't just set up a fake cell tower and do it that way. For example, an IMSI catcher. https://en.wikipedia.org/wiki/IMSI-catcher. Plop one of those down on a limited access, high-traffic roadway (like a bridge) and make all the Jeeps plow into each other. Not had to imagine, not all that hard to do (apparently).
    And this is where, IMO, it comes down to the idea of need. Do we need our cars to be remotely connected like this all the time? I know Teslas have been great for getting upgrades and updates to their interface and more efficiency IIRC, but the potential bad side to this is pretty scary.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •