A disgruntled worker allegedly caused chaos after he hacked into a vehicle immobilisation system and remotely disabled cars, Wired reports. More than 100 drivers in Austin, Texas were stuck with immobilised cars or horns blaring out of control, after an intruder last month ran amok on a system normally used to warn customers who …
"wireless pager network".... are there wired ones?
Wait ... what ?
you get behind on your repayments and you car start blaring it's horn and flashing it's lights?
Computer controlled cars?!
Why people would buy a car with a computer in it is beyond me. Once there are no second hand mechanical cars left on the road, I think I'll stick to my bicycle.
There are cars out there that aren't mechanical?
Behold the march of technology
Sorry Dr Christian not for long
"For the last five years, Cannondale has been working on a programmable electronic suspension system that they’ve dubbed Simon. Its chassis is a standard Lefty fork that we’re all familiar with, but inside sits something that seems like it’s straight off a Formula One race car. An on-board high-speed computer system allows for situational suspension that can adapt for travel management and damping rates depending on the map setting you choose and terrain input the fork senses."
Shimano already sell the Dura-Ace Di2 electronic groupset
The title is required, and must contain letters and/or digits.
This isn't a computer controlled car as such.
It is a third party device which is installed by the dealer, not the manufacturer, behind the dash board, and is simply wired into the ignition and horn circuits.
Of course, it does mean you have a car which someone else can override for as long as the car survives, even after you have paid off the finance on it.
All your base are belong to us
Unless, of course, you know it's there and take the wire cutters to it.
Do dealers legally have to tell you they've installed the thing when you buy the car? Seems to me they could be liable for the usual zillions of dollars in damages if someone had a prang and claimed they lost control due to the unit going off.....
used his own IP.
Come in AA0 0001
Your time is up!
Who ever thought...
... that this would be a good idea - take a couple of tonnes of metal (we're talking American cars here) and wire and engine immobiliser into the world's most insecure network?
Did nobody at any point think, "hang on a minute..." ?
A snip snip here a snip snip there and solder it all back togheter again and that's done then.
Come on, El Reg...
...YOU'RE calling it a 'hack', too? He used a coworker's login to access the web site he'd used as an employee of the company. That's as much hacking as changing your oil is mechanical engineering...
Surely the potential for something to go wrong leaving you in charge of a suddenly immobilised car is massive. 60-0 isn't good for you or the car(s) behind you, worse (maybe) if you're in the middle of crossing a railway line. Couldn't there be a noise complaint if your car continues to make a honking noise which you can't stop?
I appreciate the idea of affordable rentals but it doesn't sound like rocket science to disable the device as soon as you're off the forecourt.
@ All objectors
As an automotive software engineer, I'll bite...
I worked on something similar to this for Aston Martin. As is the case with absolutely every system on the car's powertrain, steering and braking systems, the FMEA (failure mode effects analysis) went into scenarios like this in some detail. On that particular system, we required the vehicle to be stationary for longer than some preset time before we pulled the plug; or if the user keyed off (again for more than a preset time) then we simply refused to restart. Oh, and we also required a working speed sensor, so that a damaged speed sensor registering 0MPH permanently wouldn't cause things to drop out at the wrong time.
As regards network security on CAN, the Aston immobiliser was permanently coded into the engine management system. We then had a separate box which talked GSM, which was optional. Once the EMS had seen the GSM box, it would refuse to start if you removed that GSM box, because it expected to handshake at key-on before it'd start the engine.
In this case, I doubt it's as good as the Aston version - you probably could get round it with a bit of wire-clipping, *IF* you knew which wires to cut and join together. And that's your problem, right there. Which wires need to be cut, which wires need to be held to 12V and which need to be at 0V? Good luck guessing it. Sure, if you can get the car back to a garage and spend a few hours, you can probably figure it out, but if it cuts out at the first traffic lights and refuses to restart, you're a bit screwed, aren't you? Like most security measures, the aim isn't to make it completely impervious to attack, it's simply to make it secure enough that the overwhelming majority of attackers won't be able to break it.
Oh, and Dr Christian, the 1970s called and said they'd like you back. They said they needed someone who didn't care about emissions, efficiency, reliability or performance, and hadn't the first clue when it came to making cars run well. Apparently you were just what they needed for the Austin Allegro.
I am amazed that the l33t kudos from hacking into the central control system and stopping hundreds of cars from lots of dealerships, rather than a few from a single dealership has not inspired a hack that could stop a city.
You can hear the news radio.
It's 07:33 and the freeway has just stopped as dozens of cars have come to a halt in down town bumfu*k city Aritexmexada.
Just a thought.......
Re: nocar @lukedog
They don't say the immobilizer kicks in while the cars are running. It presumably just prevents the car starting again but still lets it run if already running.
In fact the linked Wired article explicitly says "The system will not stop a running vehicle".
k2 Bike did that in the 90's
@rainforestguppy: K2 Bike smartshock, a cpu controlled damping device using a piezo actuator to control damping rebound was on bikes in 1998!!! cannondale are only 12 years behind!
What a twat
Clearly he didn't have his back passage adequately protected. Still he will end up in a US goal.
Raise you a euphemism
As in pummeled into the back of the net?
- IT bloke publishes comprehensive maps of CALL CENTRE menu HELL
- Analysis Who is the mystery sixth member of LulzSec?
- Comment Congress: It's not the Glass that's scary - It's the GOOGLE
- Analysis Hey, Teflon Ballmer. Look, isn't it time? You know, time to quit?
- Murdoch Facebook gloat: You're like my $580m, 'CRAPPY' MySpace