Feeds

back to article Ex-worker blamed for car immobilisation hack

A disgruntled worker allegedly caused chaos after he hacked into a vehicle immobilisation system and remotely disabled cars, Wired reports. More than 100 drivers in Austin, Texas were stuck with immobilised cars or horns blaring out of control, after an intruder last month ran amok on a system normally used to warn customers who …

COMMENTS

This topic is closed for new posts.
Bronze badge

Ummmm

"wireless pager network".... are there wired ones?

0
0
Megaphone

wowser

Wait ... what ?

you get behind on your repayments and you car start blaring it's horn and flashing it's lights?

That's awesome

0
0
WTF?

Computer controlled cars?!

Why people would buy a car with a computer in it is beyond me. Once there are no second hand mechanical cars left on the road, I think I'll stick to my bicycle.

0
0
Anonymous Coward

Eh?

There are cars out there that aren't mechanical?

0
0

Behold the march of technology

Sorry Dr Christian not for long

Quote

"For the last five years, Cannondale has been working on a programmable electronic suspension system that they’ve dubbed Simon. Its chassis is a standard Lefty fork that we’re all familiar with, but inside sits something that seems like it’s straight off a Formula One race car. An on-board high-speed computer system allows for situational suspension that can adapt for travel management and damping rates depending on the map setting you choose and terrain input the fork senses."

Shimano already sell the Dura-Ace Di2 electronic groupset

0
1
Unhappy

The title is required, and must contain letters and/or digits.

This isn't a computer controlled car as such.

It is a third party device which is installed by the dealer, not the manufacturer, behind the dash board, and is simply wired into the ignition and horn circuits.

Of course, it does mean you have a car which someone else can override for as long as the car survives, even after you have paid off the finance on it.

0
0
FAIL

All your base are belong to us

Unless, of course, you know it's there and take the wire cutters to it.

Do dealers legally have to tell you they've installed the thing when you buy the car? Seems to me they could be liable for the usual zillions of dollars in damages if someone had a prang and claimed they lost control due to the unit going off.....

0
0
FAIL

utterly retarded

used his own IP.

Muppet.

2
0
Silver badge
Joke

Come in AA0 0001

Your time is up!

0
0

Who ever thought...

... that this would be a good idea - take a couple of tonnes of metal (we're talking American cars here) and wire and engine immobiliser into the world's most insecure network?

Did nobody at any point think, "hang on a minute..." ?

0
0
Anonymous Coward

Lol...

A snip snip here a snip snip there and solder it all back togheter again and that's done then.

0
0
Dead Vulture

Come on, El Reg...

...YOU'RE calling it a 'hack', too? He used a coworker's login to access the web site he'd used as an employee of the company. That's as much hacking as changing your oil is mechanical engineering...

1
0
Badgers

nocar

Surely the potential for something to go wrong leaving you in charge of a suddenly immobilised car is massive. 60-0 isn't good for you or the car(s) behind you, worse (maybe) if you're in the middle of crossing a railway line. Couldn't there be a noise complaint if your car continues to make a honking noise which you can't stop?

I appreciate the idea of affordable rentals but it doesn't sound like rocket science to disable the device as soon as you're off the forecourt.

0
0

@ All objectors

As an automotive software engineer, I'll bite...

I worked on something similar to this for Aston Martin. As is the case with absolutely every system on the car's powertrain, steering and braking systems, the FMEA (failure mode effects analysis) went into scenarios like this in some detail. On that particular system, we required the vehicle to be stationary for longer than some preset time before we pulled the plug; or if the user keyed off (again for more than a preset time) then we simply refused to restart. Oh, and we also required a working speed sensor, so that a damaged speed sensor registering 0MPH permanently wouldn't cause things to drop out at the wrong time.

As regards network security on CAN, the Aston immobiliser was permanently coded into the engine management system. We then had a separate box which talked GSM, which was optional. Once the EMS had seen the GSM box, it would refuse to start if you removed that GSM box, because it expected to handshake at key-on before it'd start the engine.

In this case, I doubt it's as good as the Aston version - you probably could get round it with a bit of wire-clipping, *IF* you knew which wires to cut and join together. And that's your problem, right there. Which wires need to be cut, which wires need to be held to 12V and which need to be at 0V? Good luck guessing it. Sure, if you can get the car back to a garage and spend a few hours, you can probably figure it out, but if it cuts out at the first traffic lights and refuses to restart, you're a bit screwed, aren't you? Like most security measures, the aim isn't to make it completely impervious to attack, it's simply to make it secure enough that the overwhelming majority of attackers won't be able to break it.

Oh, and Dr Christian, the 1970s called and said they'd like you back. They said they needed someone who didn't care about emissions, efficiency, reliability or performance, and hadn't the first clue when it came to making cars run well. Apparently you were just what they needed for the Austin Allegro.

2
0
Anonymous Coward

well....

I am amazed that the l33t kudos from hacking into the central control system and stopping hundreds of cars from lots of dealerships, rather than a few from a single dealership has not inspired a hack that could stop a city.

You can hear the news radio.

It's 07:33 and the freeway has just stopped as dozens of cars have come to a halt in down town bumfu*k city Aritexmexada.

Just a thought.......

0
0

Re: nocar @lukedog

They don't say the immobilizer kicks in while the cars are running. It presumably just prevents the car starting again but still lets it run if already running.

In fact the linked Wired article explicitly says "The system will not stop a running vehicle".

0
0
Big Brother

k2 Bike did that in the 90's

@rainforestguppy: K2 Bike smartshock, a cpu controlled damping device using a piezo actuator to control damping rebound was on bikes in 1998!!! cannondale are only 12 years behind!

0
0
FAIL

What a twat

Clearly he didn't have his back passage adequately protected. Still he will end up in a US goal.

0
0

Raise you a euphemism

As in pummeled into the back of the net?

0
0
This topic is closed for new posts.