The remote control from HELL: Driverless cars slam on brakes for LASER POINTER What do you get if you put a cheap laser pointer together with a Raspberry Pi? An attack that works against today's "assisted driving" vehicles and could make life hard for the driverless cars of tomorrow, according to researcher Jonathan Petit. Petit, of Security Innovation, says $60 worth of laser with a bit of smarts makes …
if you blind the driver with a laser pointer, he will probably hit the brakes, too. No need to create complex obstacles or anything, using laser echos.
These things can be a pest. Especially in vacation sites where they are sold to teenagers that have nothing better to do than pointing them around on others at night.
Right. Why even bother with the laser pointer? Hit a car driver with a flashlight. (Or if that's not techie enough for anyone, amp it up to one of those DIY 1000w LED flashlights on the interwebs.)
The good news is that driverless car does stop. Human drivers would probably just blink and squint and keep on driving.
As for the technical solution, there's simple and there's complex. Simple is redundancy. Lidar, radar, sonar, thermal Imaging, IR Imaging, blah blah ad infinitum. The more systems that have to agree in order to take action, the more outliers can be logged and ignored.
Complex is really not all that complex either, it's just smarter algorithms. Time-shift an event to confirm its validity. Things don't appear out of nowhere. A spoofed wall of humans would have had to walk in from somewhere.
Sure, adding more "security" into the Lidar wouldn't be such a bad idea either. These are all things that can be improved as the technology advances.
But at the end of the day, the worst-case scenario of this alleged hack (I can't even call it a real one, it's just so ... obvious) is that the car does the Safe Thing. When blinded or confused, it stops. I can't think of a better safety protocol than that. If that means "attacking" driverless cars is an easy DoS then maybe learning how to drive is still relevent to life. **shrug** Manual override sounds like it will always be a handy feature to have. And so, apparently, will patience.
Trouble is, even technical solutions may be easy to bypass. If you can blind one sensor with that little hardware, what's to stop a determined creep from building several of them at once, each able to mimic one of the frequency bands and then point them all at the car at once so that eventually more sensors are fooled then not and win the vote? As for things like time-shifting, there IS a real-world event that can look JUST like a sudden obstacle appearance: some sort of collapse like a felled tree or telephone pole, or something more disastrous in nature. Meaning sudden signals are ignored only at peril of the passengers, so they MUST wax cautious.
"The good news is that driverless car does stop."
Unless it starts to execute high-G maneuvres at speed, as frequently envisioned by forum-dwellers. What could possibly go wrong? Robocars are so bloody good at everything they do, unlike those pesky meatsacks.
What was the last grand vision few weeks back? Aye, seem to remember. Robocars should gather situational awareness from each other, and collectively plan an evasion route. Through the oncoming traffic if needed. Or up the chimney.
/troll.jpg/
The bad news is that a busload of orphans carrying one-eyed puppies is directly behind it.
But since youa re presumably of the "humans are superior" camp (teh camp of the insane, btw,) you wouldn't be following too close and would easily have enough reaction time to stop in response to the car in front of you.
...wouldn't you? I mean, you do follows the laws regarding road saftey...don't you?
If not, why is it the fault of an autonomous car doing the safe thing that you are unable to maintain focus on your one job of driving and drive within the rules?
...or are you trying to put human fallibility and inability to actually pay attention, follow the rules and drive in a safe fashion off onto the robots? A human driver in front of you might do something strange that you don't predict at any moment. As a driver it is your job to be ready for that - for anything really - at any time.
If you can't do that, why the merry fuck are you behind the wheel?
Sounds to me like perhaps you should be replaced.
Maybe by robots.
"The bad news is that a busload of orphans carrying one-eyed puppies is directly behind it.
Worse, you're driving the bus."
Will this mean a dramatic rise in car jackings? What an easy way of stopping a car.
And they call it "security". Hah!
it's just smarter algorithms. Time-shift an event to confirm its validity. Things don't appear out of nowhere
That's an impressively stupid heuristic for an automated vehicle to use, since in the real world, obstacles quite often do suddenly appear in the path of the vehicle. Several times I've had vehicles in front of me on the road lose cargo or parts, for example; sometimes those aren't even visible until they fall off or out of the source vehicle. Deer leaping out of the woods on the side of the road. A tree limb that breaks off in a storm (particularly on a dark night). Something falling off a building. And so on.
There's a vast difference between "things don't appear out of nowhere" and "things you couldn't see before suddenly become visible". The truth of the former has no bearing on the latter - and it's the latter that matters.
I don't know about you, but I can look away from a single light point source rather easily. Helps when commuting around sunrise/sunset.
Believe me, coherent light from a green laser will blind you more than just a moment. Especially at night. Looking away does not help, you have to close your eyes as long as the light source is pointed at your head.
This deserves a slow clap at best. Could I get published by documenting a denial of service on traffic lights by gluing in the button? Obvious attacks don't need to be published although this may end in the car people adding a secure tag to their LIDAR systems - something they'd have probably done anyway to prevent interference once these become popular. Obviously blinding the system will always cause havoc, but getting out of the car and beating the wanker who's laughing and holding a laser pointer within 100 yards would sort that...
The guy demonstrated that:
1. The lidar is susceptible to a trivial replay attack
2. The lidar does not deploy any encoding to protect against interference.
3. He did a POC on both
The only possible reason for the clap being slow is that the lidar security was utter crap to start with.
Malicious attacks aside, I do not see how the hell can this wonderful gizmo operate if every car will have one. The interference from other car units should kill it outright.
> I do not see how the hell can this wonderful gizmo operate if every car will have one
An excellent point, Mr. Hand. What does happen when a Google self-driving car meets another Google self-driving car? Do they both come to a halt in a confusion of LIDAR reflections? Please say it isn't so?
Take it a step further.. a non-Google self-driving car involved. I would think that different manufacturers of autos would lean towards their own tech or someone else's tech and have it modified a bit. Google cars might be compatible on the roads but other cars might not be compatible with them. All LIDAR, etc. isn't the same and it's too early in the tech for standards to be put into place.
An excellent point, Mr. Hand. What does happen when a Google self-driving car meets another Google self-driving car? Do they both come to a halt in a confusion of LIDAR reflections? Please say it isn't so?
Having seen multiple of them driving side by each, they seem perfectly fine. They are able to approach from multiple angles, make the correct decisions about right of way, and proceed through intersections to go about their day.
I think that's been solved aged ago, mate.
FYI: There are lots of cars out there with LIDAR that ship in volume. They also see eachother on a daily basis. They have not freaked out and stopped working thus far. Similarly, Google cars encounter LIDAR-equiped cars from other manufacturers on a regular basis (especially in Mountain View, I assure you!) and they don't have any problems interacting.
Requires a portable computer to do so not *so* trivial, but I get your point.
The Raspberry Pi Foundation should have an award for the least worthwhile use of the Raspberry Pi. They could use a well-hammered timex mounted on a dinged-up wooden plaque for the trophy.
Encoding with any predictable pattern would fairly soon be broken too, mulling this over this cup of tea and heavily Marmited toast random noise comes to mind, sample a noise source, encode the LIDAR pulses with it and compare the result, if your noise source is truly random the chances of someone being able to spoof it are, I think, close to if not completely impossible but it might still be possible to DoS the system by flooding it with other noise sources.
A further improvement could be a method similar to that used by professional alarm system sensors, Dual Tech, LIDAR and RADAR, you'd need to effectively spoof or jam both
IANA LIDAR Engineer, but if you can mess around with light frequencies & timings of the pulses, then loads of techniques from mobile phone tech become possible. Lots of work would need to be done to work out what density of users it would support, and how to make it so that signatures are sufficiently unique for each car to work out which is their signal, but the techniques would be broadly off the shelf.
Couple a Random Number Generator to the LIDAR generator & modulate the pulses as per the RNG.
The LIDAR sensor ignores everything not on that exact modulation as obviously not having originated from itself.
Every RNG seconds the RNG+LIDAR sequence is reset, recalculated with a new RNG, and thus the filtered signals are never the same from cycle to cycle.
In order to spoof such a system one would only be able to do so for the duration of a single cycle, at which point the targeted LIDAR unit picks a new RNG, filters out everything not modulated TO that RNG, and thus renders the spoofing device moot.
The spoofer can scan the target again & try to spoof the results, but it can only do it for however long the target is still using the detected RNG sequence.
The moment the target switches RNG patterns, the spoofer has to start all over again.
Granted if enough vehicles on the road are using the same RNG+LIDAR sequencer system, the spoofer is bound to find a number of targets using the RNG that will then react to the spoof, but that only lasts as long as the targets are still using that same RNG sequence.
TL;DR: Connect a random number generator to the LIDAR pulse generator, have the LIDAR sensor ignore everything not modulated to that exact RNG sequence, and change RNG sequences every random seconds.
They never get their own signals drowned out by boat engines and ultrasonic rangefinders, yes?
I refer the honourable gentleman to Douglas Adams and Marc Carwardine's lack of encounter with the Yangtze River Dolphin, and the acoustic impression of the underwater environment in said river.
As noted before, the sequence may need to be reset if it gets a series of bad (or in the event it projects out to open road, NO) returns, meaning it can't be sure of itself. If one can blind the system enough such that it can't figure out if a return came or not, it could trip the reset in that case and create a predictable point of reference by which one can guess the sequence.
My cheaper than chips robot car nobbler, mk 1 and mk 2. The Mk 1 is a piece of cardboard with a red green and yellow circles on it, and a torch shining red behind the red circle. May need an additional 'temporary roadworks - stop here sign'. The Mk2 is slightly more evil, the roadrunner style white line gently curving off the road towards a convenient cliff. Use paint, of if you haven't any paint use loo roll.
You forget the "R" part of LiDAR and RADAR: which stands for "Ranging". These systems can detect "Cartoon paths" because they can see the obstacles for what they are. Now, the fake construction sign itself can be annoying but works on humans and has been known for decades, so you'd think a car that sees a sudden construction sign would pass the word on.
Well that actually helps my plan, because any fool knows that you have to see the drop before you start falling, so if the LIDAR can't range the chasm below, the car would just hang suspended in space rather than plunging down.
My [slightly] more serious point is that outside of ultra-controlled environments, the 'driverless' car is so vulnerable to the vagaries of weather and environment (snow, rain, potholes, cows on the road, dead rabbits, faded paint, tractors parked on verges, blown over wheely bins etc) and so vulnerable to mischief or malice that they will have to revert to manual control, so all of a sudden all those 'drive me home when I'm drunk' or 'drop the kids at school while I snooze' or 'drop me at work and then go find a parking space' benefits evaporate. Basically scientists are re-inventing trains! But hey, we still think digital watches are a pretty neat idea.
"My [slightly] more serious point is that outside of ultra-controlled environments, the 'driverless' car is so vulnerable to the vagaries of weather and environment (snow, rain, potholes, cows on the road, dead rabbits, faded paint, tractors parked on verges, blown over wheely bins etc) and so vulnerable to mischief or malice that they will have to revert to manual control,"
You assume the car and/or its engineers can't figure these out at some point. But even as chess computers and systems like Watson can pick things up, so too can car driving computers. All you're talking about is unaccounted-for things which soon become accounted-for things. Unless you can demonstrate something accountable-for.
"You assume the car and/or its engineers can't figure these out at some point."
And you seem to be assuming that all potential problems are detectable and avoidable by technical means. Which isn't necessarily true.
To pick one example: a logo with four rings. It's an internationally recognised warning sign for elevated traffic hazard. Albeit unofficial. There's a strong likelyhood that an object with four rings will undertake reckless maneuvres with no advance warning whatsoever, so it is wise to have extra safety margins around such objects. But in automated systems, there is no chance to see this bit of 'knowledge' accounted for.
You can code for blinding to fall back to radar and Ultrasonic Sensors..
If you match the modulation and create fake objects then the code could think they are real (but invisible to Radar/US) its an awkward trick to exactly match the modulation.. probably more hassle than it is worth...
It's not just an issue for any lasers.. otherwise two cars would stop each other.. it needs to match the lidar encoding, which is why the modulation is required. and if you are going that far you can modulate for specific locations and hence individual objects.
The blinding issue is a problem that can easily be overcome with two lasers on different light frequencies and coding that falls back to ultrasonic and radar (probably slowing the vehicle) in the event of laser blinding.
Yes it probably works on test vehicles which are designed to fail-safe when they encounter a problem.
"As most cameras use IR, you could make a road closed sign that is only visible to robo-cars. How long do you think would the occupants sit there with all the other traffic whizzing past?"
As they expect the "closed" sign to be smack in the middle of the road as a physical obstacle, why bother with the obfuscation at this point? An actual ROAD CLOSED sign will suffice AND has the added benefit of confounding human drivers.
Lots of dismissal round the net on this one, but what about a hijack situation?
Certain drivers are taught how to deal with people attempting to stop the vehicle in a hijack scenario, keep moving until their payload is in a safe location. Lots of advice at times from police about being cautious when stopping on rural roads (the old eggs on the windscreen trope doing the rounds for years) etc.
Handy then that this bypasses all that and has your car stop neatly without any of that nasty meatbag thinking assessing the situation and maybe not wanting to pull up whatever while that big gang of scallies with baseball bats is waiting.
This'd also be great fun strapped to a non autonomous vehicle to cause rolling mayhem, keep traffic flows down to make good progress ahead etc. No wait, lets carry on as you were!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
