Are You Surprised
Always was a Merc man, now I understand why I made the better choice.
A security audit conducted by Tencent's Keen Security Lab on BMW cars has given the luxury automaker a handy crop of bugs to fix – including a backdoor in infotainment units fitted since 2012. Now that the patches are gradually being distributed to owners, the Chinese infosec team has gone public with its security audit, …
At times I think that I don't want anything more advanced than my current (2005) Accord
My current car is a 2015 Volvo, and after looking at my wife's 2018 Volvo, and what auto manufacturers are eagerly doing, I'm pretty sure I'll never buy another new car.
There are the huge fucking security holes - and the situation is quite a bit worse than what you'd get from the occasional article like this; and while people are working on improving the situation, it's going to be a long time, if ever before it's significantly better. Then there are the goddamned irritainment systems with their touchscreens, which I loathe; and on some of the vehicles I've driven (rentals and the like), they don't dim the backlighting on those screens along with the instrument panel, so at night you're trying to drive with this idiotic screen shining with the brightness of a thousand suns.
Then there are the driver-assist features, many of which are desperately annoying and others outright dangerous. No, I don't want "adaptive" cruise control; when I set the speed, that's the speed I want. Not whatever speed the moron ahead of me in the lane happens to be going. Blind spot warning is OK, and backup cameras are a good augmentation to actually turning your head, but I've yet to see a cruising-speed collision-avoidance system that didn't overreact when some numpty switches into my lane a little closer than is polite. Automatically slamming on my brakes does not improve the situation, since there's probably some moron tailgating me.
And they're too big. And the powertrains are ridiculously overpowered. I use my Volvo wagon to tow a trailer sometimes, and I've passed people while towing it up mountain passes. There's far more output from that engine than I can do anything useful with, and I'm not sanguine about everyone on the road having that sort of acceleration. And here in the US there are few choices if you want a manual transmission, though I can't blame the manufacturers for that - where people will buy manuals, they sell them.
In many ways contemporary cars are far better than those of twenty, even ten, years ago. They are notably safer. They are generally more comfortable. They do have useful features. Things like A/C are pretty much standard. But I find they have too many excruciatingly annoying misfeatures to justify buying new.
Then perhaps you should read Pot calling the kettle black.
Keyless entry - just say no. All you need is a transmitter relay as demonstrated by a spate of recent thefts around London (apologies for using the beobachter as a reference): http://www.dailymail.co.uk/news/article-4456992/Shocking-moment-car-hackers-steal-60-000-BMW.html
When I talked to my colleagues in Eastern Europe after reading this they giggled: "Here you do not get an insurance with a factory fitted keyless entry on BMW or Merc until you fit a fully independent passive (not transmitting until you press a button) immobilizer".
"Here you do not get an insurance with a factory fitted keyless entry on BMW or Merc until you fit a fully independent passive (not transmitting until you press a button) immobilizer"."
Same thing happened to the Chelsea Tractor School Run brigade
Also RAV4 has/had flaw on lock securrity.
What cars could be interfered with via a DAB broadcast even if Radio tuned into "official" multiplex? (It's not cost that stops there being Pirate DAB stations).
Various exploits via OBD or what ever you call it.
Seems we are going backwards on car security.
For example by having decisions like "we use QNX" dumped onto the programmers because some salesperson came along selling it with bogus arguments, like that it's not "Open Source". In reality that means that your board support package will be closed source and written by highly incompetent programmers.
Essentially those things will drive any decent programmer out of the company. What'll be left are those who just want the money and don't care about what they are doing. So obviously they don't care about the security of their code.
QNX isn't the problem.
It's a quite good OS and a pity RIM/Blackberry bought it. Used to be used for storage controllers and real time industrial controllers.
I'd like to see it either OS, or owned by someone more generic than Blackberry. Would be nice alternative to Linux for I/O based controllers that only optionally have a GUI.
Linux is OK, but there is too much of a mono-culture.
Excuse me for being stupid... if I was designing something to connect the engine management system to entertainment system - presumably for display purposes? - it would be strictly one way, probably with 1-way, physically separated opto-couplers, so that some kid pouring coke into the entertainment system had zero chance of inflicting, say, 50w of audio signal onto the can-bus.
Why would anyone want to let the stereo muck about with engine management?
if I was designing something to connect the engine management system to entertainment system - presumably for display purposes?
The OBD-II and its GM Tech/Ford predecessors were never intended for that. As a result they cannot display faults properly without two-way interactions. Additionally, there is no authentication, no crypto and very little security. So if you can connect something to the OBD the car security is compromised as a given.
The solution is to have a dedicated unit connected to the OBD and have a limited modern one way interface using a messaging protocol of choice from that unit to the infotainment. You can implement that in ~ 10£ and do the software in a week with off the shelf components. It is also utterly trivial - you just give the problem to any security geek and that is what they will come up with.
Unfortunately, this is too "hard", too "expensive" and "does not make sense" for your average car manufacturer - let's face it their computing and security people in their vast majority are clueless.
"Why would anyone want to let the stereo muck about with engine management?"
Especially when you consider that most new cars have two separate displays, the instrument console and the entertainment console, there's even less reason for them to talk to each other. Both can display pretty pictures and text.
"Boeing's 787 and Airbus were recently reported to have bugs where the avionics info was visible to the seat-back entertainment systems."
What was reported in that incident is not necessarily what happened (not according to my initial knowledge and subsequent digging anyway).
That said, it was several years ago, plenty of time for the 'seniors' with clue (the proper engineering ones) to be downsized, and the 'seniors' without clue (the ones from the MBA side of things) to wreck even more stuff and risk even more people's lives.
QNX was a well regarded OS for embedded apps. It's major features being a very modular architecture, so your custom build could be very lean. because it was built for profit and customers would complain if it was too buggy (given how expensive bug fixes in the field are) the code was reasonably quality.
It powers the BlackBerry 10 phone and the Ontario states equivalent to the BBC Micro project.
Car makers. You are now in the IT business.
Get used to it.
Most of those systems start up rather decent, by people with a vision and knowing what they are doing. However that was in the 1980s and 1990s. Today people who are interested in operating system work don't work on proprietary ones any more as it's not really something that is very fulfilling.
I've seen that with "Nucleus", once a popular operating system for GSM basebands. You can see the quality gradient from the old core features which are moderately well designed (though a far cry from something like OpenRTOS/FreeRTOS) to things like the USB stack (which would crash immediately with the default settings) and the board support package, which actually had problems you could _see_ in the code without understanding C. Or the JSON generator which had a beginner's bug in it's integer output function.
The only reason many don't use "proprietary" ones is just because the "free" ones are cheaper so they can save pennies and charge you more.
If you believe all the bright minds are working on Linux only, you could find yourself disappointed.
And you can just look at the dreadful security of IoT stuff to know how Linux plus a bunch of badly written open source libraries and code deliver a security nightmare as well.
Here's for example a talk talking about the many problems of "secure" random number generators in QNX
With embedded devices it's usually the closed source software the manufacturer puts on it. It's extremely rare to find a bug in, let's say, the TCP/IP stack... whereas even I was able to find a Ping of Death bug in Nucleus within a few minutes of trying some years ago.
It's always fun to see a pile of CVEs for a system you actually did work on for a number of years. Curious to see whether the component I worked on was involved in any way or not.
Doesn't seem like BMW learned from the plain-text authentication issue BMW's ConnectedDrive system had a number of years ago.
As for QNX, it's not a bad OS, just horribly proprietary, expensive (got quoted 10,000 Euro/seat) and with incredibly outdated tools and environment (GCC 4.4.2 with Dinkumware STL on 6.5.x). Developing for it reminded me of using a Linux distro from more than ten years ago.
Wondering whether their Embedded Linux (Yocto-based) infotainment systems are similarly affected.
However, we found that most of the ECUs still respond to the diagnostic messages even at normal driving speed (confirmed on BMW i3), which could cause serious security issues already. It will become much worse if attackers invoke some special UDS routines (e.g. reset ECU, etc..).
Curious If they would actually respond to ECU reset with vehicle speed above 0, most don't.
Yes some read systems still work with the vehicle moving, your OBD reader performing "real time readout" e.g. Torque. Uses these for operation and they are used during development or diagnostics of issues.
But safety critical features are typically protected.
I'm not saying they shouldn't be better protected, but this screams journalistic exaggeration to me.
VW does sell Bugs. Thats why Porky still has something to hunt.
But considering what can be done to my TDI through the OBDII port with the right software, I'm wondering why *anyone* is remotely surprised when things like this flock of bugs show up. (and yes it is one of *those* tdi's)
Four require physical USB access – you need to plug a booby-trapped gadget into a USB port... That means an attacker has to be inside your vehicle to exploit them.
No, that is not what it means. It only means the device has to get plugged into the port. Attacks like leaving a rigged USB drive lying next to a target vehicle with a label indicating it has some music on it will definitely snare some hapless individuals.
Respect the classics!
And a huge percentage of people go to non dealers to get their little engine light issues resolved, so there is plenty of opportunity given freely by vehicle owners to breach the defences..
It's almost like the owners don't realise they are driving a computer with wheels.
Still don't understand why car makers ever thought keyless entry, remote wireless diagnostics and all that infotainment stuff was ever a good idea, the risks were obvious form the start.
I prefer a car with an amp and a set of nice speakers, a connection to my iPhone and bracket to hold it, and a METAL KEY over all that expensive frippery.
And I can sleep easy knowing it won't be stolen, or hijacked, nor can someone deliberately cause an accident remotely.
I'll stick to my 1991 Honda Civic, thanks.
"They help sell cars, which is the business car makers are in."
Yes. They help with that, right up to the point where the stories of bugs and hacks reach the mainstream media. I expect most people here have grown up with the fact that the stories we read here are just for us and our friends and family never hear them (unless we re-tell them) but I think that is beginning to change. All the self-driving car hype has made stories about car computers rather more palatable to the wider audience.
Biting the hand that feeds IT © 1998–2020