Ex-worker blamed for car immobilisation hack A disgruntled worker allegedly caused chaos after he hacked into a vehicle immobilisation system and remotely disabled cars, Wired reports. More than 100 drivers in Austin, Texas were stuck with immobilised cars or horns blaring out of control, after an intruder last month ran amok on a system normally used to warn customers …
Sorry Dr Christian not for long
Quote
"For the last five years, Cannondale has been working on a programmable electronic suspension system that they’ve dubbed Simon. Its chassis is a standard Lefty fork that we’re all familiar with, but inside sits something that seems like it’s straight off a Formula One race car. An on-board high-speed computer system allows for situational suspension that can adapt for travel management and damping rates depending on the map setting you choose and terrain input the fork senses."
Shimano already sell the Dura-Ace Di2 electronic groupset
This isn't a computer controlled car as such.
It is a third party device which is installed by the dealer, not the manufacturer, behind the dash board, and is simply wired into the ignition and horn circuits.
Of course, it does mean you have a car which someone else can override for as long as the car survives, even after you have paid off the finance on it.
Unless, of course, you know it's there and take the wire cutters to it.
Do dealers legally have to tell you they've installed the thing when you buy the car? Seems to me they could be liable for the usual zillions of dollars in damages if someone had a prang and claimed they lost control due to the unit going off.....
Surely the potential for something to go wrong leaving you in charge of a suddenly immobilised car is massive. 60-0 isn't good for you or the car(s) behind you, worse (maybe) if you're in the middle of crossing a railway line. Couldn't there be a noise complaint if your car continues to make a honking noise which you can't stop?
I appreciate the idea of affordable rentals but it doesn't sound like rocket science to disable the device as soon as you're off the forecourt.
As an automotive software engineer, I'll bite...
I worked on something similar to this for Aston Martin. As is the case with absolutely every system on the car's powertrain, steering and braking systems, the FMEA (failure mode effects analysis) went into scenarios like this in some detail. On that particular system, we required the vehicle to be stationary for longer than some preset time before we pulled the plug; or if the user keyed off (again for more than a preset time) then we simply refused to restart. Oh, and we also required a working speed sensor, so that a damaged speed sensor registering 0MPH permanently wouldn't cause things to drop out at the wrong time.
As regards network security on CAN, the Aston immobiliser was permanently coded into the engine management system. We then had a separate box which talked GSM, which was optional. Once the EMS had seen the GSM box, it would refuse to start if you removed that GSM box, because it expected to handshake at key-on before it'd start the engine.
In this case, I doubt it's as good as the Aston version - you probably could get round it with a bit of wire-clipping, *IF* you knew which wires to cut and join together. And that's your problem, right there. Which wires need to be cut, which wires need to be held to 12V and which need to be at 0V? Good luck guessing it. Sure, if you can get the car back to a garage and spend a few hours, you can probably figure it out, but if it cuts out at the first traffic lights and refuses to restart, you're a bit screwed, aren't you? Like most security measures, the aim isn't to make it completely impervious to attack, it's simply to make it secure enough that the overwhelming majority of attackers won't be able to break it.
Oh, and Dr Christian, the 1970s called and said they'd like you back. They said they needed someone who didn't care about emissions, efficiency, reliability or performance, and hadn't the first clue when it came to making cars run well. Apparently you were just what they needed for the Austin Allegro.
I am amazed that the l33t kudos from hacking into the central control system and stopping hundreds of cars from lots of dealerships, rather than a few from a single dealership has not inspired a hack that could stop a city.
You can hear the news radio.
It's 07:33 and the freeway has just stopped as dozens of cars have come to a halt in down town bumfu*k city Aritexmexada.
Just a thought.......
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
