Jeep Gets Hacked at 70MPH
-
To distil it down to the basics, it all depends on if and how these systems are connected to the main computer.
I know that they will be, in some fashion, because that is how you report diagnostic codes.
Question is, do they also have a programming interface between them where you could manipulate it? (ostensibly to upgrade it's soft(firm?)ware)
-
@PSX_Defector said:
@MattSpeller said:
@scottalanmiller @Dashrender
So if someone jacked into the OBDII interface and cross linked it to the infotainment system which then has the ability to be busted into that's just bad design. And easily fixed. This also cannot change the fact that transmission and steering are NOT linked into ODBII like that. Steering reports a position from center, but again it's physically impossible to screw with it like that through the interface because it's physically impossible. You can't even lock the wheel because that is when the system is at specific states in the starter. And transmission? Unless they are using some kind of shift-by-wire there is always a cable between the lever and the transmission and the ever present safety buttons. They can maybe pop it into neutral but you have to physically push the button to move it to anything other than that. That's an NTSB rule, which most countries follow anyways. And a stick wouldn't have the ability to do that ever.They could only manipulate the steering while it met the conditions for the park assist function, going slowly in reverse. Which is where a lot of vehicles have the ability to control the steering/brakes/throttle to help with parallel parking.
-
@coliver said:
They could only manipulate the steering while it met the conditions for the park assist function, going slowly in reverse. Which is where a lot of vehicles have the ability to control the steering/brakes/throttle to help with parallel parking.
What decides when the system can control the steering / brakes / throttle? That would be in software, no?
If they can hack or modify the firmware, I can see the potential for them to make the vehicle do anything they want to any system that is connected to the device running the firmware. IE) A vehicle with park assist could potentially be hacked so that park assist will activate while the vehicle is going forwards at 60 miles and hour...
-
@david.wiese said:
what about the cars that have wipers with the fluid detector sensor on the windshield to automatically activate the wipers? On newer vw's, and nissans this is pretty well standard. They have a sensor that mounts to the windshield on the inside and somehow detects fluid being on the windshield, when it detects fluid, it signals the wipers to activate, therefore giving the hackers a way to control them.
Rain sensing wipers, like you see on most cars, are still activated by the switch on the stalk. You have to turn on the wipers to allow it to start wiping automatically.
The sensor itself is just a simple light resistance switch. The longer light is bent against the sensor, the more it assumes that it's raining harder so it adjusts speed.
-
@MattSpeller said:
@PSX_Defector said:
I'm holding out on better proof because fantastical claims require fantastical proof.
I'm much less confident than you are that all of this is separate systems.
Again, this is Fiat Chrysler. Fix it again Tony and Chrysler being so bad they don't even need to have a funny acronym. The Cherokee is based on an Alfa Romeo design. Faith is the only thing holding it together anyways.
-
Now if a 2 ton vehicle capable of 100mph being hacked STILL isn't scary enough for you....
http://hackaday.com/2015/07/22/no-mounting-a-gun-to-a-quadcopter-probably-isnt-illegal/
-
Another line that makes me not believe their shit as much.
"Then he locates a Dodge Durango, moving along a rural road somewhere in the Upper Peninsula of Michigan."
They are claiming that they were able to remotely discover systems all around the country. The UConnect system uses Sprint's network to connect. And that these cell connections are all using public facing IPs.
The U.P. is a practical dead zone of most providers, especially Sprint. Verizon owns most of the area, which still has large swaths of dead zones, bad connections, and various other stuff. Sprint only shows roaming for the U.P., both voice and data. The maps don't do it justice though, you can drive from Marquette to Ishpeming and lose connection for a brief amount of time. And even if you do get connection, it's usually on the 3G network.
So they were able to scan a foreign network for cars and were able to figure out that these devices were on the VZ and/or US Celluar network? I don't think so.
-
It has nothing to do with what network it's on!
If the car is able to get on a VZ data network and get on the internet - you can scan for it, Period! they don't have firewalls. It's no different than scanning the entire internet for hosts with SSH ports open.
-
And officially recalled.
http://www.usatoday.com/story/money/cars/2015/07/24/fiat-chrysler-recall-hackers/30617023/
-
At least they think this is worthy of a recall. I wonder if what they are doing will actually fix the bugs or not.
-
@dafyre said:
At least they think this is worthy of a recall. I wonder if what they are doing will actually fix the bugs or not.
Considering the press this got, I'd be surprised if there's no one interested in testing all the different models they can get their hands on.
-
@MattSpeller said:
@dafyre said:
At least they think this is worthy of a recall. I wonder if what they are doing will actually fix the bugs or not.
Considering the press this got, I'd be surprised if there's no one interested in testing all the different models they can get their hands on.
I'll be keeping my nice old truck that can't be hacked.
-
@MattSpeller said:
Now if a 2 ton vehicle capable of 100mph being hacked STILL isn't scary enough for you....
http://hackaday.com/2015/07/22/no-mounting-a-gun-to-a-quadcopter-probably-isnt-illegal/
If it isn't illegal why are the FBI looking for the creators of the video... They said they were looking for them yesterday.
-
@thecreativeone91 The only thing you could charge them with IIRC is FAA violations of objects dropped in flight.
Personally, I'd slap them upside the head for poor control of and unsafe discharge of a firearm.
-
That Drone guy got arrested. They aren't saying what the charges are yet.
-
I believe that we do a disservice to everyone if whatever law makes it onto the books isn't technically listed as "droning on and on." Every time someone gets arrested it will be hilarious.
Roger was arrested by village deputy Harold James this morning and was charged with publicly droning on and on.
-
Ha ha. I kill me.
-
@thecreativeone91 said:
That Drone guy got arrested. They aren't saying what the charges are yet.
If this is in the US, they have to tell you before they arrest you, don't they? I trust the government enough to expect trumped up charges to be made, just so they can get a law on the books about drones being weaponized.
-
@dafyre said:
If this is in the US, they have to tell you before they arrest you, don't they?
Define "have to"? Is there a law on the books that says they have to? Yes. Do judges regularly uphold that? No.
The US has rather a claim to fame for arrests and incarceration without charges, even of minors. NYC has had several deaths around this recently and it is causing quite a stir, kids held for a year without a charge in brutal solitary and adult confinement. The entire detention center in Cuba's purpose is to have no charges with incarceration. It's not just something done in the US. It's something we have a system for doing and are passionate about protecting.