Posts

How To Steal A Car: Hack It!

No more jimmying doors with a Slim Jim, bricks through windows, extracting lock cylinders with a dent puller, or hot-wiring ignitions. Automobiles today are being built to include wireless capabilities that allow for remote unlock, remote start, and of course, there’s global positioning systems (GPS) and services like OnStar and ATX, which offer “telematics,” or information and communications technology. While these services appear relatively secure, researchers in controlled environments are searching for vulnerabilities.

OnStar offers “RemoteLink,” an application for the iPhone or Android, which allows Cadillac, Chevrolet, Buick, or GMC owners to view real-time data including fuel range, gallons of gas remaining, lifetime miles per gallon (MPG), lifetime mileage, remaining oil life, tire pressure, and account information. Chevrolet Volt owners can view their car’s electric range, electric miles, MPG, and the battery’s state of charge. Users can also use the application to remotely perform certain commands, such as unlocking doors.

While all this new technology provides us with convenience and useful information, it may also leave use open to risk. Researchers in San Francisco have been able to access a car’s central computer processor through an Internet-connected car alarm, and in Seattle, researchers “blacked out the make and model of a car that offered multiple pathways for hackers a thousand miles away to send out GPS coordinates, open the doors, and have a colleague drive away without a key in the ignition.” And a New Jersey man has developed an iPhone app that lets him unlock cars and start engines by voice.

As with most technological advances, functionality and form come well before security. But now that researchers have demonstrated the frightening vulnerabilities inherent in cars’ computers, automobile manufacturers are working with companies like McAfee to develop firewalls that will protect the latest high-tech vehicles from hackers and thieves.

Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube.(Disclosures)

Cars in the Cloud

People love their cars. My 80-year-old mother-in-law goes nutty at the thought of not being able to drive. “Take my car and you take my freedom,” she says. I understand where she is coming from. Personally, I don’t like to drive. But I do like riding my Harley!

Many consider cars synonymous with freedom. Cars allow you to go places and have experiences that you otherwise wouldn’t. That’s why it’s so exciting that cars are now being equipped with lots of new features, including technology that can essentially meld your car with the Internet!

Ford recently unveiled the Evos, a car that learns your driving preferences and uses its Internet connection to provide traffic information and other useful details. It can tailor the suspension and driving modes based on your driving style and ability. It can also detect the driver’s heart rate. The Evos is a concept car, but Ford plans to release a similar model within the next several months.

OnStar offers “RemoteLink,” an application for your iPhone or Android, which allows Cadillac, Chevrolet, Buick, or GMC owners to view real-time data including fuel range, gallons of gas remaining, and lifetime MPG, lifetime mileage, remaining oil life, tire pressure, and account information. Chevrolet Volt owners can view their car’s electric range, electric miles, MPG, and the battery’s state of charge, as well. Users can also remotely perform certain commands, such as unlocking doors, with this application.

The New York Times reports that Google “has been working in secret but in plain view on vehicles that can drive themselves, using artificial-intelligence software that can sense anything near the car and mimic the decisions made by a human driver.”

The benefit of this technology is the potential for Internet-connected vehicles to communicate through the cloud, working in tandem to prevent accidents, conserve fuel, and facilitate a more efficient flow of traffic.

Sounds like a big stretch from my heavy old 1970 Chevy Impala!

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures