Friday, May 14, 2010

Vehicle hacking

Researchers from UC San Diego and University of Washington have demonstrated the ability to compromise a modern automobile and assert control over critical functions of the vehicle using the government-mandated "On-Board Diagnostics (OBD-II) port. It is under the dash in virtually all modern vehicles and provides direct and standard access to internal automotive networks."

They implemented a CAN bus analyzer called CarShark and then fuzzed the protocols to find other attack vectors with significant results. 

The paper:

Experimental Security Analysis of a Modern Automobile (Or here)
K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage. The IEEE Symposium on Security and Privacy, Oakland, CA, May 16-19, 2010.

They posted their Frequently Asked Questions on the paper.

While they used the OBD-II port (implying physical access was required) there are numerous wireless interfaces (such as CANRF) on board for entertainment, remote diagnostics and other features that interface with the on board network. Wireless interfaces include Bluetooth, Wifi, custom RF interfaces such as those for tire pressure, GM's Onstar system, one-way interfaces such as radio (particularly HD-radio) and Sirius and others.

Some web posts on the topic (from Stephen Northcutt):

10 comments:

  1. Thank you for the info. It sounds pretty user friendly. I guess I’ll pick one up for fun.




    Vehicle Networking

    ReplyDelete
  2. This comment has been removed by a blog administrator.

    ReplyDelete
  3. Many times people come into a situation when they need to hire a vehicle. Even if they have their own vehicle, they still need to avail vehicle rental services.car transport

    ReplyDelete
  4. Technology and internet facilitated the birth and growth of network evils like virus, anti-virus, hacking and ethical hacking. Hacking is a practice of modification of a computer hardware and software system.How to hack a website

    ReplyDelete
  5. This is one of the most common mistakes. Good economy or bad there are always great deals out there, but not always on a specific make and model. automoves

    ReplyDelete
  6. However, a good number of people fail to see that there can be good derived out of learning how to hack. Know your enemy springs to mind!
    www.blueportal.org

    ReplyDelete
  7. Once again, I have been thoroughly impressed by the writer here. The writer has written an excellent proreviewly post here and I just like that very much. I enjoy reading the posts of this writer because they provide me with some very technical information and that's very good for me. I hope that this keeps going on.

    ReplyDelete
  8. This comment has been removed by the author.

    ReplyDelete
  9. Professionally written blogs are rare to find, however I appreciate all the points mentioned here. I also want to include some other writing skills which everyone must aware of.
    ppsr check

    ReplyDelete

Note: Only a member of this blog may post a comment.

There was an error in this gadget