{"id":387,"date":"2015-08-16T14:11:27","date_gmt":"2015-08-16T12:11:27","guid":{"rendered":"http:\/\/harsmann.com\/blog\/?p=387"},"modified":"2020-04-13T13:54:51","modified_gmt":"2020-04-13T11:54:51","slug":"car-hacking-2","status":"publish","type":"post","link":"https:\/\/harsmann.com\/site\/2015\/08\/car-hacking-2\/","title":{"rendered":"Car-hacking"},"content":{"rendered":"<p>Remember the car chase in &#8220;Tomorrow Never Dies&#8221; where James Bond remote controls his car from the back seat, using his mobile phone? (<a href=\"https:\/\/www.youtube.com\/watch?v=hBlOc79L0So\">-&gt;YouTube<\/a>). It is a good example of 007 movies showcasing technology that may become mainstream in a not too distant future (without the car-to-car missile system, I presume). Not that remote controlling cars are\u00a0anything new: The Russian <a href=\"https:\/\/en.wikipedia.org\/wiki\/Lunokhod_programme\">Lunokhod drove on the Moon in 1970<\/a>, remote control cars were sold in toy stores in my \u00a0childhood\u00a0and <a href=\"https:\/\/xkcd.com\/1504\/\">who knows how long the Opportunity rover on Mars will keep going(?)<\/a>. What<em> is\u00a0<\/em>new, though, is that soon somebody may (unauthorized) remote control <em>your car<\/em> from their mobile:\u00a0<a href=\"http:\/\/arstechnica.com\/security\/2015\/08\/simple-wi-fi-attack-grabs-bmw-mercedes-and-chrysler-cars-virtual-keys\/\">OwnStar Wi-Fi attack&#8230;<\/a>. Not good.<\/p>\n<p>Connecting cars to the internet <em>is<\/em> a good idea. For example:<\/p>\n<ul class=\"ili-indent\">\n<li>There will always be up-to-date weather and traffic information available<\/li>\n<li>The car can schedule service and order spare parts on its own<\/li>\n<li><a href=\"https:\/\/ifttt.com\/wtf\">IFTTT<\/a> can turn on car heating 15 minutes before you leave for work if the temperature is\u00a0freezing<\/li>\n<\/ul>\n<p>and\u00a0then\u00a0there is all the communication and entertainment options, which can of course be handled with a mobile phone already, but integrating the functions would be convenient. All these good ideas comes with their potential\u00a0issues\u00a0due to buggy software,\u00a0failing connections\u00a0etc, and then comes all the opportunities for abuse via insecure connections, back doors and admin accounts, like the mechanic\u00a0triggering car\u00a0service requests when business is slow\u00a0and\u00a0people held hostage inside\u00a0hot cars with closed windows and air condition off (there <em>will<\/em>\u00a0be some action movie where the villain takes remote control of all cars in the city and the\u00a0day is saved by\u00a0the only guy who knows how to operate a stick shift).<\/p>\n<p>I\u00a0am sure none of these cave ats will prevent\u00a0cars from joining the Internet of Things, but I hope that the\u00a0risks will be addressed in time, especially those\u00a0related to security. It is not impossible:\u00a0there are strict regulations in place for development of software for medical devices, and including security in the equivalent regulations for cars would do a lot to improve the situation, as would some simple design rules, such separating the navigation, communication and entertainment systems from the core control functions of the car in such a way\u00a0that getting access to one system does not enable access to other systems (cf. the case of Chris Roberts allegedly taking \u00a0control of a plane after hacking the inflight entertainment system\u00a0<a href=\"http:\/\/arstechnica.com\/security\/2015\/05\/fbi-researcher-admitted-to-hacking-plane-in-flight-causing-it-to-climb\/\">-&gt;link<\/a>).<\/p>\n<p>Addressing\u00a0the risks requires a proper understanding of the issues and solutions all around, including\u00a0the automotive industry,\u00a0the legislators, the press and the organisations representing the\u00a0consumers. It hope this post will move things a bit in the right direction.<\/p>\n<p><em><strong>Related Posts<\/strong><\/em><\/p>\n<p><a href=\"http:\/\/harsmann.com\/blog\/?p=240\">Security Info Links^3<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Remember the car chase in &#8220;Tomorrow Never Dies&#8221; where James Bond remote controls his car from the back seat, using his mobile phone? (-&gt;YouTube). It is a good example of 007 movies showcasing technology that may become mainstream in a not too distant future (without the car-to-car missile system, I presume). Not that remote controlling &hellip; <a href=\"https:\/\/harsmann.com\/site\/2015\/08\/car-hacking-2\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Car-hacking<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[22],"tags":[24,25],"class_list":["post-387","post","type-post","status-publish","format-standard","hentry","category-tech","tag-internet","tag-it-security"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5WBL8-6f","_links":{"self":[{"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/posts\/387","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/comments?post=387"}],"version-history":[{"count":12,"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/posts\/387\/revisions"}],"predecessor-version":[{"id":1728,"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/posts\/387\/revisions\/1728"}],"wp:attachment":[{"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/media?parent=387"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/categories?post=387"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harsmann.com\/site\/wp-json\/wp\/v2\/tags?post=387"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}