Blue screen of Dodge

Well, this doesn’t make me feel any better at all. The automotive diagnostic package known as OBD-II has been around for about a decade and a half, but only in 2008 did the Feds mandate that the Controller Area Network protocol be used in all OBD-II implementations.

Unfortunately, the CAN bus is about as secure as an old version of Windows:

Researchers at the University of Washington and University of California-San Diego have examined the multitudinous computer systems that run modern cars, discovering that they’re easily broken into [pdf] with alarming results. Hackers can disable the brakes of moving vehicles, lock the key in the ignition to prevent the engine from being turned off, jam all the door locks, and make the engine run faster. Less dangerously, they can control the radio, heating, and air conditioning, or just endlessly honk the horn.

I’ve kvetched about OBD-II before, but I had no idea it was vulnerable to malware. And once in, an intruder can do just about anything he wants:

The CAN specification requires little protection, and even those protections it requires were found to be implemented inadequately, with ECUs allowing new firmware to be flashed even while the car was moving (halting the engine in the process), and letting low-security systems like the air conditioning controller attack high security services such as the brakes.

Once the researchers had gained access, they developed a number of attacks against their target vehicles, and then tested many of them while the cars were being driven around an old airstrip. Successful attacks ranged from the annoying — switching on the wipers and radio, making the heater run full blast, or chilling the car with the air conditioning — to the downright dangerous. In particular, the brakes could be disabled. The ignition key could then be locked into place, preventing the driver from turning the car off.

Yet another reason to keep the old buggy, buggy as it is, for a few more years.

(Via The Truth About Cars.)





7 comments

  1. sheri »

    17 May 2010 · 8:21 am

    “Could” be hacked. Hmmm. I’m always wary of warnings and tests with that word at the front, not that I don’t think it’s possible. But “could” stories are often pretty sketchy. Just sayin’. Creepy though.

  2. CGHill »

    17 May 2010 · 8:24 am

    I interepret it as having proof of concept in hand, which may or may not translate into a measurable threat: it’s not like there is any reason to think there is any anti-car malware in the wild.

  3. ak4mc »

    17 May 2010 · 8:39 am

    flashed even while the car was moving

    Do I need to read a PDF to find out how they did this? One thing’s for sure, I’m not setting my truck up for wi-fi anytime soon, and if I do it’ll have at least 128-bit security.

  4. ak4mc »

    17 May 2010 · 8:41 am

    Ah!

    Their attacks used physical access to the federally mandated On-Board Diagnostics (OBD-II) port

    New rule: don’t allow malicious hackers to plug into your OBD-II port while you’re driving around — even on an abandoned military airfield.

  5. CGHill »

    17 May 2010 · 9:41 am

    Indeed. However, since the coming thing is wireless access to stuff, via Bluetooth or various flavors of wi-fi, eventually I have to figure that they won’t need a physical connection to the hardware.

  6. hatless in hattiesburg »

    17 May 2010 · 7:28 pm

    i linked to this post here:

    http://hatlessinhattiesburg.blogspot.com/2010/05/obd-obdah-obd-ii.html

    do you think my title lives up to your high dustbury titling standards? ;)

  7. CGHill »

    17 May 2010 · 7:53 pm

    Dayum. :)

RSS feed for comments on this post