Jeep Gets Hacked at 70MPH
-
Why would the wipers be any different than the brakes? or the transmission?
I know from my own experience that 10+ years ago a mechanic can control a transmission through maintenance plug on the car while the car is in motion.
To trouble shoot a problem the tech and I took a drive and he was shifting the car from his hand held computer while I was driving. Granted back then it was all physical, but wireless access could be easily gained.
If the switch the user manipulates goes to the central computer in the car, and that computer then tells the relay to do it's job, there's no reason you can't skip the button altogether and talk directly to the computer to control the relay. And considering the desire to have fewer parts in the car, combining all of these features into a single central computer seems highly likely.
-
@Dashrender said:
Why would the wipers be any different than the brakes? or the transmission?
Transmission is computer controlled. Normally wipers are purely electro-mechanical. Like the steering.
-
Transmission is computer controlled. Normally wipers are purely electro-mechanical. Like the steering.
All of the things are computer controlled!
Ease of diagnosis (plug in thing, thing beeps, points to error)
Also why onstar can unlock your doors!
When microcontrollers are so cheap and powerful why not connect them into everything*obviously because security, though for !&#^% ()#&%@)( bEEpITY blank BBEEEEP (&^!%!(# reasons, no one thought that it might be a good idea to ACTUALLY SECURE THINGS! !@_(&#% BeeeP BLOOP IUO(@!#_%)(!**&(#&%
Makes me embarrassed for the engineers who made it. I assure you someone pointed out that this could happen and were subsequently ignored when price to change it came up.
-
@MattSpeller said:
Transmission is computer controlled. Normally wipers are purely electro-mechanical. Like the steering.
All of the things are computer controlled!
All things have a computer, doesn't mean all things are controlled by some Skynet-esque all knowing machine.
Transmission and engine data go through OBDII, it's the jack you see under the console that you can plug into. Onstar and the like use some of this to get the data they are looking for.
So if someone jacked into the OBDII interface and cross linked it to the infotainment system which then has the ability to be busted into that's just bad design. And easily fixed. This also cannot change the fact that transmission and steering are NOT linked into ODBII like that. Steering reports a position from center, but again it's physically impossible to screw with it like that through the interface because it's physically impossible. You can't even lock the wheel because that is when the system is at specific states in the starter. And transmission? Unless they are using some kind of shift-by-wire there is always a cable between the lever and the transmission and the ever present safety buttons. They can maybe pop it into neutral but you have to physically push the button to move it to anything other than that. That's an NTSB rule, which most countries follow anyways. And a stick wouldn't have the ability to do that ever.
We have to keep in mind this is a $25K truck. And this is Fiat Chrysler, not known for their electrical prowess.
I'm reminded of the whole Y2K panic with the news reporting some fat white chick poking at a TV and toaster saying "It's got a computer, we don't know if it's Y2K compliant!". Yeah, there is potential for hacking into this info if someone was stupid enough to do that, but like the airplane WiFi "hack", I'm holding out on better proof because fantastical claims require fantastical proof. And wiper control tells me that someone is making shit up.
-
@PSX_Defector said:
I'm holding out on better proof because fantastical claims require fantastical proof.
There we agree!
I'm much less confident than you are that all of this is separate systems.
As I come to think of it, I'm less keen on my car having drive by wire steering now.
-
what about the cars that have wipers with the fluid detector sensor on the windshield to automatically activate the wipers? On newer vw's, and nissans this is pretty well standard. They have a sensor that mounts to the windshield on the inside and somehow detects fluid being on the windshield, when it detects fluid, it signals the wipers to activate, therefore giving the hackers a way to control them.
-
To distil it down to the basics, it all depends on if and how these systems are connected to the main computer.
I know that they will be, in some fashion, because that is how you report diagnostic codes.
Question is, do they also have a programming interface between them where you could manipulate it? (ostensibly to upgrade it's soft(firm?)ware)
-
@PSX_Defector said:
@MattSpeller said:
@scottalanmiller @Dashrender
So if someone jacked into the OBDII interface and cross linked it to the infotainment system which then has the ability to be busted into that's just bad design. And easily fixed. This also cannot change the fact that transmission and steering are NOT linked into ODBII like that. Steering reports a position from center, but again it's physically impossible to screw with it like that through the interface because it's physically impossible. You can't even lock the wheel because that is when the system is at specific states in the starter. And transmission? Unless they are using some kind of shift-by-wire there is always a cable between the lever and the transmission and the ever present safety buttons. They can maybe pop it into neutral but you have to physically push the button to move it to anything other than that. That's an NTSB rule, which most countries follow anyways. And a stick wouldn't have the ability to do that ever.They could only manipulate the steering while it met the conditions for the park assist function, going slowly in reverse. Which is where a lot of vehicles have the ability to control the steering/brakes/throttle to help with parallel parking.
-
@coliver said:
They could only manipulate the steering while it met the conditions for the park assist function, going slowly in reverse. Which is where a lot of vehicles have the ability to control the steering/brakes/throttle to help with parallel parking.
What decides when the system can control the steering / brakes / throttle? That would be in software, no?
If they can hack or modify the firmware, I can see the potential for them to make the vehicle do anything they want to any system that is connected to the device running the firmware. IE) A vehicle with park assist could potentially be hacked so that park assist will activate while the vehicle is going forwards at 60 miles and hour...
-
@david.wiese said:
what about the cars that have wipers with the fluid detector sensor on the windshield to automatically activate the wipers? On newer vw's, and nissans this is pretty well standard. They have a sensor that mounts to the windshield on the inside and somehow detects fluid being on the windshield, when it detects fluid, it signals the wipers to activate, therefore giving the hackers a way to control them.
Rain sensing wipers, like you see on most cars, are still activated by the switch on the stalk. You have to turn on the wipers to allow it to start wiping automatically.
The sensor itself is just a simple light resistance switch. The longer light is bent against the sensor, the more it assumes that it's raining harder so it adjusts speed.
-
@MattSpeller said:
@PSX_Defector said:
I'm holding out on better proof because fantastical claims require fantastical proof.
I'm much less confident than you are that all of this is separate systems.
Again, this is Fiat Chrysler. Fix it again Tony and Chrysler being so bad they don't even need to have a funny acronym. The Cherokee is based on an Alfa Romeo design. Faith is the only thing holding it together anyways.
-
Now if a 2 ton vehicle capable of 100mph being hacked STILL isn't scary enough for you....
http://hackaday.com/2015/07/22/no-mounting-a-gun-to-a-quadcopter-probably-isnt-illegal/
-
Another line that makes me not believe their shit as much.
"Then he locates a Dodge Durango, moving along a rural road somewhere in the Upper Peninsula of Michigan."
They are claiming that they were able to remotely discover systems all around the country. The UConnect system uses Sprint's network to connect. And that these cell connections are all using public facing IPs.
The U.P. is a practical dead zone of most providers, especially Sprint. Verizon owns most of the area, which still has large swaths of dead zones, bad connections, and various other stuff. Sprint only shows roaming for the U.P., both voice and data. The maps don't do it justice though, you can drive from Marquette to Ishpeming and lose connection for a brief amount of time. And even if you do get connection, it's usually on the 3G network.
So they were able to scan a foreign network for cars and were able to figure out that these devices were on the VZ and/or US Celluar network? I don't think so.
-
It has nothing to do with what network it's on!
If the car is able to get on a VZ data network and get on the internet - you can scan for it, Period! they don't have firewalls. It's no different than scanning the entire internet for hosts with SSH ports open.
-
And officially recalled.
http://www.usatoday.com/story/money/cars/2015/07/24/fiat-chrysler-recall-hackers/30617023/
-
At least they think this is worthy of a recall. I wonder if what they are doing will actually fix the bugs or not.
-
@dafyre said:
At least they think this is worthy of a recall. I wonder if what they are doing will actually fix the bugs or not.
Considering the press this got, I'd be surprised if there's no one interested in testing all the different models they can get their hands on.
-
@MattSpeller said:
@dafyre said:
At least they think this is worthy of a recall. I wonder if what they are doing will actually fix the bugs or not.
Considering the press this got, I'd be surprised if there's no one interested in testing all the different models they can get their hands on.
I'll be keeping my nice old truck that can't be hacked.
-
@MattSpeller said:
Now if a 2 ton vehicle capable of 100mph being hacked STILL isn't scary enough for you....
http://hackaday.com/2015/07/22/no-mounting-a-gun-to-a-quadcopter-probably-isnt-illegal/
If it isn't illegal why are the FBI looking for the creators of the video... They said they were looking for them yesterday.
-
@thecreativeone91 The only thing you could charge them with IIRC is FAA violations of objects dropped in flight.
Personally, I'd slap them upside the head for poor control of and unsafe discharge of a firearm.
