Register for an account

X

Enter your name and email address below.

Your email address is used to log in and will not be shared or sold. Read our privacy policy.

X

Website access code

Enter your access code into the form field below.

If you are a Zinio, Nook, Kindle, Apple, or Google Play subscriber, you can enter your website access code to gain subscriber access. Your website access code is located in the upper right corner of the Table of Contents page of your digital edition.

Technology

Engineers Can Now Wirelessly Hack Your Car

dashboard.jpg

Newsletter

Sign up for our email newsletter for the latest science news

It wasn't too surprising when scientists first hacked into a car using its own onboard diagnostic port---sure, it's easy to get into a car's electronic brain if you're already inside the car. Now the science of car-hacking has received a digital upgrade: Researchers have have gained access to modern, electronics-riddled cars from the outside. And in so doing, they've managed to take control of a car's door locks, dashboard displays, and even its brakes. The oddest part of these findings, which were presented this week to the National Academy of Science's Committee on Electronic Vehicle Controls and Unintended Acceleration, is that they weren't entirely intentional: It was all part of an investigation prompted by the Toyota acceleration problems, and was meant to probe the safety of electronic automotive systems. But testing those system’s safety also uncovered some flaws. How It Works The researchers took a 2009 sedan (they declined to identify the make and embarrass the manufacturer) and methodically tried to hack into it using every trick they could think of. They discovered a couple good ones.

By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse. When played on the car's stereo, this song could alter the firmware of the car's stereo system, giving attackers an entry point to change other components on the car. This type of attack could be spread on file-sharing networks without arousing suspicion, they believe. "It's hard to think of something more innocuous than a song," said Stefan Savage, a professor at the University of California. [PC World]

Built-in cellular services that provide safety and navigational assistance, like GM's OnStar, can also be used to upload malicious code:

The researchers found that they could take control of this system by breaking through its authentication system. First, they made about 130 calls to the car to gain access, and then they uploaded code using 14 seconds of audio. [Technology Review]

In the wrong hands, the technology could certainly be harmful; once a hacker gains access, they can do anything from sabotage brakes to monitor car movements (by forcing the car to send GPS signals). But the engineers say the "wrong" hands wouldn't have the know-how to undertake these complicated procedures---at least for now. As Stefan Savage, a computer scientist at the University of California, San Diego, told Technology Review

: "This took 10 researchers two years to accomplish," Savage adds. "It's not something that one guy is going to do in his garage." Related Content: DISCOVER: 20 Things You Didn't Know About... Computer Hacking

80beats: Is the U.S. Government Losing the Battle Against Hackers?

80beats: The Latest Threat to the Amazon Rainforest: Hackers

80beats: Forget Car-Jacking: Car-Hacking Is the Crime of the Future

Image: Courtesy Center for Automotive Embedded Systems Security

2 Free Articles Left

Want it all? Get unlimited access when you subscribe.

Subscribe

Already a subscriber? Register or Log In

Want unlimited access?

Subscribe today and save 70%

Subscribe

Already a subscriber? Register or Log In