The fragility of car computers revealed.
in [UK Drivers]
|
From: boltar2003 on 21 May 2010 04:59 On Fri, 21 May 2010 09:54:07 +0100 Conor <conor(a)gmx.co.uk> wrote: >>> "The computer systems used to control modern cars are very vulnerable >>> to attack, say experts. >>> > >And just how do they get access to it, Doug? Doug seems to forget that his bicycle is vulnerable to a large stick in the wheel spokes. Beware of those nasty trees doug! B2003
From: GT on 21 May 2010 06:08 "Doug" <jagmad(a)riseup.net> wrote in message news:f034292e-2032-4356-8d71-230755b6bb2f(a)c13g2000vbr.googlegroups.com... > Is it any wonder that so many cars crash because of faults and put > cyclists and pedestrian lives at risk? Isn't it time to go back to > mechanical control, which sensibly is still used on bicycles? > > "The computer systems used to control modern cars are very vulnerable > to attack, say experts. > > Despite their success, the team said it would be hard for malicious > attackers to reproduce their work..." > I don't know how they managed to control the brakes through the ecu interface - you can reset service warnings, idle timings (on some), change the clock, engine odometer (illegal) and other trivial performance tweaks on the majority of cars. The brakes are a physical system, controlled by a large lever at the drivers feet. Press the lever and it compresses fluid in cables and that applies the brakes. Even in a power assisted car, the brakes still work manually. The only CPU controlled part of the braking system in most cars is the ABS and turning that off would simply result in less efficient braking in poor traction conditions. Perhaps they hacked into one of the new remotely poluting hybrid vehicles as their brakes are not 'traditional' friction brakes, but mini generators used to reclaim kinetic energy and convert it into electric energy to recharge batteries. This highlights another reason not to drive a remotely poluting, low range, electric car. In order to log into the ECU of a car you need physical access to the interior of the moving vehicle. You also need a laptop with the correct connections (most don't have serial ports any more). You need the correct cables and you need the correct specialist software and the experience in using it. I don't think there are many people out there who would spend that much money just to change the dials on a passing car. Besides, don't you think the driver might notice when someone gets into their car and removed the handbrake cover and starts plugging cables into the car and typing stuff on their laptops? This is only likely to happen if the driver is blind and deaf. This post seems to vaguely refer to road safety and the potential damage caused by the clearly impossible (outside of a lab) malicious damage to a car's ECU. Lets focus on the bicycle, which is proposed here as a safer alternative to the car. How much expensive, specialist equipment and knowhow would it take to make that bicycle into a rider and pedestrian killing machine - about 10 seconds with a strong pair of scissors or secateurs and the bike has no brakes, turning it into a murderous weapon just waiting to plough into and kill pedestrians. Horrifying! So anything can happen when there is a glitch! My reply here is not an anti-cycling post (although it might appear so). My point is that there are some wierdos in this world who go out of their way to twist reports and stories in order to further an irrelevant argument that they have already lost with the world.
From: Adrian on 21 May 2010 06:11 Derek C <del.copeland(a)tiscali.co.uk> gurgled happily, sounding much like they were saying: >> > "Cars benefit from the fact that they are (hopefully) not connected >> > to the internet (yet) and currently are not able to be remotely >> > accessed," said Rik Fergson >> The sooner they can be remotely accessed the better. External controls >> on speed must come. > You can often accelerate out of dangerous situations better than > slamming the anchors on, which only reduces the severity of the > subsequent crash. Please leave drivers with some discretion as to their > actions, and God help us if Big Brother takes over completely! Rather more relevantly to this discussion, can you imagine the consequences of malicious tampering with remote vehicle speed control? <shudder> Not to mention that many drivers will very rapidly become acclimatised to just slapping the pedal straight down and turning brain off. That's really going to be a boon to road safety on roads shared with pedestrians and cyclists, isn't it?
From: GT on 21 May 2010 06:13 "Doug" <jagmad(a)riseup.net> wrote in message news:f034292e-2032-4356-8d71-230755b6bb2f(a)c13g2000vbr.googlegroups.com... > Is it any wonder that so many cars crash because of faults and put > cyclists and pedestrian lives at risk? Isn't it time to go back to > mechanical control, which sensibly is still used on bicycles? Let's all laugh at Doug - he thinks that 'so many' car crashes are as a result of someone jumping into a moving vehicle and hacking into the onboard software using specialist hardware and software, in order to force a car to crash into a cyclist or pedestrian. He's been watching too many mission impossible films!! Brilliant editing Doug, you cut out the majority of the facts and made it sound like the car isn't safe!! Good joke! Let us now re-edit the original article and see if it highlights a different side to the story. Do note the parts about 'moving vehicle' and 'hard to reproduce' and 'need physical access to the vehicle' in the following edit, taken from the OP article: **** "The team of researchers, led by Professor Stefan Savage set out to see what resilience cars had to an attack on their control systems. The researchers created software to monitor communications between the ECUs and mounted a series of attacks against a moving vehicle to see how much of the car could fall under their control. The team got at the ECUs via the communications ports fitted as standard on most cars. The researchers make instruments give false readings. Despite their success, the team said it would be hard for malicious attackers to reproduce their work. Our findings suggest that in order to carry out a successful attack you would need to have physical access to the vehicle." ****
From: Derek C on 21 May 2010 06:16
On 21 May, 07:17, Doug <jag...(a)riseup.net> wrote: > Is it any wonder that so many cars crash because of faults and put > cyclists and pedestrian lives at risk? Isn't it time to go back to > mechanical control, which sensibly is still used on bicycles? > > "The computer systems used to control modern cars are very vulnerable > to attack, say experts. > > An investigation by security researchers found the systems to be > "fragile" and easily subverted. > > The researchers showed how to kill a car engine remotely, turn off the > brakes so the car would not stop and make instruments give false > readings. > > Despite their success, the team said it would be hard for malicious > attackers to reproduce their work..." > > "...It is thought that modern vehicles have about 100 megabytes of > binary code spread across up to 70 ECUs..." > > Horrifying! So anything can happen when there is a glitch? > Nice to know that cars can be vulnerable, as well as bicycles and cyclists. Derek C |