Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Automotive Insanity > I don't believe it, it's that shitbox Dodge again!
 
  • Locked thread
CAT INTERCEPTOR
Nov 9, 2004

Basically a male Margaret Thatcher
 Blue makes it look too much like a Jag and not enough hell and fury coming to consume all the first born in a vehicle body.

quote:

For gently caress's sake, man.

On the other hand, that's priceless :D

* # ¿ May 4, 2015 00:00
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 10, 2024 07:12
  • Quote
CAT INTERCEPTOR
Nov 9, 2004

Basically a male Margaret Thatcher

Das Volk posted:

Considering this car is going into Death Valley for its first major trip, it could get interesting. I

Last Will and Testament.

* # ¿ May 5, 2015 01:12
  • Quote
CAT INTERCEPTOR
Nov 9, 2004

Basically a male Margaret Thatcher

Das Volk posted:

Any comments on this? http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

:v:

Holy poo poo what are car makers thinking?!?!?

* # ¿ Jul 21, 2015 22:34
  • Quote
CAT INTERCEPTOR
Nov 9, 2004

Basically a male Margaret Thatcher

Z3n posted:

Functionality and profit is far more important than an (until now) abstract threat.

Even with the demonstrated threat, if it's not weaponized and scripted to the point that someone with minimal technical skill can perform the attack, it's highly difficult to actually perform these attacks. As this is a per car type attack, it's unlikely to be widespread - it has minimal value to common attackers such as government or criminal groups given the technical overhead for exploitation vs more traditional means of detaining/killing someone. Frankly, if someone is willing to kill you, there are many simpler ways than hacking your car.

If it is trivially weaponized (download hackjeep app to sprint phone, kill people) well, that's going to be a very different problem. The sad reality is that a lack of technical expertise applied and lack of time spent on these sort of systems is really all that keeps you safe - obscurity is the protective factor, here, not proper system defensibility/etc.

All of these sort of vulnerabilities are present in just about every piece of hardware and software you use, everywhere. If something is internet connected, it's highly likely it's remotely exploitable - developing secure things is possible but difficult, and more importantly, expensive. That car manufacturers haven't caught up to even the relatively poor current state of security shouldn't be a surprise, given that they have failed to create appropriate redundancy from basic hardware failure in their throttle by wire programming.

We're creating security problems due to interconnected systems faster than we can fix them. It's gonna be a long, dark road ahead for at least a decade, probably more.

I do have a slight clue about how many holes in software there are and how hard they are to protect - but the issue is the attack vector should never of loving happened in the first place and the ability to override steering and brakes likewise should not have existed. And actually it's very easy to defend against attack if you just simply don't have that ability in the first place

* # ¿ Jul 22, 2015 00:52
  • Quote
CAT INTERCEPTOR
Nov 9, 2004

Basically a male Margaret Thatcher

Z3n posted:

If you can't override the driver's brake input, you can't have ABS

You most certainly can in older cars. And all that other poo poo should most certainly be able to be overridden or doesn't become active unless you press a button like self parking.

You again missed the point what I am getting at. The fact that that poo poo is BY WIRELESS able to be accessed should just never of happened. I can accept that such system can be accessed via the physical ODB port. But by loving wireless?!?!!? This shows a level of interconnect on CANBUS that just should never of happened at all. This is a fundamental design flaw that any dickhead could have seen would be exploited.

* # ¿ Jul 22, 2015 05:57
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 10, 2024 07:12
  • Quote
CAT INTERCEPTOR
Nov 9, 2004

Basically a male Margaret Thatcher

wolrah posted:

No you can't. For ABS to be able to do its job it has to be able to release brake pressure being applied by the driver. Any functional ABS can theoretically disable the brakes as far as the driver's concerned.


You can. Older ABS has error loops you can exploit depending on the ABS supplier- there's nothing particularly smart nor complete always overriding about older separate ABS controllers - And I'm not just talking about pulling the ABS fuse either. The issue is with the newer ones that interconnect with traction control and stability systems or more.

quote:

It's just that as Z3n (and I) have said a few times in the 3-4 threads this is being discussed in (at last count ) - this is all thrown together far quicker than we can catch up security wise. It's a Hydra of security holes, for every one that someone manages to find and patch, another ten or 100 are introduced.

Dont put the access in there in the first place. There, done. And if you want a system that has wireless, air gap it from the other car subsystems. Frankly all the subsystems need is a power signal to come on and the main system can do that quite well without resorting to ridiculous levels of network interconnect. Obvious, easy, cheap, secure.

* # ¿ Jul 23, 2015 02:55
  • Quote
  • Locked thread
The Something Awful Forums > Discussion > Automotive Insanity > I don't believe it, it's that shitbox Dodge again!