Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday August 18 2017, @06:13PM   Printer-friendly
from the broken-as-designed dept.

A flaw buried deep in the hearts of all modern cars allows an attacker with local or even remote access to a vehicle to shut down various components, including safety systems such as airbags, brakes, parking sensors, and others.

The vulnerability affects the CAN (Controller Area Network) protocol that's deployed in modern cars and used to manage communications between a vehicle's internal components.

The flaw was discovered by a collaborative effort of Politecnico di Milano, Linklayer Labs, and Trend Micro's Forward-looking Threat Research (FTR) team.

Researchers say this flaw is not a vulnerability in the classic meaning of the word. This is because the flaw is more of a CAN standard design choice that makes it unpatchable.

Patching the issue means changing how the CAN standard works at its lowest levels. Researchers say car manufacturers can only mitigate the vulnerability via specific network countermeasures, but cannot eliminate it entirely.

"To eliminate the risk entirely, an updated CAN standard should be proposed, adopted, and implemented," researchers say. "Realistically, it would take an entire generation of vehicles for such a vulnerability to be resolved, not just a recall or an OTA (on-the-air) upgrade."

[...] The Department of Homeland Security's ICS-CERT has issued an alert regarding this flaw, albeit there is little to be done on the side of car makers.

"The only current recommendation for protecting against this exploit is to limit access to input ports (specifically OBD-II) on automobiles," said ICS-CERT experts in an alert released last month.

[...] The research was presented last month at the DIMVA conference in Bonn, Germany. The technical paper detailing the flaw in depth is available here and here. A YouTube video recorded by Trend Micro researcher Federico Maggi is available.

Source: Bleeping Computer


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by jmorris on Friday August 18 2017, @06:47PM (6 children)

    by jmorris (4844) on Friday August 18 2017, @06:47PM (#556026)

    Think you miss the point. CAN = Car Area Network. Everything in the vehicle connects to CAN. Everything. And anything that can connect to it can send commands to any other node and there is no security. Crawl under a car, attach to something like the transmission and remotely crash the vehicle at your leisure.

    They would have to reinvent everything, every component would have a hardwired public key, there would have to be a maintaince keyring to allow the owner (i.e. the factory authorized service center, you don't think they will give the sucker making the note actual ownership do you?) to have the network recognize a replaced component. All communication would be at least signed, probably encrypted. And goodbye diagnostic port.

    Starting Score:    1  point
    Moderation   +3  
       Insightful=2, Informative=1, Total=3
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 3, Insightful) by maxwell demon on Friday August 18 2017, @07:53PM (2 children)

    by maxwell demon (1608) on Friday August 18 2017, @07:53PM (#556069) Journal

    CAN = Car Area Network.

    No. CAN = Controller Area Network. It's right in the summary. And Wikipedia agrees. [wikipedia.org]

    Crawl under a car, attach to something like the transmission

    The transmission controller should not be accessible by simply crawling under the car.

    --
    The Tao of math: The numbers you can count are not the real numbers.
    • (Score: 2) by inertnet on Friday August 18 2017, @08:50PM (1 child)

      by inertnet (4071) on Friday August 18 2017, @08:50PM (#556105) Journal

      The transmission controller should not be accessible by simply crawling under the car.

      Most lights will do as well, many can be disassembled from the outside to expose the CAN bus.

      • (Score: 3, Insightful) by Grishnakh on Friday August 18 2017, @08:55PM

        by Grishnakh (2831) on Friday August 18 2017, @08:55PM (#556109)

        If you're talking about taillights, all the taillights I've seen lately are still pretty simple, with on/off wires going to them. There's no bus there. The bus goes to the Body Control Module, which is somewhere inside the car. Now if you're talking about HID headlights that might have a CAN bus connection, most cars these days have made it extremely difficult to even change the bulbs on these things; usually you have to remove the the bumper, or take apart the wheelwell, or something like that to get to just the bulb. It's probably easier to just break into the car's cabin if you're trying to be sneaky.

  • (Score: 3, Interesting) by Grishnakh on Friday August 18 2017, @08:52PM (2 children)

    by Grishnakh (2831) on Friday August 18 2017, @08:52PM (#556107)

    The other responder is correct in his two points, but I have a couple of points to add:

    1) There's multiple CAN and LIN buses, among others, in any modern car. There is not a single CAN bus. There's usually low-speed and high-speed CAN buses, and maybe a medium-speed one too. Obviously, different things are on different buses. In addition to those, there's also usually multiple LIN buses, which are really simple and low-speed. Things like steering-wheel buttons probably use those. A lot of European cars also have MOST buses, which are optical buses for the audio system. (I'm not sure why they bother really; optical fiber has proven to be more trouble than it's worth for anything except extremely high-speed applications. It probably seemed like a good idea in the early 00s but modern copper networking technology works fine.)

    2) Governments aren't going to accept not having a diagnostic port to plug into. Many states (and maybe countries?) use this port at your annual emissions check to make sure the car is working properly.

    3) While the other responder is correct that CAN buses are generally not easy to tap into from just crawling under the car, you also need to remind yourself: how hard is it to get to the brake lines by crawling under a car? It's just as easy as it's ever been. It's stupid to worry about people hacking into your car's computer systems after gaining access to the interior of the car, when it's so trivially simple to just cut their brake lines or do other nefarious stuff that's easily done just by crawling underneath. It's not even that hard to get into a car--just ask a locksmith. But it's hard enough that people breaking into cars just isn't that much of a problem, at least not to where we're willing to accept serious drawbacks which would be necessary to counter it.

    • (Score: 3, Interesting) by damnbunni on Saturday August 19 2017, @12:34AM (1 child)

      by damnbunni (704) on Saturday August 19 2017, @12:34AM (#556211) Journal

      About emissions tests:

      Only eight US states require emissions tests for everyone.

      18 states require no emissions testing at all.

      The rest require testing in some parts of the state but not others.

      (And only about 16 states require any kind of safety inspection. Which explains a lot of the crappy cars I see on the road around here.)

      • (Score: 2) by Grishnakh on Saturday August 19 2017, @04:30AM

        by Grishnakh (2831) on Saturday August 19 2017, @04:30AM (#556263)

        That's correct about emissions tests, but it leaves out what portion of the population is covered by emission testing. I'm sure it's a large fraction, if not an outright majority. Here in Virginia, only a handful of counties in northern VA are subject to it. However, that's where more than half the population lives. In AZ, it's only needed for people who live in the Phoenix or Tucson metro areas; but that's probably well over 90% of the population of that state.