SoylentNews is people
SoylentNews
As the two hackers remotely toyed with the air-conditioning, radio, and windshield wipers, I mentally congratulated myself on my courage under pressure. That’s when they cut the transmission.
Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun.
At that point, the interstate began to slope upward, so the Jeep lost more momentum and barely crept forward. Cars lined up behind my bumper before passing me, honking. I could see an 18-wheeler approaching in my rearview mirror. I hoped its driver saw me, too, and could tell I was paralyzed on the highway.
[Ed. addition follows]
See also coverage at The Register Jeep drivers: Install this security patch right now – or prepare to DIE:
The full details of the hack are still private, but it relies on the uConnect cellular network; since 2009, Chrysler cars have included hardware to connect to this network to reach the internet. The two researchers have demonstrated that a canny hacker can use the uConnect system to get wireless access to major components of a car's controls, and potentially crash it remotely with no one being any the wiser. The flaw has existed in the system since 2013.
Miller says the hack will work on recent Fiat Chrysler motors – such as Ram, Durango, and Jeep models. The pair disclosed the flaws to the manufacturer so that a patch could be prepared and distributed before their Black Hat tell-all. The fix is supposed to stop miscreants from accessing critical systems via the cellular network, a protection mechanism you would have expected in place on day one, week one.
Original Submission
(Score: 5, Insightful) by physicsmajor on Wednesday July 22 2015, @04:02AM
This is scary, but it isn't what people really should be afraid of. What I want to know is: does the NSA know about this, and will/have they ever use(d) it.
Generally if there's a backdoor or a vulnerability, chances are good the NSA knew about it before it was made public. Even if it flew under their radar somehow, you can bet they'll (ab)use it immediately after they see the potential. And let's be clear: this has potential. The NSA can drop a National Security Letter on any auto manufacturer selling in the USA at any time for significant if not complete remote control over any/all late model vehicles with a cellular connection. Think that's tinfoil hat territory? These guys reverse engineered this stuff; imagine what they could have done with full and complete source code and cooperation of the manufacturer. It won't give me any joy to say "I told you so."
Let that one sink in, though. Drive or get driven in a late-model car with a cellular connection, and the NSA - with the power they possess right now, today - can kill you without repercussions and make it look for all the world like an accident. Oh, you drive older cars? Remember you share the road with vulnerable ones. Yes, by all means, speak your opinion freely...
This is how a free society dies.
(Score: -1, Troll) by Anonymous Coward on Wednesday July 22 2015, @05:11AM
Who do you think this feature was built for?
Who do you think VPro/VT/AMT backdoor was built for?
Your government, your god and your enemy (if you are male: the prisons are built for you)
(Score: 2, Interesting) by Anonymous Coward on Wednesday July 22 2015, @08:02AM
I'll just leave these here.
https://en.m.wikipedia.org/wiki/Jörg_Haider [wikipedia.org]
https://en.m.wikipedia.org/wiki/Michael_Hastings_(journalist) [wikipedia.org]
(Score: 1, Informative) by Anonymous Coward on Wednesday July 22 2015, @12:51PM
And here are the desktop links, for people still using real computers:
https://en.wikipedia.org/wiki/Jörg_Haider [wikipedia.org]
https://en.wikipedia.org/wiki/Michael_Hastings_%28journalist%29 [wikipedia.org]
(Score: 0) by Anonymous Coward on Wednesday July 22 2015, @07:40PM
Just like the police officer and his Lexus. Full speed and full break simultaneously.
(Score: 2) by t-3 on Wednesday July 22 2015, @08:11AM
Why just the NSA? Pretty much all of law enforcement is going to be hacking cars and stopping whatever they want to stop.
(Score: 2) by VLM on Wednesday July 22 2015, @12:08PM
Not just NSA, also every foreign country in the world. Maybe not afghanistan, because thats not exactly a high tech hub, but I could see some Admiral, General, corporate exec, or journalist offending North Korean or China or Russia or possibly Iran getting mysteriously run over in a crosswalk by some little old lady in a brand new car who swears she had her foot on the (computer controlled drive by wire) brakes the whole time.
Also consider both sides of gamergate or any other distraction from TPP negotiations. Extremists are willing to destroy people's lives right now, and when they do it they glory in it, all self congratulations. Think about that for a second. Now those same uncivilized people have the power to remotely kill. On both sides.
Finally think of pranks, not necessarily intentionally kill, although it'll surely happen. Next Packers-Bears football game at Lambeau Field, F the bears and the FIBs in general, get a 12-pack or two (or three?) in the right people and suddenly every illinois plated car in Wisconsin shuts down on the highway after the game. Might kill a few people unintentionally, but it would be a hell of a prank. Imagine the PR fun of trying to convince car buyers to pay extra to be the inconvenienced butt of jokes like that.
On the bright side if you think this is Fed up, what till we have self driving cars, the hacked death toll will be quite impressive I'm sure. It'll be like living in the movie "Maximum Overdrive" from '86 or so.
(Score: 0) by Anonymous Coward on Wednesday July 22 2015, @08:16AM
The NSA scares you? Doesn't it seem more likely some company will do so out of profit motive? Oh, you invented *new tech X*. And talked about it with a friend. That friend posted something on facebook. Next thing you know, you're dead, your friend is dead, the post never happened, and it turns out Mark Zuckerburg invented something similar in his garage, adn doesn't have to give anyone 65 million this time.
Or Google, or Microsoft or Apple.
Companies listed in the order I think it's likely they would do that. FB and Google just have so much more opportunity to do so...
(Score: 0) by Anonymous Coward on Wednesday July 22 2015, @03:58PM
This. The NSA isn't going to hack your car, except maybe to listen to your conversations via the OnStar-equivalent microphone. The guys who are going to kill you will be CIA, Mossad, or someone of that ilk.