SoylentNews is people
SoylentNews
Fiat Chrysler's bad week just got even worse: the US National Highway Traffic Safety Administration has recalled 1.4 million of the manufacturer's cars after a dangerous software flaw was revealed just days ago.
Renowned hackers Charlie Miller and Chris Valasek warned on Tuesday of a ridiculous vuln in the computer systems built into Fiat Chrysler cars: the flaw can be exploited by an attacker to wirelessly take control of the engine, brakes and entertainment system.
The cars connect to the internet via Fiat Chrysler's uConnect cellular network, and thus can be accessed and tampered with from miles away by anyone who knows the vehicle's public IP address. No authentication is required. The US network has been attempting to block incoming connections, we're told. The motor giant has produced a software fix for the root cause of the vulnerability – unfortunately, the update has to be manually installed via a USB stick plugged into the car.
(Score: 0) by Anonymous Coward on Monday July 27 2015, @06:28PM
I'm just going to keep my old, unconnected car for as long as I can.
I am considering a new car. But I have to say this has given me pause (along with the over the radio hack someone did a few weeks ago). Along the lines of 'think I will let that sit for a couple years and let them work it out'. But all those cool toys they are slugging in there are enticing :)
OTA updates for cars. The code and keys and hardware and network and routers and vpns and firewalls to get 'just right' would be quite amazing. With each step being a potential breaking point and something to 'support' for 10-15 years plus.
Cars are not like computers where we usually chuck them after 5 years. Cars can last for decades if properly taken care of. I am coming up on 13 years for the car I bought new in 2002. It still runs very well. Because I take care of it. Though I think every seal on the car has decided to break down at the exact same time ;)
(Score: 0) by Anonymous Coward on Monday July 27 2015, @06:33PM
But all those cool toys they are slugging in there are enticing :)
Just remember that convenience doesn't trump software freedom.
(Score: 3, Insightful) by KilroySmith on Monday July 27 2015, @07:23PM
OTA updates for cars. The code and keys and hardware and network and routers and vpns and firewalls to get 'just right' would be quite amazing.
Why?
With a code-signing PUBLIC key IN THE SECURE SYSTEM (say, the ECU), every network, host, router that the OTA package passes through can be treated as the wretched hive of scum and villainy that it is. GM (or Chrysler, et al) signs the OTA package (using the code-signing PRIVATE key) in a super-secret facility buried under a mountain, and then releases it. The ECU doesn't apply any OTA package that isn't correctly signed.
We do this all day, every day, for $3 peripherals attached to PC's. Even though we run a ton of code and a driver on the PC side, it's all treated as malware by the actual peripheral - it only applies OTA changes signed by our engineering team.
If only my $30,000 car had the same focus on security that my $3 peripheral does...
(Score: 2, Insightful) by Anonymous Coward on Monday July 27 2015, @08:01PM
It is tough to get right *even* with code signing. There is a bit more to it than that.
I love this example. The guy went from a signed blob of code to owning the entire device (though he does that in the 2nd video).
http://hackaday.com/2014/10/30/reverse-engineering-a-blu-ray-drive-for-laser-graffiti/ [hackaday.com]
This also is a good example
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2015/february/abusing-blu-ray-players-pt.-1-sandbox-escapes/ [www.nccgroup.trust]
They hacked it from the other end. Remember bluray is a line of trust sort of system too. It is at this point hacked. It only takes time and knowledge.
I have also setup chain of trust systems. Getting it 'just right' is tricky. There are tons of moving parts (more than you would think). Then on the other end is the support group who ends up with the system. Are they up to keeping it running correctly.
To put it this way. If someone breaks into my 300 dollar phone. Yes I am mad but its fairly 'cheap' and disposable to fix. Someone bricks my 50k BMW for the luz; because someone got a configuration wrong, or some piece of server software was not updated in 5 years, or someone figured out a particular mp3 turns off the breaks. I am going to be in a suing mood.
The stakes are a bit higher with a higher priced bit of equipment. Someone bricks your 3 dollar dongle it is fairly cheap to fix. 50k bits of equipment not so cheap...
(Score: 2) by KilroySmith on Tuesday July 28 2015, @01:42AM
You're absolutely correct, but they got lazy and got bit.
In our $3 peripheral, the OTA signed blobs are also encrypted. Admittedly, the AES-128 encryption key is global to all parts, and could be exposed; but it provides an excellent level of obfuscation. Imagine trying to determine what CPU our peripheral runs when you're trying to do visual analysis of hex dumps of encrypted blobs...
If [Micah] is able to load unsigned blobs (which is what has to happen, unless [Micah] has broken a rational PK encryption system), then the security of this system was never taken seriously. There may be a surface layer of security, but that's about it.
Too bad you posted AC. You seem knowledgeable, and I would have enjoyed adding you to a friend list.