If 2 guys can hack a Jeep, does too much tech in cars freak you out?

23 Jul 2015 | Author: | No comments yet »

A hacked Jeep should be a wake-up call to automakers.

The fix is a response to a recent article in Wired magazine about two well-known hackers, Charlie Miller and Chris Valasek, who remotely took control of a Jeep Cherokee through its UConnect entertainment system.

Security fears could put a dampener on future self-driving cars after hackers showed they could wirelessly take control of hundreds of thousands of US-built cars built by FCA, owners of the Fiat, Jeep and Chrysler car brands. FCA hastily released a software update after two professional hackers showed Wired magazine they could use a laptop from their own homes to take over a 2014 Jeep Cherokee as a reporter drove the car. The Jeep incident was the latest warning to the auto industry, which is rapidly adding Internet-connected features like WiFi and navigation that are convenient for drivers but make the car more vulnerable to outside attacks.

This was swiftly followed by his music system springing into noisy life and his windscreen wipers suddenly whipping back and forth at their fastest speed. Greenberg described how hackers working from laptop computers at home tinkered with the Cherokee’s steering and brakes as well as the radio, windshield wipers and more. Then came the worst bit by far – without him doing a thing, the Jeep’s engine died, leaving the car crawling along at a snail’s pace on a busy freeway.

They notified FCA of the vulnerability in the Uconnect infotainment system in the US-built cars, and drew the car firm’s ire by planning to release part of the code at a security conference next month in Las Vegas. Fiat Chrysler released free software updates for computerized UConnect systems in Chrysler, Dodge, Jeep and Ram models made in 2013 and 2014, and some versions of the 2015 Chrysler 200. Yet both Audi and Mercedes-Benz say they remain unconcerned, insisting their security development is at a different level to the potentially impacted Chryslers, Dodges, Rams and Jeeps. “Safety-critical systems get a lot of work from us,” Audi’s head of electronics said, while Mercedes-Benz insisted there was no way their cars could be hacked from the outside.

The two German premium carmakers have insisted it’s not possible today to use the internet connectivity of their cars to hack into its control systems. Greenberg, with his permission, by two “white hat” hackers – computer security specialists who break into protected systems and networks to test and assess their security. He had agreed to be hacked by two of his tech buddies who, though miles away, had taken control of his vehicle’s on-board computer in order to highlight the security vulnerabilities of modern cars that are hooked up to the internet. Audi, pointedly, regularly uses professional hackers to test their electronics security work, Hudi admitted. “We pay companies to take our cars away to hack them, before they get to production.

And with a growing number of internal car functions being controlled by chips and software, the list of things that could conceivably be commandeered by hackers is steadily expanding. We give them our cars and say ‘Take as long as you want but please try to attack it, in whatever way you can’. “Basically we tell them they can use all ways available including straight vandalism to get access to control the car’s electronic systems.

Unsurprisingly, Fiat Chrysler, this particular vehicle’s manufacturer, has now issued a “patch” that befuddled car owners must download or beg their local dealer to do for them. For what I can see, that’s the best way to improve security. “Connectivity is a way of life, but the systems are not the same as the car’s systems. Greenberg’s Jeep using software that allowed them to send commands through the vehicle’s entertainment system to its dashboard functions, steering, brakes and transmission – using a laptop located 10 miles away. Nevertheless, the incident should set off alarms throughout the industry, which still relies on protocols developed long before cars could connect electronically to other, potentially hostile devices.

There is networking as one point and the other is how you do your modularity and scalability and safety functions across the system.” While the Jeep hacking scandal has caused widespread public concern, it hasn’t slowed Mercedes-Benz’s push for autonomous and semi-autonomous driving, according to the company’s head of transmissions. “Even when you have a remote start, there is a link there from the phone. Security experts say there has been no concerted effort by automakers or parts suppliers to redesign internal communications channels to guard against attackers. Mercedes Me can open the doors of the car, but this is only for unlocking the doors, not starting the engine or driving away or disabling safety features. Edward Markey of Massachusetts and Richard Blumenthal of Connecticut introduced legislation tasking the National Highway Safety Administration and Federal Trade Commission with developing standards that prevent hacking of vehicle control systems. That hasn’t stopped two US Senators from introducing a bill to mandate minimum levels of security for cars that have any kind of internet connection.

Personally, I think it’s too easy when something like this happens to moan and mourn the days when you, and you alone, had control of your car, or who saw your saucy honeymoon snaps. The bill, which would ultimately affect all US-built cars exported to other markets, including those from Mercedes-Benz and BMW’s US plants, wants real-time monitoring of hacking threats and attempts on cars.

One of the drafting senators polled 16 carmakers on security policies earlier this year and found inconsistencies and vagueness on data collection from telematics, internet connectivity and security threats Senator Edward Markey also wants to give drivers the ability to disable data collection for vehicle tracking and marketing reasons, and banning carmakers from cancelling navigation systems for drivers who opt out. Although mandating a specific security approach would be a bad idea — lawmakers and regulators can’t keep pace with ever-changing technology — having the agency shepherd the industry’s efforts to identify and respond to vulnerabilities would be welcome.

And putting a security grade next to the mileage estimate on a new car’s sticker would bring needed pressure on the industry to make vehicles more resistant to hackers before they hit the showroom floor. Automation, to varying degrees, has offered salvation to billions – from those of us profoundly grateful for the domestic dishwasher all the way through to the patients of doctors performing “telesurgery” – remotely operating on patients miles away. The deal of this modern age must be that if we consumers put our faith into the hands of companies using cutting edge technology, these businesses need to meet us half way with assurances of total security. For instance, while I love how Google continues to push the boundaries with driverless cars and its forays into artificial intelligence, I don’t much like it when it randomly collects people’s information without their prior consent.

Nor do I feel assured about putting my family photos into Apple’s iCloud soon after intimate images of Hollywood A-listers have been hacked (and no before you ask, they aren’t those kind of snaps) – even though I’m an iPhone and Mac fan. They will hack our cars, our emails and in years to come, no doubt, our thermostats, fridges, pacemakers, even airliners – anything and everything that will be connected to the so-called “internet of things”.

Here you can write a commentary on the recording "If 2 guys can hack a Jeep, does too much tech in cars freak you out?".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site