To us it’s conceivable that a malfunctioning device on the network could start sending out damaged packets and cause a dangerous malfunction like this one. For instance, team experimented with sending random packets over the CAN-bus and stumbled across a way to lock the brake on just one wheel. We just find it a bit surprising that there’s apparently been little thought put into fortifying the communications between the safety systems such as the brakes on the vehicle. Much like RFID the security risks here are basically nill for the vast majority of consumers. They’ve even found a way to write malicious code to the car’s computer which can be programmed to erase itself in the event of a crash. Any device can send commands to any other device. It seems that access to any device on the CAN-bus gives them unobstructed control of the car’s systems. What does surprise us is their exposé on how truly unsecured the system is. We’re not surprised at all that they can display custom text on the dashboard display or read sensor data from the car. Much like the racing simulators we’ve seen they’re exploiting the ODB-II port to get at the vehicle’s Controller-area network, or CAN-bus. Tomorrow a team of researchers will present their paper on Experimental Security Analysis of a Modern Automobile (PDF) at the IEEE Symposium on Security & Privacy.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |