Torrenting MP3s can be bad for your car (not a piracy thread)

With hacking, music can take control of your car (found via Schneier on Security)

Apparently security researchers have been able to do a proof of concept attack on a car’s electronic systems with a crafted digital music file. Modern cars rely a lot on electronic control systems, and software, and it continues to increase. This represents a very real danger even if some the experts quoted in the article feel that it is unlikely. There will always be somebody curious enough, and smart enough to figure out a hack, and then package it up in an easy to use tool.

I think I’m going to start a company that sells firewalls and antivirus scanners for cars.

This why my car is like the Battlestar Galactica of disaster proofing. Analog connection from ipod to 100$ Kenwood. Suck it, hackers and computer overlords.

Yep, the analog hole is your friend.

But in the future, will you still have that option? The software and network are in the cars now, and in the future. That won’t disappear. Bluetooth and remote control systems like OnStar are becoming standard equipment rather than optional features. This provides avenues of attack on your vehicle even if you don’t want or use them. You might be able to physically disconnect them, but then again, if they become integrated with the rest of the modules used to actual provide control of the car, that may not be possible without compromising the ability of the car to actually function.

Nice.

The idea that a music file can disable someone’s brakes really sounds like something out of a Cylon attack plan.

As far as music files go, I bet we will have that option, simply because an analog input is cheap and useful — and earphone jacks on music players will always be analog outs.

As for other kinds of attacks, no doubt you’re right – and wasn’t there already a case, several years ago now, where a production car shipped with a virus onboard? IIRC it was a virus not relevant to the car per se, but still, there it was.

I’m also wondering about a car-based equivalent of the infamous Sony rootkit from that country album a few years back.

I think car makers have been pretty lax with security (outside of door locks and car alarms), hoping that the traditionally closed and isolated nature of their systems keeps them relatively safe from attack. They’ve already moved to more computerized systems (which happened years and years ago) and those systems are now getting more tightly integrated or coupled. An attack vector like this was bound to crop up sooner or later.

For the past few years, this type of risk has only been in the higher end premium and luxury brands, but soon it will start to trickle down to more basic brands and models.

If anything, I hope this brings more scrutiny to the car makers to begin to provide better security along with all the new features everyone wants.

Lastly, all this tight coupling also makes replacing parts afterwards by yourself nigh impossible, but that’s a different rant.

My car got rootkitted by Sammy Hagar, now I can’t drive 55.

Honest officer. This Maserati started doing 185 all by itself when I popped in my Joe Walsh CD!

Just another reason why you shouldn’t date robots.

I can’t imagine why the dumbasses don’t have a physical separation between the media system and EVERYTHING ELSE.

I laughed.

Hey, robots can have analog parts! Also, steampunk robots with mechanical brains.

It’s likely cost, and security of the electronic systems not yet being a big enough issue to overcome that cost savings. I expect that will change in the future design of cars, especially if a major public incident of successful hacking occurs.