Not physically separating essential vehicle control from the onboard entertainment system, because what could possibly go wrong? I seriously wonder if there's any assassinations that've happened with the use of this mechanism. (1. wait until approaching intersection at high speed, 2. disengage brakes + steering wheel, is probably very effective) Gotta love how these cars constantly report their locations :)

On 24-Jul-15 11:52, Georgi Guninski wrote:

...

I seriously wonder if there's any assassinations that've happened with the use of this mechanism. (1. wait until approaching intersection at high speed, 2. disengage brakes + steering wheel, is probably very effective)

We were discussing this in chat. Someone suggested "sooner or later sploits like this will appear on black/gray sploits markets or even become public". Then likely car accidents will go up and maybe mainstream media will cry "car/hackers injure human" (the other way is not news, it is statistics).

Some conspiracists conjectured this might have happened in the fatal, fiery crash of the investigative journalist Michael Hastings in L.A., but without hard evidence it's the purview of the credulous prone to conspiracy theories rather than an actual one (of which there are many). Attacks had been publicly demonstrated by then. Such intrusions would be hard to trace (especially without access to do the forensics). If it hasn't happened yet, it will in the future. People will continue to use smart cars as it's convenient and will be entrenched and socialized in by the time hoi polloi would begin to appreciate the danger. The smart car tech will also be collecting that much more info on users in the vein of smartphones, Google, Facebook, Acxiom, and the lot.

Anyone care for a law that will: 1. Ban unhackable vehicles and other life-critical devices (meaning: life-critical software must be rewritable) 2. Require all life-critical software to be released in source format, for the purpose of public auditing, improving it's safety features and employing the software on the devices it is intended for. 3. Any tools used to translate the source to writable code must also be provided in the manner of 2. These laws should still allow manufacturers to: 1. Spy on their users without that being changed 2. Lock down their code so competitors may not use it (proprietary open source) 3. Have software in the machines that is not opened; so long as it is properly (verifiably) isolated from essential systems 4. Legally own the entire machine 5. Drop guarantees when non-security-related modifications have been made etc This law should be as precise and immutable as possible. This is not a matter of "I want to hack things" or "competition would be better if it were open" or "I want to own what I have/use", etc, etc. Being precise with the law allows it to pass more readily. Personally I think if everything were required open source and self-compiled; that would objectively be better for humanity as a whole. For protecting innovation there's patents, closing the source is excess. Etc. etc. But this is not about fun. This is about extremely basic safety. It is about national security; if 500,000 cars go haywire at the same time a lot of deaths, directly and indirectly, can be expected. And it's not just the cars; it's also the industrial machines, medical equipment, the metro's and trains, the automated cars and busses and trucks and aircraft, medium sized hobbyist drones, heaters, stoves and ovens, automated doors, elevators, fire, smoke and other emergency alarms, etc. Should a foreign country cyberattack whilst doing any other kind of large scale attack; the effects could be devastating. Should a person be marked for assassination, no one would be the wiser. I'd argue for similar protection for fridges, televisions, smartphones, etc, etc, as more and more items are expected to become networked and essential for upholding basic freedoms and ways of life. And I'd argue to have it for privacy; not just essential safety. Simply put; the simple version of the law above is imperative for personal and national security. And it doesn't exist. (note: all countries should be more worried about cybersecurity. I cannot trust my government to act as it should if every public servant can be blackmailed or thoroughly spied upon. It's not hard to improve security; but it's much harder now that nobody's doing it, and now that it's given no priority)

2015-07-25 5:38 GMT+09:00 Cathal Garvey :

Without getting into the issue of whether patents encourage innovation.. I do think that medical devices are a special case. If you have a heart implant, that thing needs to be "unhackable", but also totally verifiably safe. So there should be firmware signing, no mutable state, verifiable memory safety...but the code should be open source, and if need be the firmware signing key for each device (needs to be different for each device!) should be accessible by a legitimate owner.

So, no more remote-hackable heart implants, but doctors and cardiac technicians can still apply critical patches and inspect the source for sanity.

Why should a heart implant be different than a car? Because there's experts involved? There's always experts involved! Because it's so life critical? It's always "so life critical"! Legally difficult is the differences between "owner" and "user". I think whomever actually uses the device should be the one to be able to hack it. That includes leases, rents, corporate ownership, and everything else. "I drive it, I decide the software it runs". This follows from the idea that "the software's choices are my choices" - in case of such direct life affectors that choice should never be taken away. It's funny; I think this evolved into an equivalent of the "forced inoculation" argument... There's some point to be made for experts truly knowing better, and nobody having any reason to go against the experts' opinions. I think that, in that case, any rational person should be able to reach that same conclusion. If they don't, well, that's a more general problem to be approached separately.

On Fri, Jul 24, 2015 at 10:20:20PM +0000, jim bell wrote:

It should be fairly simple to protect against heart-implant hacks.  First, communication with them is probably limited to inductively-coupled signalling, at a fairly high level.  Secondly, it should be based on a two-way challenge/response system:  The external device signals a code, call it a password, to which the implant would respond with a reply, which itself includes a randomized code.  The external device reads that randomized code, processes it in some way (presumably a hash), and retransmits it to the implant.  Only if the implanted device receives what it considers the correct code, would it allow further manipulation.  Presumably, any attempt to illegitimately access such a device wouldn't be close enough to read the implant's reply signals, and thus couldn't proceed further. "Do you have have a match?".   "No, but I have a lighter".  "Even better".   "Until they go wrong".

         Jim Bell

IMHO even if you get perfect info security (which is impossible), this will be just a small step. Humans are screwing the climate and the food with dangerous food supplements. In the long term this might extinguish humans in its present form. Heard that in Australia skin cancer is major concern, closely related to the Sun and there a lot of food supplements (locally we call them "E"-s) are forbidden by law. I deny being green, but judge for yourself.

"There is reason to believe that intelligence agencies for major powers -- including the United States -- know how to remotely seize control of a car. So if there were a cyber attack on the car -- and I'm not saying there was, I think whoever did it would probably get away with it." - Richard Clarke, US Counter-Terrorism Czar during Clinton and Bush. On July 24, 2015 3:11:31 PM PDT, Seth wrote:

On Fri, 24 Jul 2015 10:18:07 -0700, M373 wrote:

...

On 24-Jul-15 11:52, Georgi Guninski wrote:

...

...

I seriously wonder if there's any assassinations that've happened with the use of this mechanism. (1. wait until approaching intersection at high speed, 2. disengage brakes + steering wheel, is probably very effective)

We were discussing this in chat. Someone suggested "sooner or later sploits like this will appear on black/gray sploits markets or even become public". Then likely car accidents will go up and maybe mainstream media will cry "car/hackers injure human" (the other way is not news, it is statistics).

Some conspiracists conjectured this might have happened in the fatal, fiery crash of the investigative journalist Michael Hastings in L.A., but without hard evidence it's the purview of the credulous prone to conspiracy theories rather than an actual one (of which there are many).

Right, I mean the official story was such a credulous one, and no one in squeaky clean US power structure had any motive to eliminate an investigative journalist like Hastings.

Oh those credulous conspiracy theorists with their crazy theories about

assassination via car hacking.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/24/2015 07:46 PM, M373 wrote:

"in the case of Michael Hastings, what evidence is available publicly is consistent with a car cyber attack. And the problem with that is you can't prove it."

And if the target of such an attack becomes suspicious, his comments about those suspicions become evidence of insanity and help to account for his untimely demise. Need some volunteers and/or a funding angel to create a corpus of howto docs that identify the RF receiver parts in automotive ECM units and their associated wiring harnesses, including which pins to cut to assure radio silence in both directions. Oh wait - voiding your warranty would be more proof of insanity. :o/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVsvN+AAoJEDZ0Gg87KR0LqGgP/0ZIg7+dfZsNg1ojXQO2LHQx UN3BPoW/KzO4VxTZZ+3lO7yqWl9w+zw7ZQSMzgjoTpId5GDnuT/bbpdj2+GW6r4q /qnhmASE0jTjtev4mBEbPglAC6slEJREHimpfN1+TunU4xM7ZYu0dJIiu0OF7Z8o csTFAzkIq6rRclzQJP4qi7yzz5xaP77ND+VTptR7Gqdo7/ynatfhmxaQMAzAVNlF ZVIo8CFKcwihLlLvy2u92ZppjN6KnmDUWjxtt4EfmxunKR+09EZnkhwBCk37FF5A WuJPIfTg20yawIs3riKVKNo3sAEBJFQI/8/izkzaXC9SYnlrpVftR8b0kz07K/Xo CREn6m7LPDezPzXahvNAVdI0cMbKbQLruZvrMzRlai18Z2ya8GpFIa0XA5zytXQq XSEnlFBqsaHRUqMehoyeKY7PKUMwrmwtOSeVlFeyEX3zCjT9U+k4+LlWQFjcjSyp 2TZ/hqj9giWJr9q0JqRQXUl9ns5W/pmGjwRDWJPqNNEzpdo60WSxSkxoYUUS6XCU lJ+YxpkWKZTl/93oLl8xAcDTmN3DA4YN3CSvo9/n1vP2pgtYmQhoVo+h1GP/8cu/ Zs5yUd4W8IG6LAhr4kAVSaaU4qbopcYAQ7kypPUw4Q5BPZ71whyDDtosB257Ik7j CfwZjtW0D80HrNSZlV0f =huBF -----END PGP SIGNATURE-----

From: Razer On 07/24/2015 07:25 PM, Steve Kinney wrote:

Need some volunteers and/or a funding angel to create a corpus of howto docs that identify the RF receiver parts in automotive ECM units and their associated wiring harnesses, including which pins to cut to assure radio silence in both directions.

RF sniffers are common electronic equipment. Keychain wireless networks detectors and all that. Just pay attention to where your hands wander attempting to pinpoint the rf source's location, HEI ignition systems, fan belts , whirling parts etc, maim and kill. There are some rather economical spectrum analyzers being sold today.   Example:  http://www.triarchytech.com/?gclid=Cj0KEQjw58ytBRDMg-HVn4LuqasBEiQAhPkhuqJwq... http://www.flyteccomputers.com/Spectrum-Analyzer http://nutsaboutnets.com/rfviewer/ http://www.ebay.com/itm/USB-RF-Spectrum-Analyzer-3-3GHZ-/281757383569 Some of the devices I've seen advertised may only be WiFi-signal capable.  Somebody doing this work seriously should probably get a full-spectrum unit, from low-tens-of-megahertz to 5 GHz or so. Of course, there is this:http://www.ebay.com/itm/Tektronix-494P-Tek-Spectrum-Analyzer-with-Cover-Works-GPIB-Tested-and-Works-/291518180539?pt=LH_DefaultDomain_0&hash=item43dfd66cbb Ironically, the newer, cheaper units may be much better for your task, in part because the USB spectrum analyzers can be put on the end of a USB cable, and they therefore interface directly with modern computers.                Jim Bell

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/25/2015 09:06 PM, jim bell wrote:

*From:* Razer On 07/24/2015 07:25 PM, Steve Kinney wrote:

...

Need some volunteers and/or a funding angel to create a corpus of howto docs that identify the RF receiver parts in automotive ECM units and their associated wiring harnesses, including which pins to cut to assure radio silence in both directions.

RF sniffers are common electronic equipment. Keychain wireless networks detectors and all that. Just pay attention to where your hands wander attempting to pinpoint the rf source's location, HEI ignition systems, fan belts , whirling parts etc, maim and kill.

[ ... ] Any bench tech with access to publicly available documentation - and the physical hardware - should be able to identify the RF components in any automotive control system without too much trouble. ECM units are fairly well RF isolated, so those that talk to the world should normally have easily identified connections to external antennas. High frequency transceiver components usually have their own RF shielded areas on the board as well. Cutting one wire or IC pin per unit (antenna or IC power) should isolate it from remote access. If necessary functions fail, undo the mod and try elsewhere until the desired results are obtained. In the U.S., getting hold of ECMs to play with presents some inconveniences: Junk yards pull ECMs and sell them back to their manufacturers - some nonsense about "intellectual property" seems to be involved - so there aren't many available on the open market to play with. But where there's a will, a few dollars and a small pile of pointy tools, there's a way. :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVtWSRAAoJEDZ0Gg87KR0LoLkP/Rdod+ZI9btH2wCJK19VGkYy RoXdALV49AtAxMWJ+iTxVowTSNpX2aD5rCer3IAC48HbS6GWT46g0t6zwfp0gF1r Erg+Cr2ezSvzfhepcWAMGTxM6KkvkK2roDAzXW88lD5FPSNb9SWoC/MJ9qXb2VMX OZW8AIbPrcV1Q8UWChbQlI8YIASAfH0+w+EVq7oimynauwlPfBTQP365UW/aLk4Q rzanQoEOIKtwU7hWVfNBlCisLVWpQwXQiRrg3a+nTa1Px/ZeVJPiG2Kw8w3GLFJS CIoOdwVAGKeJKW4oGCmegqAIwlrqzH5Qo5LXvkGK+I5vdG8IttLeYqTksfgmkBpu p9rHr+TPTMr/4KaPDC7ZA6424B3Yf6C1pcrQ95hk5pBD5zVShroP4yYXF6rkryX4 LMKf+9pPG7uKJy9hI7c/8QnSzg55LK4h5/5kVe6dVbU4lvQIORhGFVk8pIP3HR7o N/+9Thbdk/eYk/x2iB+EcCmTSehc1elCHNrkZllzG4m0wSLXpLF5Jj0nzBZWgspP UN1QanHNOeydzgsxTOkzxHuU8RlsXxhZMUXCGP+Ynd38MuwQl+jt4SVcmTFvoC/p akEz8reODtNfVLAlCCLh1Eu7MxHRByFyV4kAkiUagAfw9JNpDzMtHycC6wqw24B0 0DNAlMG3kj/leuzF9gZS =aNZ0 -----END PGP SIGNATURE-----

On 7/24/15, M373 wrote:

It's not a matter of credulity in believing that authorities would carry out such an assassination, the problem is asserting such an act without direct evidence. As I said, and as insider Richard Clarke said, it would be difficult to show.

this came up in a separate context, so thought experiment: let's assume a rogue contractor, not US establishment in any official manner is our hypothetical malicious actor in this situation. let's assume they acted to maximize effectiveness at the expense of identifying characteristics. let's construct a scenario for replay in situ to compare? dialed to MAX DEATH! [ not s t e a l t h . . . ] --- 2013 Mercedes, through MBRACE hack you attain full authority over: - Central Control Module (CCM) - Central Timing Module (CTM) - Electronic/engine Control Module (ECM) - Engine control unit (ECU) - Powertrain Control Module (PCM) - Transmission Control Module (TCM) - Speed control unit (SCU) - Brake Control Module (BCM or EBCM) - Vehicle Control Module (VCM) Electronic Powersteering (EPS) - General Electronic Module (GEM) - Body Control Module (BCM) - Suspension Control Module (SCM) - Telematic control unit (TCU) - Battery management system begin attack!>> 0. ... delay tipping until target location, speed, orientation RDY ... 1. EBCM disable, zero halt 2. PCM fix in mid gear, prep to redline 3. ECM throttle position to maximum 4. VCM EPS to remote drive override, E.g. swerve to target 5. SCU, TCU monitor for rapid deceleration then, immediately: 5a. ECM fuel pumps to max flow rate 5b. GEM set all lights, indicators, fans, servos, etc. to ON 5c. Battery management system destructively short discharge [ AKA, incendiary mode ] now compare this collision with expected outcomes of human at the wheel using normative controls. best regards, codermange who love his '67 Chevy C20 long bed farm truck more each day :)

On 7/24/15, Shelley wrote:

On July 24, 2015 3:20:23 PM Seth wrote:

...

On Fri, 24 Jul 2015 10:18:07 -0700, M373 wrote:

...

On 24-Jul-15 11:52, Georgi Guninski wrote:

...

...

I seriously wonder if there's any assassinations that've happened with the use of this mechanism. (1. wait until approaching intersection at high speed, 2. disengage brakes + steering wheel, is probably very effective)

We were discussing this in chat. Someone suggested "sooner or later sploits like this will appear on black/gray sploits markets or even become public". Then likely car accidents will go up and maybe mainstream media will cry "car/hackers injure human" (the other way is not news, it is statistics).

Some conspiracists conjectured this might have happened in the fatal, fiery crash of the investigative journalist Michael Hastings in L.A., but without hard evidence it's the purview of the credulous prone to conspiracy theories rather than an actual one (of which there are many).

Right, I mean the official story was such a credulous one, and no one in squeaky clean US power structure had any motive to eliminate an investigative journalist like Hastings.

Oh those credulous conspiracy theorists with their crazy theories about assassination via car hacking.

Calling something a conspiracy theory is a common disinfo tactic. We used to have to play Spot the Fed, now they out themselves...

Bah, humbug! Conspiracy theory if ever I heard one!

On Fri, 2015-07-24 at 19:52 +0300, Georgi Guninski wrote:

btw, Who are the owners/manufacterers of this jeep? AMC?

The Jeep marque has been part of the Chrysler family of brands (the others being Chrysler, Dodge, and Ram, and previously Plymouth and Eagle) since 1987 per Wikipedia. The current corporate owner is Fiat Chrysler Automobiles (FCA) as mentioned in the article. -- Shawn K. Quinn

On 7/24/15, Lodewijk andré de la porte wrote:

Not physically separating essential vehicle control from the onboard entertainment system, because what could possibly go wrong?

I seriously wonder if there's any assassinations that've happened with the use of this mechanism. (1. wait until approaching intersection at high speed, 2. disengage brakes + steering wheel, is probably very effective)

Gotta love how these cars constantly report their locations :)

Princess Diana - although because of the era, that was more sophisticated - retroactively modified systems in the car. Plenty of suspicious private (and not so) jet crashes over the years too. Non-overridable remote-control systems - what could possibly go wrong?

From: Zenaan Harkness

Plenty of suspicious private (and not so) jet crashes over the years too. Non-overridable remote-control systems - what could possibly go

wrong?

"Welcome to Westworld, where nothing can go wrong...go wrong...go wrong...."       Jim Bell (You'd have to bet 50 years old to see that movie in the theaters.)