Carjacking Your Vehicle is as Easy as Playing a Song in it for 18 Seconds!

By  /  5 months ago

So you thought that having computerized systems in our car made it a little tougher for the carjackers? Well, think again, a group of researches say that carjacking a vehicle is so easy with the new technology that you can put in a malware just by allowing the car to play a said track of song!

Stefan Savage, professor of Computer Sciences at the University of California, San Diego who heads the research team claims “basically, give me 18 seconds of playtime and we can insert the attack code” in the modern car’s operating system.

He was talking to the Usenix Enigma conference in San Francisco on Tuesday where he explained that cars these days use a mash up of different third-party and OEM software that end up making the car vulnerable to hacking and hence carjacking.

This is so because some of the operating systems being used in the vehicles are not as hard to compromise as others; for example, the entertainment system.

Savage explained how they managed to attain full control of a car by playing a malware bearing .WMA track from a CD inside the car.

He says that most of the cars have a government-mandated OBD-II port and mastering that makes it easy to master the car’s security system as well. Also, a simple firewall is not going to help in this because of the variety os systems at play in many cars.

For cars the OEM is not the developer, they are the integrator, so there are software supply chain issues. Source code is frequently not available, so code inspection does not work, since no party in the world has access to all of a car’s source code.

A firewall is not going to do it, the architecture is too complex and cost really counts to these guys – saying ‘It’s only a $5 fix per car’ doesn’t cut it. That said, there could be a great tinfoil hat boutique business for hackers who want to pimp their cyber ride with a firewall.

In short, the only way right now to avoid such a carjacking is to have a remote updating system.

Join the Conversation

Hot Right Now

AMD Zen Chipset

AMD Only Producing Octa-Core Zen Summit Ridge CPUs in the Initial Wave

A new report has just surfaced on the web which suggests that AMD will only be producing octa-core...

by   /   2 months ago

Microsoft Proposes a Cheap Solution to Eliminate Nausea on AR and VR H…

Virtual reality, as a market, is currently in its budding form, but the domain is progressing...

by   /   2 months ago
Sapphire R9 390 Toxic_1

Radeon R9 390 Toxic Features The Highest Factory-overclock by Sapphire

While AMD Polaris--the next-gen GPU architecture--is just around the corner, OEMs can't stop...

by   /   2 months ago
Intel Broadwell-E Core i7-6850K CPU_1

Intel Core i7-6850K Pictured and Benchmarked, ~10% Higher IPC Than Has…

Photos of the Intel's upcoming six-core Core i7-6850K have just made their way to the web thanks to...

by   /   2 months ago

ASRock’s New BIOS Updates for X99 Boards Add Support for Broadwell-E…

With the launch of Intel Broadwell-E CPU lineup just around the corner, ASRock has issued out new...

by   /   2 months ago
Load More