TechFrag
  • News
  • Apple
  • Google
  • Microsoft

Carjacking Your Vehicle is as Easy as Playing a Song in it for 18 Seconds!

By Sarmad Lillah  /  3 years ago Share Tweet
Carjacking

So you thought that having computerized systems in our car made it a little tougher for the carjackers? Well, think again, a group of researches say that carjacking a vehicle is so easy with the new technology that you can put in a malware just by allowing the car to play a said track of song!

Stefan Savage, professor of Computer Sciences at the University of California, San Diego who heads the research team claims “basically, give me 18 seconds of playtime and we can insert the attack code” in the modern car’s operating system.

He was talking to the Usenix Enigma conference in San Francisco on Tuesday where he explained that cars these days use a mash up of different third-party and OEM software that end up making the car vulnerable to hacking and hence carjacking.

This is so because some of the operating systems being used in the vehicles are not as hard to compromise as others; for example, the entertainment system.

Savage explained how they managed to attain full control of a car by playing a malware bearing .WMA track from a CD inside the car.

He says that most of the cars have a government-mandated OBD-II port and mastering that makes it easy to master the car’s security system as well. Also, a simple firewall is not going to help in this because of the variety os systems at play in many cars.

For cars the OEM is not the developer, they are the integrator, so there are software supply chain issues. Source code is frequently not available, so code inspection does not work, since no party in the world has access to all of a car’s source code.

A firewall is not going to do it, the architecture is too complex and cost really counts to these guys – saying ‘It’s only a $5 fix per car’ doesn’t cut it. That said, there could be a great tinfoil hat boutique business for hackers who want to pimp their cyber ride with a firewall.

In short, the only way right now to avoid such a carjacking is to have a remote updating system.


Being the Managing Editor of TechFrag, Sarmad splits his time between keeping up with latest news, technology, gaming and other awesome things like unearthing the merits of staying up at night and Californication!

Previous Next

Join the Conversation

Load Comments

Subscribe to our newsletter

Popular Now

Leaked Google Home Hub Renders Shows Touchscreen Smart Device
Xiaomi Introduces Mi 8 Pro Smartphone With In-Display Fingerprint Reader And Mi 8 Lite

Editor's Picks

  • 4 Easy Ways to Keep Your Website Secure
  • The Problem Of Spam-Associated Emails And IPs And The Utility Of Blackli…
  • Overcoming the Challenges of Log Data Management
TechFrag on Twitter TechFrag on Facebook
About   /   Contact  /  Advertise   /   Write for Us   /   Privacy Policy
TechFrag.com 2019 © All Rights Reserved