Prius owners can be annoying but this is going a bit too far

Subject: General Tech | July 26, 2013 - 02:18 PM |
Tagged: prius, hack

At Defcon this year there will be some rather disturbing hacks presented dealing with the popular Prius hybrid car along with some less dangerous examples.  While convincing your car it is going 199 mph when it is standing still is somewhat amusing, the ability to disable the brakes while the car is in motion is a much more serious vulnerability.  The presenters will also show how the assisted parking feature can be used to turn the wheel while a car is at highway speeds which could well cause serious accidents.  This is not quite the Hollywood-style complete remote control of a car you should check out the story at Hack a Day to get an idea of what is now possible on at least one model of vehicle.

View Full Size

"This one’s a treasure trove of CAN bus hacks that will scare the crap out of an unsuspecting driver — or worse. [Charlie Miller] and [Chris Valasek] are getting ready to present their findings, which were underwritten by DARPA, at this year’s Defcon. They gave a Forbes reporter a turn in the driver’s seat in order to show off."

Here is some more Tech News from around the web:

Tech Talk

Source: Hack a Day
July 26, 2013 | 02:33 PM - Posted by Anonymous (not verified)

So what these guys are saying is if I see my dashboard torn apart with a cable plugged into the car and a man with a beard and a laptop in the back seat I should be worried. Got it.

July 26, 2013 | 03:45 PM - Posted by arbiter

i would expect fact these issues are known, and how to exploit them makes doing it later on much less destructive. Kinda like the electric key card locks a ton of hotels have that you can make a pen that connects and opens the door.

July 26, 2013 | 04:09 PM - Posted by Anonymous (not verified)

OP. You. Don't. Get. It.

The point is that companies are selling us products and not paying attention to security. Some people think that the journalist Michael Hasting was killed last month by someone hacking into his car.

July 26, 2013 | 05:51 PM - Posted by Jeremy Hellstrom

True ... but still check the back seat for neckbeards as well

July 28, 2013 | 05:47 AM - Posted by Humanitarian

Actually this isn't anything new it's been possible for years.

There have been vulnerabilities via indirect
physical channels (CDs and service visits), short-range
wireless channels (Bluetooth), and long-range wireless
(cellular) that can gain control of the vehicle. (Not just the neckbeard in your back seat)

The rate at which technology is advancing in the motor industry means there is very little time devoted to the security of these systems. I think more people like yourself should educated on the issue.

If you want to read more this was a study taken in 2010 by the University of California - http://www.autosec.org/pubs/cars-usenixsec2011.pdf

July 26, 2013 | 08:03 PM - Posted by razor512

they have not shown where the controls were connected. does it really require the entire dashboard to be removed, or was it their test car where they destroyed the dashboard in the process of reverse engineering but now have an attach that works through the OBDII port?

more info is needed.

also info on if additional data can be stored, eg someone sneaking into your car at night, uploading some code which causes the car to floor the accelerator, disable the breaks, disable the airbags, and finally make the car do a sharp turn the moment you hit a certain speed.

July 26, 2013 | 10:36 PM - Posted by Jeremy Hellstrom

Proof of concepts are akways messy.  This sort of thing will, and has on past vulnerabilities, evolve.

Still watch out for strangers in your back seat though, that vulnerability tends to be obvious.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.