Imagine for a moment what it would be like to be driving along and have the car suddenly brake while traveling at 80 miles an hour. For those in the know on the car hacking field, this horrifying scenario is a lot more possible than may be expected, and the secrets of making cars do things like this are about to come to light. Thanks to Charlie Miller and Chris Valasek, the Def Con convention running this week in Las Vegas is about to feature many scary possibilities of car hacking.
Miller and Valasek will be publishing a massive 100-page white paper containing detailed blueprints of techniques involved in attacking systems in two main vehicles: the Toyota Prius and the Ford Escape. Miller and Valasek's report is the culmination of several months of study backed up by a grant from the United States government, and will hopefully offer some crucial tips on how automakers and auto owners can sufficiently harden systems against outside incursion before said tips can be used against said vehicles.
Miller and Valasek are said to be part of the “white hat” hacker community, a community that operates in a similar fashion to the “black hat” community, but to different ends. White hat hackers attempt to find flaws in security before said flaws can be used against a company or against users, while black hat hackers look for the same flaws, but to actually use said flaws against the companies and users in question.
The flaws that Miller and Valasek found are disturbing by any measure; with the combination of the flaws that the duo found and the software the duo plans to release to take advantage of said flaws, not only can the aforementioned sudden braking at 80 miles an hour happen, but also several other horrifying possibilities like sudden acceleration, a jerk of the steering wheel, or even remotely disabled brakes under certain conditions.
Terrifying, of course...but there are some conditions here that are noteworthy. When Miller and Valasek did the work, the duo was actually inside the cars, using laptops connected directly to the computer networks in the vehicles. A remote hack on vehicles is much less likely, and would likely require physical contact with the vehicle to accomplish. Still, since the possibilities are so disturbing, it behooves automakers to at least consider them and work to find ways to counteract such attacks before said attacks can be fully realized. Indeed, research into remote hacks has already taken place, and that research is kept under such close guard that few even know what model of car had been hacked.
Granted, it isn't likely that drivers will have to worry about control of vehicles being seized via remote and transferred to persons unknown who will then take the opportunity to conduct a remote joy ride with the vehicle possibly resulting in the former driver's death. But the possibility of malfeasance is there, and as such needs to be prudently addressed for the sake of driver safety. Indeed, Ford and Toyota are already considering Miller and Valasek's research, and that may well mean that by the time the duo shows off the findings, Ford and Toyota will already be well on the way to fixing the problem.
Edited by
Alisen Downey