Researchers discover that cars can be hacked with music

car_dash

In 2009, [Dr. Stefan Savage] and his fellow researchers published a paper describing how they were able to take control of a car’s computer system by tapping into the CAN Bus via the OBD port. Not satisfied with having to posses physical access to a car in order to hack the computer system, they continued probing away, and found quite a few more attack vectors.

Some of the vulnerabilities seem to be pretty obvious candidates for hacking. The researchers found a way to attack the Bluetooth system in certain vechicles, as well as cellular network systems in others. Injecting malicious software into the diagnostic tools used at automotive repair shops was quite effective as well. The most interesting vulnerability they located however, was pretty unexpected.

The researchers found that some car entertainment systems were susceptible to specially-crafted MP3 files. The infected songs allowed them to inject malicious code into the system when burned to a CD and played. While this sort of virus could spread fairly easily with the popularity of P2P file sharing, it would likely be pretty useless at present.

The researchers say that while they found lots of ways in which it was possible to break into a car’s computer system, the attacks are difficult to pull off, and the likelihood that they would occur in the near future is pretty slim.

It does give food for thought however. As disparate vehicle systems become more integrated and cars become more connected via wireless technologies, who knows what will be possible? We just hope to never see the day where we are offered an anti-malware subscription with a new car purchase – at that point, we’ll just ride our bike, thanks.

[Picture courtesy of Autoblog]

Automotive current monitor

If you’ve ever had a car with an electrical system problem you know how hard it can be to pin-point the source of your woes. Here’s a hackery solution that uses a diy PCB to monitor the current being drawn off of the alternator.The sensing is provided by an Allegro ACS758 integrated circuit. This chip measures current up to 150A and outputs an analog signal that can be measured by a microcontroller. In this case an AVR ATmega8 measures the signal and spits the info back to a PC via the serial port. This data can be graphed to help locate when too much current is being drawn for the battery to remain charged.

Check out that CNC milled PCB, what a beauty!

[Thanks Joshua via Elektronika]

OBD-II Automotive data logging

obd2

[Avi Aisenberg] sent us his final project for ece 4760.  His team built and OBD-II data interface. Even though OBD-II is an industry standard, each manufacturer has implemented it differently. This is where this project shines. They have built it to be capable of talking to any of them. Not only that, but it has a nice backlit LCD screen for diagnosing issues without having to go back to your computer and downloading the data. If you really don’t need all the bells and whistles, you can make one for roughly $15. They even have an OBD-II app for the iPhone.

Cornell ECE Final projects: Spring 08


I was starting to wonder when [Bruce] would send in this years final projects from the Electrical and Computer Engineering students at Cornell University. The first project looks like a great one for the green geek – a controllable power usage monitoring power outlet. The music geeks should dig midi trumpet interface, but the car geeks might have problems keeping away from the soldering iron after they see the CAN bus SD card data acquisition system. There are plenty more, so go check em out.