A Honda car behind a gate, with its turn signals shown blinking as it's being unlocked by a portable device implementing the hack in question. Text under the car says "Rolling Pwned".

Unlock Any (Honda) Car

July 8, 2022 by Arya Voronova 76 Comments

Honda cars have been found to be severely vulnerable to a newly published Rolling PWN attack, letting you remotely open the car doors or even start the engine. So far it’s only been proven on Hondas, but ten out of ten models that [kevin2600] tested were vulnerable, leading him to conclude that all Honda vehicles on the market can probably be opened in this way. We simply don’t know yet if it affects other vendors, but in principle it could. This vulnerability has been assigned the CVE-2021-46145.

[kevin2600] goes in depth on the implications of the attack but doesn’t publish many details. [Wesley Li], who discovered the same flaw independently, goes into more technical detail. The hack appears to replay a series of previously valid codes that resets the internal PRNG counter to an older state, allowing the attacker to reuse the known prior keys. Thus, it requires some eavesdropping on previous keyfob-car communication, but this should be easy to set up with a cheap SDR and an SBC of your choice.

If you have one of the models affected, that’s bad news, because Honda probably won’t respond anyway. The researcher contacted Honda customer support weeks ago, and hasn’t received a reply yet. Why customer support? Because Honda doesn’t have a security department to submit such an issue to. And even if they did, just a few months ago, Honda has said they will not be doing any kind of mitigation for “car unlock” vulnerabilities.

As it stands, all these Honda cars affected might just be out there for the taking. This is not the first time Honda is found botching a rolling code implementation – in fact, it’s the second time this year. Perhaps, this string of vulnerabilities is just karma for Honda striking down all those replacement part 3D models, but one thing is for sure – they had better create a proper department for handling security issues.

How Far Can You Push A £500 Small Electric Car; Four Years Of The Hacky Racer

June 22, 2022 by Jenny List 31 Comments

Four years ago when the idea of a pandemic was something which only worried a few epidemiologists, a group of British hardware hackers and robotic combat enthusiasts came up with an idea. They would take inspiration from the American Power Racing Series to create their own small electric racing formula. Hacky Racers became a rougher version of its transatlantic cousin racing on mixed surfaces rather than tarmac, and as an inaugural meeting that first group of racers convened on a cider farm in Somerset to give it a try. Last weekend they were back at the same farm after four years of Hacky Racer development with racing having been interrupted by the pandemic, and Hackaday came along once more to see how the cars had evolved. Continue reading “How Far Can You Push A £500 Small Electric Car; Four Years Of The Hacky Racer” →

Volvo C30 Custom Gauge And CAN Bus Reverse Engineering

June 15, 2022 by Maya Posch 8 Comments

With cars being essentially CAN buses on wheels, it’s no wonder that there’s a lot of juicy information about the car’s status zipping about on these buses. The main question is usually how to get access to this information, both in terms of wiring into the relevant CAN bus, and decoding the used (proprietary) protocol. Fortunately for [Alex], decoding the Volvo VIDA protocol used with his Volvo C30 was relatively straightforward, enabling the creation of a custom gauge that displays information like boost pressure and coolant temperature.

The physical interfacing is accomplished via the car’s OBD port, which conveniently provides access to the car’s two (high-speed and low-speed) CAN buses. Hardware of choice is an M2 UTH (Under the Hood) board, sporting a SAM3X Cortex-M3-based MCU, designed for permanent automotive installations. On [Alex]’s GitHub project page it is explained how the protocol works, and which bytes to look for when replicating the project.

Rounding off the project is a round LCD display from 4D Systems that cycles through the status update screens. As a bonus, the dashboard illumination level is also read out in real-time, so the brightness of the display is adjusted to fit this level. All in all a well-rounded project, with interesting prospects for a more permanent integration of the gauge into the dashboard proper.

Continue reading “Volvo C30 Custom Gauge And CAN Bus Reverse Engineering” →

Defeat Your Car’s Autostop Feature With A Little SwitchBot

May 18, 2022 by Lewin Day 207 Comments

These days, many new cars come with some variant of an “auto-stop” feature. This shuts down the car’s engine at stop lights and in other similar situations in order to save fuel and reduce emissions. Not everyone is a fan however, and [CGamer_OS] got sick of having to switch off the feature every time they got in the car. So they employed a little robot to handle the problem instead.

The robot in question is a SwitchBot, a small Internet of Things tool that’s highly configurable for pressing buttons. It’s literally a robot designed to press buttons, either when remotely commanded to, or when certain rules are met. It can even be configured to work with IFTTT.

In this case, the Switchbot is set up to activate when [CGamer_OS]’s phone is placed in phone mount, where it scans an NFC tag. When this happens, Switchbot springs into action, switching off the autostop function. It was set up this way to avoid Switchbot hitting the button before the car has been started. Instead, simply popping the smartphone in the cradle activates the ‘bot.

It’s a rather creative use of the SwitchBot. They’re more typically employed to turn on dumb devices like air conditioners or heaters that can otherwise be difficult to control via the Internet. However, it works well, and means that [CGamer_OS] didn’t have to make any permanent modifications to the car.

The design of the SwitchBot reminds us of the Useless Box, even if in this case it has an actual purpose. Video after the break.

Continue reading “Defeat Your Car’s Autostop Feature With A Little SwitchBot” →

’90s Ford Gets Shift Paddles And A Digital Dash Upgrade

May 12, 2022 by Lewin Day 7 Comments

The EA Falcon took Ford’s popular Australian sedan line into the 1990s, even if it gave way to the EB Falcon by the end of 1991. Few would call it high tech, but it introduced several innovations to the platform that were very of its time. One hacker, however, has taken a humble EA Falcon and given it a set of homebrewed modern upgrades.

The maroon EA Falcon has scored a Barra heart transplant as well as some nifty digital upgrades.

The example in question is an EA Fairmont Ghia, which featured a handful of high-tech displays in the dash cluster, which was very on trend in the late 80s and early 90s. This dash has seen much revision, however, and now features a large TFT display and a smaller OLED unit, both of which show various vital statistics for the car. The screens have been neatly hacked in, one as part of the tachometer, the other replacing the original fuel and temperature gauges. With the data displayed on the screen instead, there’s no need for the original dials. Continue reading “’90s Ford Gets Shift Paddles And A Digital Dash Upgrade” →

Caulking Gun Becomes Useful Press Tool For Fuel Line Fittings

May 11, 2022 by Lewin Day 29 Comments

The simple caulking gun is really useful when you’re working on some bathroom repairs or squirting construction adhesives about the place. However, with a few simple mods, it can become a great help in the mechanic’s workshop too.

It’s a great tool for cleanly pushing fittings into nylon fuel line.

This build consists of a series of 3D-printed parts that can readily be adapted to a garden-variety caulking gun. First up are a pair of fuel line clamps which are fastened together with nuts and bolts, The nylon fuel line is inserted between these, and the bolts are tightened up to hold the line firmly in place at the end of the caulking gun. The fitting to be installed into the line is then placed on the caulking gun’s plunger. It’s then a simple matter of pulling the trigger on the caulking gun to slowly press the fitting into the nylon line.

It’s a great hack which creates a useful linear press with just a few cents of PETG filament. If you find yourself doing a one-off fuel line job on a modern car, this could be just the tool you need. Parts are available on Thingiverse for those eager to print their own. The design is made for 3/8ths inch line, but could readily be modified or recreated to suit other diameters.

3D-printed tools can be useful in all kinds of ways, even in heavy-duty applications like press tooling. It often doesn’t have the same longevity of traditional metal tooling, but for small one-off jobs, the price saving is often more important than the hardiness of the tooling itself. If you’ve whipped up some great 3D-printed tools of your own, don’t hesitate to drop us a line!

EV Charging Connectors Come In Many Shapes And Sizes

April 28, 2022 by Lewin Day 69 Comments

Electric vehicles are now commonplace on our roads, and charging infrastructure is being built out across the world to serve them. It’s the electric equivalent of the gas station, and soon enough, they’re going to be everywhere.

However, it raises an interesting problem. Gas pumps simply pour a liquid into a hole, and have been largely standardized for quite some time. That’s not quite the case in the world of EV chargers, so let’s dive in and check out the current state of play.

AC, DC, Fast, or Slow?

Since becoming more mainstream over the past decade or so, EV technology has undergone rapid development. With most EVs still somewhat limited in range, automakers have developed ever-faster charging vehicles over the years to improve practicality. This has come through improvements to batteries, controller hardware, and software. Charging tech has evolved to the point where the latest EVs can now add hundreds of miles of range in under 20 minutes.

However, charging EVs at this pace requires huge amounts of power. Thus, automakers and industry groups have worked to develop new charging standards that can deliver high current to top vehicle batteries off as quickly as possible.

As a guide, a typical home outlet in the US can deliver 1.8 kW of power. It would take an excruciating 48 hours or more to charge a modern EV from a home socket like this.

In contrast, modern EV charge ports can carry anywhere from 2 kW up to 350 kW in some cases, and require highly specialized connectors to do so. Various standards have come about over the years as automakers look to pump more electricity into a vehicle at greater speed. Let’s take a look at the most common options out in the wild today. Continue reading “EV Charging Connectors Come In Many Shapes And Sizes” →