34C3: Using Your Car As Video Game Controller

Despite the presence of human drivers, modern cars are controlled by computers. In his talk at the Chaos Communication Congress [Guillaume Heilles] and [P1kachu] demonstrate the potential of taking control of a car’s computer. This of course leads to the natural conclusion of emulate an Xbox controller and using the car to play computer games.

His research was limited by the fact that the only cars they had access to were the daily drivers of different members of [P1kachu]’s family, which meant that all tinkering had to be strictly non-destructive. Despite this, they achieved impressive results and deliver a great introduction into reverse engineering.

[P1kachu] used a RasPi and an OBD-II adapter to access the car’s CAN bus and begins the presentation with a quick overview of the protocol. He then briefly touches on security measures that he ran into, which are optional and their implementation varies widely between manufacturers. His first attempt to access the CAN bus was successfully blocked by a challenge-response algorithm doing its work. His mother’s convertible however provided no such obstacles and gaining access allowed him to map the position of the steering wheel and pedals to a game controller, using the car to play video games.

After this, [Guillaume] steps in and walks us through the teardown of a gadget that plugs into the OBD-II port and claims to do amazing things for your car’s mileage by reprogramming the ECU. The device was not brand specific and after having seen the variations in the ways different manufacturers implement the protocol, [Guillaume] and [P1kachu] doubted that the gadget was capable of even holding the information required to modify every known implementation out there. Listening to the output of the device, along with a quick analysis of the circuit followed by decapping the single chip they found, showed that their doubt was justified. The lecture closes with an extended Q&A that adds more information on car hacking. Those that don’t have access to a car can instead tear down hot glue guns, doppler modules or antique calculators.

Continue reading “34C3: Using Your Car As Video Game Controller”

Blackberry Eyes Up Car Anti-Virus Market

[Reuters] reports that BlackBerry is working with at least two car manufacturers to develop a remote malware scanner for vehicles, On finding something wrong the program would then tell drivers to pull over if they were in critical danger.

The service would be able to install over-the-air patches to idle cars and is in testing phase by Aston Martin and Range Rover. The service could be active as early as next year, making BlackBerry around $10 a month per vehicle.

Since the demise of BlackBerry in the mobile phone sector, they’ve been hard at work refocusing their attention on new emerging markets. Cars are already rolling computers, and now they’re becoming more and more networked with Bluetooth and Internet connections. This obviously leaves cars open to new types of attacks as demonstrated by [Charlie Miller] and [Chris Valasek]’s hack that uncovered vulnerabilities in Jeeps and led to a U.S. recall of 1.4 million cars.

BlackBerry seem to be hedging their bets on becoming the Kingpin of vehicle anti-virus. But do our cars really belong on the Internet in the first place?

Car Security Experts Dump All Their Research and Vulnerabilities Online

[Charlie Miller] and [Chris Valasek] Have just released all their research including (but not limited to) how they hacked a Jeep Cherokee after the newest firmware updates which were rolled out in response to their Hacking of a Cherokee in 2015.

FCA, the Corp that owns Jeep had to recall 1.5 million Cherokee’s to deal with the 2015 hack, issuing them all a patch. However the patch wasn’t all that great it actually gave [Charlie] and [Chris] even more control of the car than they had in the first place once exploited. The papers they have released are a goldmine for anyone interesting in hacking or even just messing around with cars via the CAN bus. It goes on to chronicle multiple hacks, from changing the speedometer to remotely controlling a car through CAN message injection. And this release isn’t limited to Jeep. The research covers a massive amount of topics on a number of different cars and models so if you want to do play around with your car this is the car hacking bible you have been waiting for.

Jeep are not too happy about the whole situation. The dump includes a lot of background for vehicles by multiple manufactureres. But the 2015 hack was prominent and has step by step instructions. Their statement on the matter is below.

Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems.

We anticipate seeing an increasing number of security related releases and buzz as summer approaches. It is, after all, Network Security Theatre season.

Reverse Engineering the Smart ForTwo CAN Bus

The CAN bus has become a defacto standard in modern cars. Just about everything electronic in a car these days talks over this bus, which makes it fertile ground for aspiring hackers. [Daniel Velazquez] is striking out in this area, attempting to decode the messages on the CAN bus of his Smart ForTwo.

[Daniel] has had some pitfalls – first attempts with a Beaglebone Black were somewhat successful in reading messages, but led to strange activity of the car and indicators. This is par for the course in any hack that wires into an existing system – there’s a high chance of disrupting what’s going on leading to unintended consequences.

Further work using an Arduino with the MCP_CAN library netted [Daniel] better results, but  it would be great to understand precisely why the BeagleBone was causing a disturbance to the bus. Safety is highly important when you’re hacking on a speeding one-ton metal death cart, so it pays to double and triple check everything you’re doing.

Thus far, [Daniel] is part way through documenting the messages on the bus, finding registers that cover the ignition and turn signals, among others. Share your CAN hacking tips in the comments. For those interested in more on the CAN bus, check out [Eric]’s great primer on CAN hacking – and keep those car hacking projects flowing to the tip line!

First Look: Macchina M2

In the past few years, we’ve seen a growth in car hacking. Newer tools are being released, which makes it faster and cheaper to get into automotive tinkering. Today we’re taking a first look at the M2, a new device from the folks at Macchina.

The Macchina M1 was the first release of a hacker friendly automotive device from the company. This was an Arduino compatible board, which kept the Arduino form factor but added interface hardware for the protocols most commonly found in cars. This allowed for anyone familiar with Arduino to start tinkering with cars in a familiar fashion. The form factor was convenient for adding standard shields, but was a bit large for using as a device connected to the industry standard OBD-II connector under the dash.

The Macchina M2 is a redesign that crams the M1’s feature set into a smaller form factor, modularizes the design, and adds some new features. With their Kickstarter launching today, they sent us a developer kit to review. Here’s our first look at the device.

Continue reading “First Look: Macchina M2”

One Hundred Weeks of Legal Car Hacking

There is a scene in the movie “Magic Mike” where the lead character — a male stripper — explains to a room of women the laws against having physical contact with a performer. Then he intones, “… but I see a lot of lawbreakers up in this house.”

We know if we could look out through the Web browser, we could say the same thing. There’s a lot of gray zone activities considered commonplace. Have you ever ripped a CD or DVD to take with your on your phone? Gray; we won’t judge. A lot of the legal issues involved are thorny (and I should point out, I’m not a lawyer, so take what I say with a grain of salt).

Do you own your car? Well, probably you and the bank, but certainly the deal you made involves the idea that you own the car. If it is paid off, you can do what you like with it, including — if you wanted to — stripping it bare for parts. Back in the day, your car was some wheels and some mechanical devices. These days, it is a computer (actually, a few computers) and some I/O devices that process gasoline into rotary motion. Computers have software. Do you own that software?

The answer has, legally, been no. However, a recent decision by the US Copyright office allows car owners to legally analyze and modify their vehicle software (with some limitations) for the next two years. After that? We’ll see.

Continue reading “One Hundred Weeks of Legal Car Hacking”

Books You Should Read: The Car Hacker’s Handbook

I just had my car in for an inspection and an oil change. The garage I take my car to is generally okay, they’re more honest than a stealership, but they don’t cross all their t’s and dot all their lowercase j’s. A few days after I picked up my car, low and behold, I noticed the garage didn’t do a complete oil change. The oil life indicator wasn’t reset, which means every time I turn my car on, I’ll have to press a button to clear an ominous glowing warning on my dash.

For my car, resetting the oil life indicator is a simple fix – I just need to push the button on the dash until the oil life indicator starts to blink, release, then hold it again for ten seconds. I’m at least partially competent when it comes to tech and embedded systems, but even for me, resetting the oil life sensor in my car is a bit obtuse. For the majority of the population, I can easily see this being a reason to take a car back to the shop; the mechanic either didn’t know how to do it, or didn’t know how to use Google.

The two most technically complex things I own are my car and my computer, and there is much more information available on how to fix or modify any part of my computer. If I had a desire to modify my car so I could read the value of the tire pressure monitors, instead of only being notified when one of them is too low, there’s nowhere for me to turn.

2015 was the year of car hacks, ranging from hacking ECUs to pass California emissions control standards, Google and Tesla’s self-driving cars, to hacking infotainment systems to drive reporters off the road. The lessons learned from these hacks are a hodge-podge of forum threads, conference talks, and articles scattered around the web. While you’ll never find a single volume filled with how to exploit the computers in every make and model of automobile, there is space for a reference guide on how to go about this sort of car hacking.

I was given the opportunity to review The Car Hacker’s Handbook by Craig Smith (259p, No Starch Press). Is it a guide on how to plug a dongle into my car and clear the oil life monitor the hard way? No, but you wouldn’t want that anyway. Instead, it’s a much more informative tome on penetration testing and reverse engineering, using cars as the backdrop, not the focus.

Continue reading “Books You Should Read: The Car Hacker’s Handbook”