Sometimes, you move to a new city, and things just aren’t going your way. You’re out of cash, out of energy, and thanks to your own foolishness, your car’s battery is dead. You need to jump-start the car, but you’re feeling remarkably antisocial, and you don’t know anyone else in town you can call. What do you do?
It’s not a problem, because you’re a hacker and you have a cordless drill in the back seat of your car. The average drill of today tends to run on a nice 18 volt lithium battery pack. These packs are capable of delivering large amounts of current and can take a lot of abuse. This is where they come in handy.
Typically, when jump starting a car, another working vehicle is pulled into place, and the battery connected in parallel with the dead battery of the disabled vehicle. Ideally, the working vehicle is then started to enable its alternator to provide charge to the whole system to avoid draining its own battery. At this point, the disabled vehicle can be started and its alternator can begin to recharge its own battery. After disconnecting everything, you’re good to go.
Continue reading “Jump Start Your Car With A Drill Battery”
Although we’ve never had the privilege to drive one, [skaarj] tells us Dacia made some terrible cars. The Dacia 1310, a communist clone of the Renault 12, was cheap, had sixty-two horses under the hood, and was easy to maintain. The cabin, by all accounts, is a bit lacking, giving [skaarj] the opportunity to improve the instrument cluster and dash. He’s not throwing a stereo in and calling it a day – [skaarj] is upgrading his Dacia with retro-futuristic components including a vacuum tube amp, a CRT computer display, and an unspeakably small dumb terminal.
[skaarj]’s build began with a hit and run accident. With most of the body panels on the passenger side of the car removed, [Skaarj] ground some rust, rattle canned some rust proof paint, and bondoed the most offensive corrosion. Work then began on the upgraded dash, with a few choice components chosen including an old Soviet television, a hardware neural network to determine hardware faults, and a bizarre implementation of a CAN bus on a car without any of the requisite electronics.
This is one of those projects that can go on forever; there’s a lot you can do with the dashboard of a car if you’re not constrained by a suffocating desire to appear normal. In that respect, [skaarj] has this one locked up – he’s got a vacuum tube amplifier and enough CRTs in this car to add retro satellite navigation. It’s a great entry for The Hackaday Prize, as something cool is sure to come out of this project.
The RF signal transmitted from a modern key fob and received by the associated vehicle is only used once. If the vehicle sees the same code again it rejects the command, however there is a loophole in those carefully chosen words. The code must be received by the vehicle’s computer before it can be added to the list of spent codes. [AndrewMohawk] goes through the process of intercepting a code sent from a key fob transmitter and preventing the vehicle from receiving it in a thorough post to his blog. You can see this attack working in his studio quality reenactment video after the break.
[Andrew] uses the YARD Stick One (YS1) which is a sub-GHz wireless tool that is controlled from a computer. The YS1 uses RfCat firmware, which is an interactive python shell that acts as the controller for the wireless transceiver.
This system is not without its problems: different frequencies are often used for different commands, [Andrew]’s scripts are designed to work with On-Off keying (OOK) leaving it useless when attacking a system that uses Frequency-Shift Keying (FSK). There is also the issue of rendering a target key fob non-functional but you’ll have to pop over to [Andrew]’s blog to read more about that.
Continue reading “RF Hacking: How-To Bypass Rolling Codes”
With the summer’s big security conferences over, now is a good time to take a look back on automotive security. With talks about attacks on Chrysler, GM and Tesla, and a whole new Car Hacking village at DEF CON, it’s becoming clear that autosec is a theme that isn’t going away.
Up until this year, the main theme of autosec has been the in-vehicle network. This is the connection between the controllers that run your engine, pulse your anti-lock brakes, fire your airbags, and play your tunes. In most vehicles, they communicate over a protocol called Controller Area Network (CAN).
An early paper on this research [PDF] was published back in 2010 by The Center for Automotive Embedded Systems Security,a joint research effort between University of California San Diego and the University of Washington. They showed a number of vulnerabilities that could be exploited with physical access to a vehicle’s networks.
A number of talks were given on in-vehicle network security, which revealed a common theme: access to the internal network gives control of the vehicle. We even had a series about it here on Hackaday.
The response from the automotive industry was a collective “yeah, we already knew that.” These networks were never designed to be secure, but focused on providing reliable, real-time data transfer between controllers. With data transfer as the main design goal, it was inevitable there would be a few interesting exploits.
Continue reading “The Year of the Car Hacks”