infotainment

15 Articles

A black and white line drawing of a vehicle interior showing the dashboard and. steering wheel. On the infotainment screen, the words "Selected Ad" are emblazoned in large letters.

Will You Need Ad Block For Your Car?

September 24, 2024 by 113 Comments

The modern web has become difficult to navigate without ad blocking software. Ford now has a patent application that would bring the ads we hate to your vehicle’s infotainment system. [via PCMag]

Ford has already replied to criticism with the usual corporate spiel of patents not necessarily being the direction the company will go with future products, but it’s hard to imagine that other automakers aren’t planning similar systems since they’re already charging extra for heated seats, EV range, and performance. Bringing ads to the captive audience of your personal vehicle and targeting them based on listening to the occupants’ conversations would be a new low. Maybe you’ll be able to pay an extra $100/month for the “ad-free experience.”

Instead of taking advantage of the EV transition to make better, simpler cars, automakers are using their highly-computerized nature to extract more from you and provide less when you drive off the lot. Enshittification has come for the automobile. Perhaps auto executives should read A Few Reasonable Rules for the Responsible Use of New Technology?

The first step of blocking these ads will likely be jailbraking the infotainment system. If that wasn’t enough, locking features behind a paywall has come for wheelchairs too.

A black PCB with a cellular modem board piggy backed on top. It has a micro-USB and DB-type connector on the end facing the camera.

Open Vehicle Monitoring System Is The Window To Your EV’s Soul

January 25, 2024 by 14 Comments

Electric cars have more widgets than ever, but manufacturers would rather you don’t have direct access to them. The Open Vehicle Monitoring System intends to change that for the user. [via Transport Evolved]

As car manufacturers hoover up user data and require subscriptions for basic features, it can be a frustrating time to make such a big purchase. Begun in 2011, OVMS now interfaces with over a dozen different EVs and gives you access to (or helps you reverse engineer) all the data you could want from your vehicle. Depending on the vehicle, any number of functions can be accessed including remote climate start or cell-level battery statistics.

The hardware connects to your car’s OBDII port and uses an ESP32 microcontroller connected to a  SIMCOM SIM7600G modem (including GPS) to provide support for 3 CAN buses as well as Wi-Fi and Bluetooth connections. This can be particularly useful for remote access to data for vehicles that can no longer phone home via their originally included cellular modems as older networks shut down.

Do you wish EVs weren’t so complicated? Read our Minimal Motoring Manifesto.

Keeping A Mazda’s Radio On After The Engine Shuts Off

November 22, 2023 by 51 Comments

Have you ever pulled into a car park with your favorite song blaring, only to lament the fact that the music cut out when you stopped the engine? Some modern cars are smart enough to keep the radio on until you open the door. [ssh16] decided to hack that very functionality into their Mazda MX-5.

The device uses a microcontroller to read the CAN bus of the vehicle. The microcontroller also has the ability to keep the vehicle’s ACC (accessory) relay energized at will. Thus, when the engine is turned off, the microcontroller keeps the ACC relay on, maintaining power to the stereo and infotainment system. Then, after ten minutes, or when it receives a CAN message that the driver’s door has been opened, it cuts power to the relay, shutting the accessories off. It’s a simple build, but one that [ssh16] executed cleanly. By putting the microcontroller on a neat PCB with a harness that can clip into the stock Mazda one, it’s possible to install the hack without needing to cut any wires. Plus, with a small modification, it was even possible to use the same hack with a Mazda CX-5.

Whether you’re jamming out to a cool song, or you just want to finish a phone call over Bluetooth, it’s a nifty feature to have in a vehicle. We’ve seen some other neat infotainment hacks before, too. Video after the break.

Continue reading “Keeping A Mazda’s Radio On After The Engine Shuts Off”

Jailbreaking Tesla Infotainment Systems

August 5, 2023 by 22 Comments

With newer cars being computers on wheels, some manufacturers are using software to put features behind a paywall or thwarting DIY repairs. Industrious hackers security researchers have taken it upon themselves to set these features free by hacking a Tesla infotainment system. (via Electrek)

The researchers from TU Berlin found that by using a voltage fault injection attack against the AMD Secure Processor (ASP) at the heart of current Tesla models, they could run arbitrary code on the infotainment system. The hack opens up the double-edged sword of an attacker gaining access to encrypted PII or a shadetree mechanic “extracting a TPM-protected attestation key Tesla uses to authenticate the car. This enables migrating a car’s identity to another car computer without Tesla’s help whatsoever, easing certain repairing efforts.” We can see this being handy for certain other unsanctioned hacks as well.

The attack is purported as being “unpatchable” and giving root access that survives reboots and updates of the system. Since AMD is a vendor to multiple vehicle companies, the question arises as to how widely applicable this hack is to other vehicles suffering from AaaS (Automotive as a Service).

Longing for a modern drivetrain with the simplicity of yesteryear? Read our Minimal Motoring Manifesto.

Get MOST Into Your Pi

August 3, 2023 by 15 Comments

When looking the modify a passenger vehicle, the Controller Area Network (CAN) bus is a pretty easy target. In modern vehicles it has access to most of the on-board systems — everything from the climate control to the instrument cluster and often even the throttle, braking, and steering systems. With as versatile as the CAN bus is, though, it’s not the right tool for every job. There’s also the Media Oriented Systems Transport (MOST) bus which is increasingly found in automotive systems to handle multimedia such as streaming music to the stereo. To access that system you’ll need to approach it slightly differently as [Rhys] demonstrates.

[Rhys] has been working on replacing the dated head unit in his Jaguar, and began by investigating the CAN bus. He got almost everything working with replacement hardware except the stereo, which is where the MOST bus comes into play. It provides a much higher bandwidth than the CAN bus can accommodate but with almost no documentation it was difficult to interact with at first. With the help of a Raspberry Pi and a lot of testing he is able to get the stereo working again with a much more modern-looking touchscreen for control. It is also able to do things like change CDs in the car’s CD player, gather song information from the CD to display on the panel, and can perform other functions of the infotainment center.

For more detailed information on the MOST bus, [Rhys] also maintains a website where he puts his discoveries and other information he finds about this system. Unfortunately car stereo systems in modern vehicles can get pretty complicated these days, but adapting car stereos in older vehicles to modern technology carries some interesting challenges as well.

Continue reading “Get MOST Into Your Pi”

Hyundai Is Doomed: Porting The 1993 Classic To A Hyundai Head Unit

June 11, 2023 by 6 Comments

In the natural order of the world, porting DOOM to any newly unlocked computing system is an absolute given. This a rule which [greenluigi1] understands all too well, leading to presumably the first Hyundai to be equipped with this all-time classic on its infotainment system. This follows hot on the trail of re-hacking said infotainment system and a gaggle of basic apps being developed for and run on said head unit (being the part of the infotainment system on the front dashboard). Although it is a Linux-based system, this doesn’t mean that you can just recompile DOOM for it, mostly because of the rather proprietary system environment.

To make life easy, [greenluigi1] picked doomgeneric as the version to port. The main selling point of this project is that it only requires the developer to implement five functions to support a new platform, which then ‘just’ left figuring out how to do this on a head unit. Two of these (DG_SleepMs() and DG_GetTicksMS()) could be copied verbatim from the X11/xlib port, but the remaining three required a bit of sleuthing.

Where things go sideways is with keeping the head unit’s Helix window manager happy, and stick to the limited ways a GUI application can be launched, including the way arguments are passed. For the PoC, it was decided to just hardcode these arguments and only register the game with Helix using an .appconf configuration file. When it came to drawing pretty graphics on the screen, this was decidedly easier since the system uses Qt5 and thus offers the usual ways to draw to a QPixmap, which in this case maps to the framebuffer.

After a few playful sessions with the head unit’s watchdog timer, [greenluigi1] found himself staring at a blank screen, despite everything appearing to work. This turned out to be due to the alpha channel value of 0 that was being set by default, along with the need for an explicit refresh of the QPixmap. Up popped DOOM, which left just the implementation of the controls.

In order to start the game, you have to literally buckle up, and the steering wheel plus media control buttons are your inputs, which makes for a creative way to play, and perhaps wear some bald spots onto your tires if you’re not careful. If you’d like to give it a shot on your own ride, you can get the project files on GitHub.

Continue reading “Hyundai Is Doomed: Porting The 1993 Classic To A Hyundai Head Unit”

Photo of the head unit , with "Hacked by greenluigi1" in the center of the UI

Hacking A Hyundai Ioniq’s Infotainment System Again After Security Fixes

June 8, 2023 by 15 Comments

These days modern cars are nothing if not a grouping of networked software held together by bits of hardware. This is reflected not only in the rapidly increasing number of ECUs, but also infotainment systems and all-glass cockpits. For better or worse, this offers many exciting hacking possibilities, which [greenluigi1] was more than happy to explore with their new 2021 Hyundai Ioniq SEL last year. Naturally, Hyundai then proceeded to ‘fix’ these vulnerabilities, offering the exciting chance to test the Hyundai engineers’ homework, and proceed to bypass it again.

When we last left off in [greenluigi1]’s adventures, the Hyundai D-Audio 2V Linux-based infotainment system (formally called in-vehicle entertainment, or IVI) in question had been convinced to run custom applications after a fair bit of effort to get root access via the Engineering Menu and some firmware image hacking. Joyous hacking and exploration of the car’s CAN network and RPC messaging system ensued. Then Hyundai released a new firmware image, after months of silence and all old firmware images pulled from the download page.

In this new firmware image, big changes were visible right off the bat, with two different ZIP files instead of the single one from before. One of these ZIP files also couldn’t be decrypted any more with the old key. Unfortunately for Hyundai, the curse of backwards compatibility with older IVIs meant that the ZIP targeting headunits running the older firmware also contained the key for the new ZIP file.

Other changes included some further obfuscation to this key and the public key used for firmware hash verification, which also involved using a Micom RPC call via the CAN bus to obtain some vehicle specific information. Unfortunately, this is where Hyundai’s engineers seemed to have stopped copying reference code samples, and used a unique RSA private key to sign firmware images with. Fortunately, they did not bother to check whether the updater actually always verifies the signature, allowing for unsigned code to be installed.

All in all, a fascinating bit of reverse-engineering and sheer stubborn persistence, just so that the IVI that’s in your car can run the applications which you developed. We’re looking forward to the next installments in this series as the ball is once again firmly in Hyundai’s court.