March 24, 2011 at 7:37 am
hnhaney2 (3/24/2011)
Once you understand that the car run a CAN network system between all major system, it's no different than network hack in the internet, Other than it CAN network, not a Ethernet network.
They really to rethink how the sub-systems are interconnected in these new automobiles. I don't know what marginal benefit there is to having your FM/CD/MP3 player networked with the car's controller, but it's one more potential point of failure. If this story is true, I'm never going to buy a car with a factory installed media system. I'll buy something on sale at BrandsMart USA, install it myself, and then decide which cables to leave unplugged.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
March 24, 2011 at 7:42 am
Eric M Russell (3/23/2011)
An MP3 player and an automobile engine are two unrelated systems that should not be tightly coupled.
Does the MP3 player double as a control for your AC/heat? Does it have centralized controls for "child locks" on the back doors, or lock/unlock for all the doors? Does it allow you to view MPG data? How about monitoring for engine/structural/other maintenance? Or do you build a separate control interface for each of those things? Integration makes it more efficient and less expensive, as well as more of a security risk.
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
March 24, 2011 at 7:58 am
GSquared (3/24/2011)
Eric M Russell (3/23/2011)
An MP3 player and an automobile engine are two unrelated systems that should not be tightly coupled.Does the MP3 player double as a control for your AC/heat? Does it have centralized controls for "child locks" on the back doors, or lock/unlock for all the doors? Does it allow you to view MPG data? How about monitoring for engine/structural/other maintenance? Or do you build a separate control interface for each of those things? Integration makes it more efficient and less expensive, as well as more of a security risk.
If the AC, door lock, and engine diagnostic components are integrated into the multimedia system, then that would mean that consumers can't just buy a generic FM/CD/MP3 deck off the shelf for $99. They would have no choice but to purchase their car with the system pre-installed and then go back to the dealer for upgrades, which means they will pay more. I'm sure it saves the manufactorer money, as well as generating a new revenue stream. But it limits the consumer's options, which means it's probably not saving them money. Just like networked kitchen appliances, it's a cool concept and maybe offers some marginal benefit, but it's a hard sell.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
March 24, 2011 at 8:04 am
After further reflection on this, I think a 'hay burner' is the only transportation solution that will solve this problem.....;-)
March 24, 2011 at 9:21 am
nelsonj-902869 (3/24/2011)
After further reflection on this, I think a 'hay burner' is the only transportation solution that will solve this problem.....;-)
Uh, having hay burners around here I'd say that I don't like the idea of them as primary means of moving around.
March 24, 2011 at 9:23 am
They do need to rethink the security here, especially as hacking is more likely in the future, not less. I can see that there might need to be two busses, one for conveniences(temp, radio), and one for security (doors, engine, lights, etc).
I think i'm going the other way and looking to buy older cars without all of the computer nonsense in them. I do like the proximity sensors in my key that allow the doors to lock/unlock without me pulling the key out of my pocket, but if there tradeoff is poor security, I can skip that.
March 24, 2011 at 9:24 am
Eric M Russell (3/24/2011)
GSquared (3/24/2011)
Eric M Russell (3/23/2011)
An MP3 player and an automobile engine are two unrelated systems that should not be tightly coupled.Does the MP3 player double as a control for your AC/heat? Does it have centralized controls for "child locks" on the back doors, or lock/unlock for all the doors? Does it allow you to view MPG data? How about monitoring for engine/structural/other maintenance? Or do you build a separate control interface for each of those things? Integration makes it more efficient and less expensive, as well as more of a security risk.
If the AC, door lock, and engine diagnostic components are integrated into the multimedia system, then that would mean that consumers can't just buy a generic FM/CD/MP3 deck off the shelf for $99. They would have no choice but to purchase their car with the system pre-installed and then go back to the dealer for upgrades, which means they will pay more. I'm sure it saves the manufactorer money, as well as generating a new revenue stream. But it limits the consumer's options, which means it's probably not saving them money. Just like networked kitchen appliances, it's a cool concept and maybe offers some marginal benefit, but it's a hard sell.
I think it's not so much that everything is integrated into the multimedia system, but that there is a fairly generic control system that provides access to everything, including media services. I could be wrong (I usually am!), but I would equate it more to computers and networks that we use at home and in the office. In those systems, we have a collection of fairly generic computers running software directly and accessing client-server applications over the network. They might not be there yet, but I'm sure that's the direction they're going. Even my boat is like that: I have a GPS-enabled fish finder, but I can easily hook up other devices (alternative GPS or sonar, radar, fuel-flow meters, speedometers, depth-controlled downriggers, trolling motors, media players, etc.). If somebody gave me a bad MP3 that I tried to use via that fish finder, perhaps that would ultimately lead to the ability to take control over the trolling motor or feed bad GPS and/or depth data. Thus, the convenience and power of centralized, generic control opens up the possibility of cross-system attacks. In fact, I'm not sure it's even fair to call it 'cross-system' at that point, because it's really single system of integrated services.
March 24, 2011 at 9:29 am
Thats why I like old car. I had a 85 Firebird, remove the computer all together and still ran fine. I agree that some systems should not be tied together.
March 24, 2011 at 10:54 am
I find this editorial interesting in that I had a recent discussion concerning new car models that have wifi enabled in the car. The wifi in these cars is unencrypted and not password protected. Imagine the possibilities to hack the system from a completely open wifi network. Anything from using the car as a middle-man in hacking somebody else, to malicious attacks on the car owner (such as pranks or complete system destruction).
I think it may be getting easier and easier to hack a car.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
March 24, 2011 at 11:19 am
CirquedeSQLeil (3/24/2011)
I find this editorial interesting in that I had a recent discussion concerning new car models that have wifi enabled in the car. The wifi in these cars is unencrypted and not password protected. Imagine the possibilities to hack the system from a completely open wifi network. Anything from using the car as a middle-man in hacking somebody else, to malicious attacks on the car owner (such as pranks or complete system destruction).I think it may be getting easier and easier to hack a car.
Look at it this way, with a non password protected wifi router in every new car, there is no reason to subscribe to wifi hotspots or mobile broadband.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
March 25, 2011 at 4:53 am
Adding code to a popular MP3 song could infect millions of people
I've heard of viruses jumping between species, but a virus spreading from machines to people? Or maybe it will only infect people with cars - some sort of badly written driver?
Just as well I've re-formatted by brain and installed Linux...
March 25, 2011 at 6:43 am
Eric M Russell (3/24/2011)
GSquared (3/24/2011)
Eric M Russell (3/23/2011)
An MP3 player and an automobile engine are two unrelated systems that should not be tightly coupled.Does the MP3 player double as a control for your AC/heat? Does it have centralized controls for "child locks" on the back doors, or lock/unlock for all the doors? Does it allow you to view MPG data? How about monitoring for engine/structural/other maintenance? Or do you build a separate control interface for each of those things? Integration makes it more efficient and less expensive, as well as more of a security risk.
If the AC, door lock, and engine diagnostic components are integrated into the multimedia system, then that would mean that consumers can't just buy a generic FM/CD/MP3 deck off the shelf for $99. They would have no choice but to purchase their car with the system pre-installed and then go back to the dealer for upgrades, which means they will pay more. I'm sure it saves the manufactorer money, as well as generating a new revenue stream. But it limits the consumer's options, which means it's probably not saving them money. Just like networked kitchen appliances, it's a cool concept and maybe offers some marginal benefit, but it's a hard sell.
Exactly.
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
March 25, 2011 at 6:46 am
nelsonj-902869 (3/24/2011)
After further reflection on this, I think a 'hay burner' is the only transportation solution that will solve this problem.....;-)
I've done that before, and if you auto manufacturers can be stubborn, pains in the a**, that have their own ideas about how to do things which may or many not comply with your wishes, then you've obviously never ridden a "hay burner".
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
March 25, 2011 at 6:48 am
paul.jones (3/25/2011)
Adding code to a popular MP3 song could infect millions of people
I've heard of viruses jumping between species, but a virus spreading from machines to people? Or maybe it will only infect people with cars - some sort of badly written driver?
Just as well I've re-formatted by brain and installed Linux...
LOL! But have you patched your driver driver?
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
April 11, 2011 at 8:50 am
This highlights something that that DOD has known for a long time: the best way to guard a system from attack via connections is to have no connections.
Since microprocessors are so cheap now, why do we bother connecting the sound system of the car to any other part of the car's nervous system?
Viewing 15 posts - 16 through 30 (of 47 total)
You must be logged in to reply to this topic. Login to reply