Unwanted Car Software Update

Unwanted Car Software Update

Home Forums The Tea Room Unwanted Car Software Update

Viewing 3 posts - 26 through 28 (of 28 total)
  • Author
    Posts
  • #854903
    Clive Foster
    Participant
      @clivefoster55965

      Given the rapidity of improvements in AI computer code analysis I wonder how long it will be before hacker tools are produced to effectively crack this sort of software lock to re-enable things. Its quite surprising what sort of things can already be mucked about with.

      In principle remote disable is easily reversed given the sort of logic analysis AI can do.

      Frankly with modern computer power backed up by a AI reverse engineering teh whole kit and caboodle is merely time consuming with a bit of skilled analysis for the last 10% of bugs. Allegedly it’s already possible for programmers to produce over 80 % of program code using AI. OK this is all the boring boilerplate and pure logic stuff but car control systems are, of necessity, pure logic to ensure reliability.

      Clive

      #854914
      Adrian R2
      Participant
        @adrianr2

        Quite possibly – car control systems used to be and I hope still are written with high reliability embedded code, MISRA-C comes to mind, and I suspect you’d need access to the manufacturers source code to do much with/against it.

        This does not however apply to all the media and entertainment stuff which is quite likely built on the usual wobbly stack of unpatched open source components. Remote control apps for convenience functions are another weakness, as is connecting to the CAN bus and sniffing/injecting commands if they are not cryptographically verified so I will not be surprised when enabler boxes appear on the same grey markets that will sell you a “mileage correction” device.

         

         

         

        #854931
        John Haine
        Participant
          @johnhaine32865

          It’s all very well ignoring software updates but if it included a security fix to close a back door enabling villains to steal your car then not a good strategy!  I heard a presentation from a “white hat” hacker who penetrated the whole code of a Tesla a few years back.  He did the responsible thing and reported it to their disclosure team and the next thing that happened is the CIO unleashed their lawyers on him. Musk fired the CIO and told the hacker to hold fire on presenting at the Blackhat conference.  Tesla fixed the issue and rolled it out to the entire fleet the day before his talk, and Musk turned up to present him with a gold medal.

          So why is this interesting?  Well, had the hacker worn a black hat he might have threatened to close down the fleet unless paid a large ransom. Like it or not modern cars rely more and more on code for basic functions and it makes them cheaper and more reliable, but code is complex and needs patching in the face of the real world.

        Viewing 3 posts - 26 through 28 (of 28 total)
        • Please log in to reply to this topic. Registering is free and easy using the links on the menu at the top of this page.

        Latest Replies

        Home Forums The Tea Room Topics

        Viewing 25 topics - 1 through 25 (of 25 total)
        Viewing 25 topics - 1 through 25 (of 25 total)

        View full reply list.