{"id":160,"date":"2014-12-30T10:19:57","date_gmt":"2014-12-30T10:19:57","guid":{"rendered":"http:\/\/dawilson.co.uk\/blog\/?p=160"},"modified":"2017-03-08T18:41:17","modified_gmt":"2017-03-08T18:41:17","slug":"how-to-disable-your-cars-firewall","status":"publish","type":"post","link":"https:\/\/dawilson.co.uk\/blog\/how-to-disable-your-cars-firewall\/","title":{"rendered":"How to disable your car’s firewall"},"content":{"rendered":"

The power and perils of OBD-II<\/h1>\n

In 2010, the Centre for Automotive Embedded Systems Security<\/a> demonstrated the devastating consequences that could arise should malicious attackers gain access to\u00a0the on-board diagnostics port (OBD-II)\u00a0that has been fitted to most vehicles since the mid 1990s.<\/p>\n

This collaborative group of\u00a0academic researchers from the University of California San Diego and the University of Washington developed a tool\u00a0dubbed “CarShark” which, when plugged into the OBD-II port of a\u00a02009 car, gave them almost total control of the vehicle.<\/p>\n

While\u00a0some of the effects of their activities could be deemed as only mildly annoying, for example turning the audio equipment volume to maximum, sounding the horn, or even spoofing the dashboard\u00a0speed display, others are nothing short of life threatening.<\/p>\n

The team demonstrated that by transmitting correct commands (and even random bit streams in some cases), it was possibly to shut down the engine, prevent the brakes from functioning, and cause the brakes to lock unevenly, all during a typical driving scenario with speeds up to 40mph.<\/p>\n

\"CarShark
CarShark demonstration in 2010<\/figcaption><\/figure>\n

 <\/p>\n

\"Dashboard
Dashboard speed and RPM spoofing demonstrated in 2010<\/figcaption><\/figure>\n

Interest from independent researchers and hobbyist hackers<\/h1>\n

At the Black Hat Asia conference in May 2014, two Spanish security researchers demonstrated how their CAN Hacking Tool<\/a>, based\u00a0on a \u00a320 Arduino, puts a similar degree of power into the hands of the average hobbyist or hacker. However, when the story was covered by Forbes<\/a>, Toyota’s safety manager dismissed the viability of this type of\u00a0attack due to the need for physical access to the vehicle.<\/p>\n

\"A
A \u00a320 tool for attacking a vehicle’s communication network.<\/figcaption><\/figure>\n

When I forwarded details of the CarShark tool to one of the researchers, it was\u00a0apparent that they had not been influenced by this or any other similar previous work. Their \u00a320 hacking tool was purely a product of their own ingenuity and desire to discover the limits of what\u00a0is possible with the vehicles they own.<\/p>\n

Toyota’s safety manager however dismissed the viability of this type of\u00a0attack due to the need for physical access to the vehicle.<\/p><\/blockquote>\n

Removing the firewall<\/h1>\n

According to the following tweet that appeared in my feed this morning, some drivers may soon be\u00a0about to\u00a0remove the single layer of\u00a0network security provided by the vehicle’s locked doors, when they connect their OBD-II\u00a0interface directly to the\u00a0internet.<\/p>\n

\n

The @mialinkup<\/a> is bringing the Internet of Things to that old car of yours: http:\/\/t.co\/YyHwcxjEqE<\/a> #IoT<\/a> #Kickstarter<\/a> pic.twitter.com\/hmm0mtwZ44<\/a><\/p>\n

— Microchip Makes (@MicrochipMakes) December 29, 2014<\/a><\/p><\/blockquote>\n