Hacking Toyota Prius

White hat  hackers (a.k.a. the good hackers)  at Defcon 2013 was able to show and demonstrate ways to hacking into a Prius from a Bluetooth connections or other external connections.  But the interesting thing was that once they are hacked in to the bluetooth connection, they were able to do damaging task such as preventing the brakes from functioning or turn off all light or display consoles or present false information.

Because of my current study in security and information assurance, this  is really brought in some insight on the interviewer’s comments.  The whitehat hackers suggesting using a layer approach for security, but currently the automakers are simply using security by obscurity.  Both concepts were talked about in detail in my CISSP studies and security by obscurity is a definitely a NO NO.   So the objects for future auto computer systems should be designed around a layered security approach and by minimize the  connections between the different computing system and have a way of logging the events.

This podcast reminds me of the following:

First, it  reminds me of Battlestar Galactica,  where  Battlestar Galactica was an old ship with everything is  communicated by by hand or by by wired and nothing wireless or over the computer network, this is to  prevent hacking from the Cylons.

Second, the podcast mentioned how they were able to duplicate  and inject  control signals/commands in to the system communications bus which can cause events to happen (e.g. shut down all lights, or disable breaks).   With all this intelligence or computing power in a car now, maybe it is time to implement some basic security rules… almost like the 3 laws of robotics?  humm… not exactly but something to think about.

so I think I should go and find a 1969 Mustang and forget about all this high tech stuff … what do you think?