While I was walking my dog this morning, I was listening to one of my favorite podcast: Science Friday. They talked about something I found really interesting. The topic was about hacking, in particular hacking a Toyota Prius from remote.
White hat hackers (a.k.a. the good hackers) at Defcon 2013 was able to show and demonstrate ways to hacking into a Prius from a Bluetooth connections or other external connections. But the interesting thing was that once they are hacked in to the bluetooth connection, they were able to do damaging task such as preventing the brakes from functioning or turn off all light or display consoles or present false information.
Because of my current study in security and information assurance, this is really brought in some insight on the interviewer’s comments. The whitehat hackers suggesting using a layer approach for security, but currently the automakers are simply using security by obscurity. Both concepts were talked about in detail in my CISSP studies and security by obscurity is a definitely a NO NO. So the objects for future auto computer systems should be designed around a layered security approach and by minimize the connections between the different computing system and have a way of logging the events.
This podcast reminds me of the following:
First, it reminds me of Battlestar Galactica, where Battlestar Galactica was an old ship with everything is communicated by by hand or by by wired and nothing wireless or over the computer network, this is to prevent hacking from the Cylons.
Second, the podcast mentioned how they were able to duplicate and inject control signals/commands in to the system communications bus which can cause events to happen (e.g. shut down all lights, or disable breaks). With all this intelligence or computing power in a car now, maybe it is time to implement some basic security rules… almost like the 3 laws of robotics? humm… not exactly but something to think about.
so I think I should go and find a 1969 Mustang and forget about all this high tech stuff … what do you think?
NPR, Science Friday, Hacking Under the Hood and Into Your Car, http://www.sciencefriday.com/segment/08/02/2013/hacking-under-the-hood-and-into-your-car.html