[dZired]

A recent report by WikiLeaks claims that the Central Intelligence Agency (CIA) of the United States is trying to hack control systems of modern cars. These claims are said to be based on information received by WikiLeaks through former US government hackers and contractors.

Though the real aim behind hacking into the control systems of cars isn't known, WikiLeaks claims that the level of control CIA is trying to get on a modern car can help it to engage in nearly undetectable assassinations. CIA has been working on this project since 2014, while the amplitude of success it has garnered in hacking connected cars during the past three years isn't known.

Modern cars come with a lot of electronic and connectivity features, which have made them a target for hackers around the world. Technology website WIRED had demonstrated a car hack in 2015, where computer hackers were able to get access into a Jeep's control system and manipulate the car's air-conditioning, infotainment system, dashboard functions and even the steering, brakes and transmission.

In addition to cars, the leaked documents suggest that CIA hackers have also been targeting smartphones, cameras and even Smart TVs to function as covert spy devices.

Source: Mirror

Link to Team-BHP News

[dailydriver]

1. Hope this thread remains a short one with very less replies and even less presence on the internet. I don't want CIA to google CIA and find the team-bhp link for this article to appear on top of the search results .

2. Spying and hacking through unconventional means is a bitter reality of the day.

3. Cars are indeed vulnerable. With GPS/SIM enabled tracking mechanisms, Apple Carplay and Android Auto gaining popularity, remote controlling of cars is very much possible.

[srishiva]

Anything connected will be hacked. Not just by CIA but others too.

But use of mainstream OSes in everything from cars to TVs will only increase such incidents.

[deetjohn]

Looks like its time to invest in a Tata Safari with a jammer like the PM. It can help protect while being parked at home too.

[dailydriver]

Quote:

Originally Posted by deetjohn

Looks like its time to invest in a Tata Safari with a jammer like the PM.

OR

Follow Mr. Bean's footsteps and opt for safe solutions like this:

[Pontiac]

The system is vulnerable. It's only about time when someone can really demonstrate the car can be hacked before companies spring in to action. Like Fiat Chrysler did for their Jeep Cherokees in 2015. Not sure if the so called "fixes" are indeed fool proof.

http://www.bbc.com/news/technology-33650491

If a normal car can be hacked so easily, I cannot help but wonder what will be the plight of a "self driven car".

[Hrishi_111]

Quote:

Originally Posted by srishiva

Anything connected will be hacked. Not just by CIA but others too.

Exactly, all electronic systems are vulnerable for intrusion until they are being safeguarded explicitly.

Might be off topic, however there has been an interesting incident here in Pune on similar lines. This might not be termed as hacking exactly, however just an example how the automobile electronics can be tampered for illegal activities.

Pune Rural Police recently found that whenever they capture the trucks carrying illegal sand, the trucks would be stalled immediately in the middle of the road and the driver would run away. No matter how hard they try, the trucks would not start at all (this prevents police to captivate the vehicles in order to complete the legal formalities).

Upon further investigation, it was determined that the captured vehicles are being stalled using a remote controlled CPU mounted on the main ECU of the vehicle and it is being controlled through mobile phone (apparently the driver or people in surrounding area would control it).

Eventually police did find a way to remove these units and get the vehicles moving with the help of some experts.

Following is the article (in Marathi) published in local newspaper revealing this incident:
http://maharashtratimes.indiatimes.c...w/57502278.cms

[dark.knight]

I would've written about the garbage that is autonomous cars long back, but I feared the "progressives"/"neoterics"/"liberal" minded people would argue and debate about accepting and hugging the reality and not get left behind to become a square or traditionalist. India loves technology, perhaps more than America itself.. there are a few tin foil hatters in USA but not a single one in India from what can be seen.

Let me post instances by two of the foremost conspiracy theory gurus, one from America and the other from Britain, they do have their share of extremely nutty theories but by humanity, they have hit a home-run in terms of more than 50% accurate theories that later came out via means such as WikiLeaks, official government articles admitting the same in retrospect and of course CEO's of major corporations also admitting that they do what was exposed as conspiracy theories, only this time they sugar-coat it. Let me also warn in advance that both the conspiracy theorists have been speculated to be insiders as well, but I see no harm in what they do in terms of truth, whether in whole or a fraction.

Alex Jones :

https://www.youtube.com/watch?v=CJNO3CCI7rI

David Icke :

https://www.youtube.com/watch?v=jv6CEqys6ug

[Night_Fury]

Newly leaked documents by Wikileaks, named vault 7, reveal that CIA did explore the hacking of modern vehicles to carry out assassinations. further, they have the tools to read into your WhatsApp, telegram messages before encryption. only a tiny fraction of the total documents was obtained by Wikileaks now available in the public domain.
This is huge and confirms all our fears.
Alex jones on Vault 7:

https://www.youtube.com/watch?v=aGYkniMOZOo

source: http://www.ibtimes.co.uk/wikileaks-c...elease-1610452

[dailydriver]

Today's TOI carries this about the targets and aims of the exercise:

http://epaperbeta.timesofindia.com/G...0006&eid=31806

[SmartCat]

1) I can understand that since entertainment system is connected to internet, it can be hacked. How does the hacker have access to car's critical controls like accelerator, brakes, engine via the entertainment unit?

2) I'm a wee bit curious devices attached to OBD port. Is the OBD port one way street (data from ECU is read by the device)?. Can the device be hacked and instructions sent to ECU?

[Teesh@BHP]

Quote:

Originally Posted by smartcat

2) I'm a wee bit curious devices attached to OBD port. Is the OBD port one way street (data from ECU is read by the device)?. Can the device be hacked and instructions sent to ECU?

In general, yes, OBD protocol is mainly about reading data from the ECU; be it be fault memory information or any current values of the system(Engine speed etc). Now, OBD is a standardized protocol and each and every command sent by the tester (OBD connector) and the response by the ECU is defined by ISO. That is why, with literally any aftermarket OBD connector, you can fetch data from the ECU. Since it is completely a standard, I guess there's no scope of hacking and changing anything regarding the ECU functions.

However, there is one more protocol known as UDS (Unified diagnostic services protocol) and this is completely OEM specific. This is used to do a lot of stuff w.r.t ECU, you can read a hell a lot of information about ECU parameters, change a lot of parameters, perform various tests/routines on the system and what not.There are ways or as they call it, Services (commands rather) with which you can send requests to the ECU and get the response. Vehicle diagnosis is mainly performed using this protocol in service station than OBD. Now, this protocol and the way it is implemented in the ECU is strictly confidential and traditionally ONLY with OEM specific tester tool, ECU should be able to communicate.

Although, I do not know how the hacking is actually done, my guess is, they somehow figure out the commands related to UDS and also the various security levels implemented within UDS and hack into the ECU. Again, this is just a guess

[landcruiser123]

Not only CIA, but anyone who has the resources and the motives can get information from your devices which are connected to the internet.

What I'm worried is about this:

Quote:

Originally Posted by dZired

WikiLeaks claims that the level of control CIA is trying to get on a modern car can help it to engage in nearly undetectable assassinations.

Can anyone explain?

I hope it isn't true.

[mvadg]

Quote:

Originally Posted by landcruiser123

Not only CIA, but anyone who has the resources and the motives can get information from your devices which are connected to the internet.

What I'm worried is about this:



Can anyone explain?

I hope it isn't true.

Braking system failure, for one. Undetectable, meaning, after the malfunction everything is back to normal.

This link.

GPS spoofing (already demonstrated) - simply make the driver take a wrong turn into a cliff?

Many many others are possible. I need to think.

[dailydriver]

Not CIA related, but an article in today's TOI reveals how data collected from what we perceive as personal devices is being misused (subjective word, i know) by the authorities. An excerpt:

Quote:

An Ohio man claimed he was forced into a hasty window escape when his house caught fire last year. His pacemaker data obtained by police showed otherwise, and he was charged with arson and insurance fraud.
In Pennsylvania, authorities dismissed rape charges after data from a woman's Fitbit contradicted her version of her whereabouts during the 2015 alleged assault.

Vast amounts of data collected from our connected devices -fitness bands, smart refrigerators, thermostats and automobiles, among others -are increasingly being used in US legal proceedings to prove or disprove claims by people involved.

In a recent case that made headlines, authorities in Ar kansas sought, and eventually obtained, data from a murder suspect's Amazon Echo speaker to obtain evidence.

The US Federal Trade Commission in February fined television maker Vizio for secretly gathering data on viewers collected from its smart TVs and selling the information to marketers...

...the “always on“ nature of “internet of Things“ devices means huge amounts of personal information is circulating among companies, in the internet cloud and elsewhere, with few standards on how the data is protected or used. “The net result of these technologies is that we are forgoing our personal privacy and our personal autonomy and even sovereignty as humans and relinquishing that to a combination of state, harvesters of big data, omnipresent institutions and systems.“

A report last year from Harvard's Berkman Klein Center for internet studies pointed out the range of new connected devices that can yield evidence for law enforcement, “ranging from televisions and toasters to bed sheets, light bulbs, cameras, toothbrushes, door locks, cars, watches and other wearables,“ which “are being packed with sensors and wireless connectivity.“

Full article at: http://epaperbeta.timesofindia.com/A...20032017015014