Control Your Car from the Internet
Really. Or, for more fun, hack into the system and control someone else’s car from the Internet.
Really. Or, for more fun, hack into the system and control someone else’s car from the Internet.
derf • March 20, 2007 2:27 PM
Someone been watching Knight Rider reruns? Where are the turbo boost and ejection seat buttons?
Pat Cahalan • March 20, 2007 2:32 PM
control someone else’s car from the Internet.
Car bombs no longer need suicide drivers. Oooh! You can now take over a car driven by an innocent and turn it into a weapon of terror!
Tremaine • March 20, 2007 3:19 PM
This can’t possibly be more fun than controlling planes remotely. Nuh uh no way.
I want my remote control jumbo jet stuffed with hundreds of people wearing bad Hawaiian shirts!
http://www.schneier.com/blog/archives/2007/03/making_another.html
Alan • March 20, 2007 3:42 PM
Wasn’t this done in “Batman Returns”?
Geoff Lane • March 20, 2007 3:45 PM
Wasn’t this done in a James Bond movie?
Dom De Vitto • March 20, 2007 6:29 PM
Herbie !
(which is actually becoming reality – VW have created the research Golf [I guess a beetle would be corny] that can ‘drive itself’ – they call it the ’53+1′ after the famous car)
Snake Oil • March 20, 2007 8:51 PM
This is not a problem. It’s an opportunity. Combustion engines are old hat. What a good motor industry executive wants is to develop a new market.
Vehicle firewalls anybody?
jammit • March 20, 2007 11:56 PM
Try as I might, I can’t come up with a Windows/Linux joke that hasn’t been said already.
Woo • March 21, 2007 2:12 AM
hmm.. you can start the engine via the web. This could lead to interesting results if you leave the first gear in while parked (as I usually do).
Who is responsible when you get hit by a car without driver in it? The police may be able to track the web control usage back to one IP, but who was on that PC at that time? Oooh, I can smell funny lawsuits coming up 🙂
John Davies • March 21, 2007 3:49 AM
I like it but it’s lacking a few features:
“Excuse me sir but your car’s been stolen”
“Has it? Hang on …”
Logs in …
KABOOM!!
Perhaps it could automatically notify the insurance company as well.
I think I’ll wait for the open source alternative then I can code my own features ( but I promise to use my 1337 coding skills for good not evil )
Greg • March 21, 2007 7:47 AM
@Pat Cahala
Car bombs have never needed suicide drivers. Well not for a long time anyway.
Wiring up a car to a remote control is pretty easy. Its done frequently in Holloywood and would not be difficult for many eletronic hobbiest….
Thats the irony in all this.
paul • March 21, 2007 9:34 AM
Remote start makes a nice denial-of-service technique if you can run the car out of gas. Also a nice potential murder weapon when employed in an attached garage when occupants of the house are asleep.
And of course there will be a CALEA-style back door in the system so that law enforcement can track or stop any attached vehicle…
Whee.
Stephan Samuel • March 21, 2007 10:54 AM
Combine this with Volvo’s in-car heart rate sensor and you have a good monitoring system for race car drivers. Other than that, it seems pretty dangerous.
I’m still waiting for the first automotive virus that will now have the ability to control your car. Maybe then lawmakers will do something real and useful about stopping hackers, spam, viruses and identity theft. Or maybe we’ll just have multiple types of cars, the less expensive adware ones, and the “pro” unlocked version that only gets spam.
Realist • March 22, 2007 1:22 PM
Should make carjacking a little easier… …as well as heists of armoured vehicles (shades of “After the Sunset”).
Will present an interesting dilema for international law (similar to the issues of hacking and computer crimes) if the person who takes control voer the internet is in another country… where di the actual crime occur?
Phillip • March 23, 2007 9:24 AM
From the website comments and because I don’t wish to create an account there….
Posted at 12:15PM on Mar 17th 2007 by PaulM
Posted at 3:27PM on Mar 17th 2007 by Ford Mustang
Posted at 11:29PM on Mar 17th 2007 by PaulM
Anyone who thinks two-factor auth is any more of a silver bullet then encryption is (sadly….these people still do exist)….well…I’d hate to have them work security for my organization….unfortunately I think they do. People get a hold of buzz words and technology and have no idea what risks these technologies mitigate or how they mitigate them. The problem partly belongs to the industry…we don’t have enough security engineers/researches..but far too many practitioners who are not adequately trained to understand what they are practicing or how it helps.
The problem worsens itself when such people are given titles or promote themselves as “experts” =\
Just my $.02
P-Air • March 23, 2007 10:59 AM
From a more pedestrian perspective, I’m really getting tired of the saving-the-kids justifications like:
“Aside from providing a bit more convenience and protection, the major draw for some users, namely parents, is the ability to not only track the movements of the vehicle, but also be alerted via text message or email if the kiddies stray from set boundaries or operate the vehicle during certain times of the day or night (no more ditching school or sneaking into the love interest’s window at 3 AM).”
For Pete’s sake, why not just throw your kid in a room and not let them out until they’re 21 if every one is so damn concerned about tracking their every movement. Between that tracking everything they see, everyone they talk to…heck with this sort of logic for child rearing our country is doomed 😉 Giving up all of our privacy rights in exchange for our kids being safety seems like the framing for a non-existent dichotomy.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Alice McGregor • March 20, 2007 2:17 PM
I like the possibility of controlling an exploisve device with the “Set Motion Notification [Stop]” option. Wonder where I’ve seen -that- before? Brilliant.
Byline: “Bringing movie plot threats closer to reality.”