Page 11 of 18
This FBI surveillance device, designed to be attached to a car, has been taken apart and analyzed.
A recent ruling by the 9th U.S. Circuit Court of Appeals affirms that it’s legal for law enforcement to secretly place a tracking device on your car without a warrant, even if it’s parked in a private driveway.
Impressive research:
By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse. When played on the car’s stereo, this song could alter the firmware of the car’s stereo system, giving attackers an entry point to change other components on the car.
It’s a clever hack, but an old problem: the authentication in these sorts of normal operations isn’t good enough to prevent abuse.
Johannesburg installed hundreds of networked traffic lights on its streets. The lights use a cellular modem and a SIM card to communicate.
Those lights introduced a security risk I’ll bet no one gave a moment’s thought to: that criminals might steal the SIM cards from the traffic lights and use them to make free phone calls. But that’s exactly what happened.
Aside from the theft of phone service, repairing those traffic lights is far more expensive than those components are worth.
I wrote about this general issue before:
These crimes are particularly expensive to society because the replacement cost is much higher than the thief’s profit. A manhole is worth $5–$10 as scrap, but it costs $500 to replace, including labor. A thief may take $20 worth of copper from a construction site, but do $10,000 in damage in the process. And the increased threat means more money being spent on security to protect those commodities in the first place.
Security can be viewed as a tax on the honest, and these thefts demonstrate that our taxes are going up. And unlike many taxes, we don’t benefit from their collection. The cost to society of retrofitting manhole covers with locks, or replacing them with less resalable alternatives, is high; but there is no benefit other than reducing theft.
These crimes are a harbinger of the future: evolutionary pressure on our society, if you will. Criminals are often referred to as social parasites, but they are an early warning system of societal changes. Unfettered by laws or moral restrictions, they can be the first to respond to changes that the rest of society will be slower to pick up on. In fact, currently there’s a reprieve. Scrap metal prices are all down from last year—copper is currently $1.62 per pound, and lead is half what Berge got—and thefts are down too.
We’ve designed much of our infrastructure around the assumptions that commodities are cheap and theft is rare. We don’t protect transmission lines, manhole covers, iron fences, or lead flashing on roofs. But if commodity prices really are headed for new higher stable points, society will eventually react and find alternatives for these items—or find ways to protect them. Criminals were the first to point this out, and will continue to exploit the system until it restabilizes.
This feels very creepy and police-state-like. What on earth could Walmart be worried about?
EDITED TO ADD (1/4): A reader points out that they’re increasingly common in parking lots to deter automobile crimes.
This shouldn’t be a surprise:
Karsten Nohl’s assessment of dozens of car makes and models found weaknesses in the way immobilisers are integrated with the rest of the car’s electronics.
The immobiliser unit should be connected securely to the vehicle’s electronic engine control unit, using the car’s internal data network. But these networks often use weaker encryption than the immobiliser itself, making them easier to crack.
What’s more, one manufacturer was even found to use the vehicle ID number as the supposedly secret key for this internal network. The VIN, a unique serial number used to identify individual vehicles, is usually printed on the car. “It doesn’t get any weaker than that,” Nohl says.
In an effort to shield their still-secret products from prying eyes, automakers testing prototype models, often in the desert and at other remote locales, have long covered the grilles and headlamps with rubber, vinyl and tape the perfunctory equivalent of masks and hats. Now the old materials are being replaced or supplemented with patterned wrappings applied like wallpaper. Test cars are wearing swirling paisley patterns, harlequin-style diamonds and cubist zigzags.
Inspector Richard Haycock told local newspapers that the possible use of the car lock jammers would help explain a recent spate of thefts from vehicles that have occurred without leaving any signs of forced entry.
“We do get quite a lot of car crime in the borough where there’s no sign of a break-in and items have been taken from an owner’s car,” Inspector Haycock said. “It’s difficult to get in to a modern car without causing damage and we get a reasonable amount of people who do not report any.
“It is a possibility that central locking jamming is being used,” he added.
Devices that block the frequency used by a car owner’s key fob might be used to thwart an owner’s attempts to lock a car, leaving it open for waiting thieves. A quick search of the internet shows that devices offering to jam car locks are easily available for around $100. Effectiveness at up to 100m is claimed.
I thought car door locks weren’t much of a deterrent to a professional car thief.
EDITED TO ADD (10/22): The thieves are not stealing cars, they’re stealing things left inside the cars.
EDITED TO ADD (11/10): Related paper.
Police set up a highway sign warning motorists that there are random stops for narcotics checks ahead, but actually search people who take the next exit.
Still minor, but this kind of thing is only going to get worse:
The new research shows that other systems in the vehicle are similarly insecure. The tire pressure monitors are notable because they’re wireless, allowing attacks to be made from adjacent vehicles. The researchers used equipment costing $1,500, including radio sensors and special software, to eavesdrop on, and interfere with, two different tire pressure monitoring systems.
The pressure sensors contain unique IDs, so merely eavesdropping enabled the researchers to identify and track vehicles remotely. Beyond this, they could alter and forge the readings to cause warning lights on the dashboard to turn on, or even crash the ECU completely.
More:
Now, Ishtiaq Rouf at the USC and other researchers have found a vulnerability in the data transfer mechanisms between CANbus controllers and wireless tyre pressure monitoring sensors which allows misleading data to be injected into a vehicle’s system and allows remote recording of the movement profiles of a specific vehicle. The sensors, which are compulsory for new cars in the US (and probably soon in the EU), each communicate individually with the vehicle’s on-board electronics. Although a loss of pressure can also be detected via differences in the rotational speed of fully inflated and partially inflated tyres on the same axle, such indirect methods are now prohibited in the US.
Paper here. This is a previous paper on automobile computer security.
EDITED TO ADD (8/25): This is a better article.
Sidebar photo of Bruce Schneier by Joe MacInnis.