For anyone else who didn't know, I looked up what this is [1].
Essentially it boosts the search range for vehicles from a few feet to something more like 100 meters, when searching for wireless key devices. Then the car will unlock as if the device were very close.
The devices are very inexpensive and starting to see increased use.
Wouldn't say they are in denial about the issue. Wish I had some better sources, but if I recall the automotive industry has always had issues with security regarding keys and ignitions. My 99 Prizm key would work for most all other Chevy Prizm cars. I know that this "cross keying" would work on quite a few different brands and models as well. Some ignitions can be "popped" and screwdrivers used to start the ignition. My point being that security of starting an automobile or accessing one has been plagues with problems. Break the window etc. Some manufacturers do require the key fob to be present while the motor is running in some cases the feul pump will shut off if the key is not present. It is highly likely that the Tesla demo is for opening the CAN exploitability issue to the convention. Attacks on the CAN remotely are much more serious.
Can someone explain how this works? Naively, I'd expect that this is just a signal amplifier, which boosts the signal from the key fob to a level where the car will accept it as close enough (via inverse square law computations and a known transmit power). But the key fob would have to transmit far enough to reach the amplification point, no? If I have my keys in my pocket in my house, how is the key fob going to be putting out enough juice to reach more than a couple of feet, let alone through walls?
The automotive industry certainly has some interesting times ahead with regard to security. Audi's proposed plan for allowing deliveries to be placed in the boot of a locked car [0] certainly seems like it could be ripe for exploitation.
How seriously are car manufacturers going to take security though? Is it going to be like the numerous router manufacturers that don't seem bothered? Perhaps some kind of regulatory body will need to intervene to make automotive manufacturers take security seriously.
Currently many deliveries are just left on people's doorstep, and people "Pre-Sign" for expensive things so they don't risk missing the delivery (Apple offers this option). I fail to see why someone would go through the effort of trying to get into a trunk when you can easily target the non-Audi owners with packages out in the open?
I worked at a process automation firm in the early 00's that had micro-controller software written in ASM and C that was in sore need of standardization; we referenced MISRA C [0] in researching a sound way to improve that code. After all, those instruments were headed for nuclear refineries and submarines.
Per EETimes [1]: MISRA C is a subset of the C language. In particular, it is based on the ISO/IEC 9899:1990 C standard, which is identical to the ANSI X3.159-1989 standard, often called C ’89. Thus every MISRA C program is a valid C program. The MISRA C subset is defined by 141 rules that constrain the C language. Correspondingly, MISRA C++ is a subset of the ISO/IEC 14882:2003 C++ standard. MISRA C++ is based on 228 rules, many of which are refinements of the MISRA C rules to deal with the additional realities of C++.
I did a quick search for Tesla programming jobs and they do command a familiarity with MISRA C, so somewhere it is being used by Tesla in their firmware. That standard is supposed to ensure security and reliability in firmware programming for critical devices, such as motor vehicles. I wonder if this knowledge expands upon this challenge and other avenues for hacking Tesla, and also I wonder if MISRA C practices extend to outlying modules in the vehicle...
I too thought the same thing and got really excited (not that I own a Tesla or have any chance of owning one any time soon). Tesla just gives me hope for the future of automobiles.
Obligatory: HACKERS CAN TURN YOUR CAR INTO A BOMB [0]
But on a more serious note this is pretty cool to see not only Tesla but GM and BMW reaching out to these groups. We saw an article or two here on HN not to long about about, IIRC, car makers trying to use DMCA to prevent people from modifying the software in their cars [1] (I know there was another article about tractors as well [2]). I'd be interested to know Tesla/GM/BMW's stance on that issue. They are opening up to hackers to find issues but that doesn't mean they are on board with making it easy for people to modify software in their cars.
So do I have to tie both hands behind my back to find a problem before Tesla will acknowledge their error or award a bounty?
What if there is an intractable design flaw that is costly to fix? Will it get swept under the rug as they get litigious with those who attempt to expose it?
The assumption usually is if the bounty is less than the expected reward from exploiting a system, then you're really not doing anything other than a PR stunt.
I don't see a mention of a bounty. I do see a mention of them keeping track of those trying to exploit their system at Defcon. Not sure of what the supposed benefit to those that attempt to break their system is.
It's interesting reading this about a car maker, when I work for a home device maker and fight tooth and nail to open up API control of home security/thermostats.
People find a way in either way, whether you want them to or not.
We can only hope this becomes a more widely adopted practice. Vehicle computer security, especially when it relates to self driving Autos, needs way more attention to operational security than it has been given.
[+] [-] TwoBit|11 years ago|reply
[+] [-] mod|11 years ago|reply
Essentially it boosts the search range for vehicles from a few feet to something more like 100 meters, when searching for wireless key devices. Then the car will unlock as if the device were very close.
The devices are very inexpensive and starting to see increased use.
[1] http://www.networkworld.com/article/2909589/microsoft-subnet...
[+] [-] sprkyco|11 years ago|reply
[+] [-] POiNTx|11 years ago|reply
[+] [-] cheald|11 years ago|reply
[+] [-] TheLoneWolfling|11 years ago|reply
There are far too many attacks that get ignored because they don't match the company's threat model, in general, and this is no exception.
[+] [-] dror|11 years ago|reply
[+] [-] netcan|11 years ago|reply
Normal keys work great. I don't see the big advantage of techno-keys that outweighs the (almost inevitable) cost of paying so much for a spare.
[+] [-] takeda|11 years ago|reply
[+] [-] ryandetzel|11 years ago|reply
[+] [-] netcan|11 years ago|reply
[+] [-] hunt|11 years ago|reply
How seriously are car manufacturers going to take security though? Is it going to be like the numerous router manufacturers that don't seem bothered? Perhaps some kind of regulatory body will need to intervene to make automotive manufacturers take security seriously.
[0] http://www.bbc.co.uk/news/technology-32431301
[+] [-] kenrikm|11 years ago|reply
[+] [-] christianbryant|11 years ago|reply
Per EETimes [1]: MISRA C is a subset of the C language. In particular, it is based on the ISO/IEC 9899:1990 C standard, which is identical to the ANSI X3.159-1989 standard, often called C ’89. Thus every MISRA C program is a valid C program. The MISRA C subset is defined by 141 rules that constrain the C language. Correspondingly, MISRA C++ is a subset of the ISO/IEC 14882:2003 C++ standard. MISRA C++ is based on 228 rules, many of which are refinements of the MISRA C rules to deal with the additional realities of C++.
I did a quick search for Tesla programming jobs and they do command a familiarity with MISRA C, so somewhere it is being used by Tesla in their firmware. That standard is supposed to ensure security and reliability in firmware programming for critical devices, such as motor vehicles. I wonder if this knowledge expands upon this challenge and other avenues for hacking Tesla, and also I wonder if MISRA C practices extend to outlying modules in the vehicle...
[0] MISRA C: http://www.misra-c.com/ [1] http://www.eetimes.com/document.asp?doc_id=1279810
[+] [-] sylvinus|11 years ago|reply
[+] [-] joshstrange|11 years ago|reply
[+] [-] joshstrange|11 years ago|reply
But on a more serious note this is pretty cool to see not only Tesla but GM and BMW reaching out to these groups. We saw an article or two here on HN not to long about about, IIRC, car makers trying to use DMCA to prevent people from modifying the software in their cars [1] (I know there was another article about tractors as well [2]). I'd be interested to know Tesla/GM/BMW's stance on that issue. They are opening up to hackers to find issues but that doesn't mean they are on board with making it easy for people to modify software in their cars.
[0] http://www.homelandsecureit.com/wp-content/uploads/2012/10/C...
[1] https://www.eff.org/deeplinks/2015/04/automakers-say-you-don...
[2] https://news.ycombinator.com/item?id=9414211
[+] [-] task_queue|11 years ago|reply
What if there is an intractable design flaw that is costly to fix? Will it get swept under the rug as they get litigious with those who attempt to expose it?
The assumption usually is if the bounty is less than the expected reward from exploiting a system, then you're really not doing anything other than a PR stunt.
I don't see a mention of a bounty. I do see a mention of them keeping track of those trying to exploit their system at Defcon. Not sure of what the supposed benefit to those that attempt to break their system is.
It makes a nice headline though.
[+] [-] supergeek133|11 years ago|reply
People find a way in either way, whether you want them to or not.
[+] [-] scuba7183|11 years ago|reply
[+] [-] hipster_robot|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] ww520|11 years ago|reply