Tuesday, May 18, 2010

Car hacking could be in your future

For many years, I covered the technology sector in Canada and the United States, and focusing on the security and privacy matters. Matters of security always came down to a set of trade-offs, mostly between protecting data and identity and user functionality. If one wanted an easy user experience, security took a back seat. To make things more secure, to protect sensitive data and personal information, roadblocks had to be put into place which always meant the user experience suffered. To do the simplest task meant going through a set of cumbersome security protocols.
The default position is still to simply make the user experience as simple as possible while holding onto the hope that no one really cares about the letter someone is writing or does not know that the computer hard drive has sensitive information. The industry tells everyone to buy and regularly update anti-virus and anti-hacking software as all software and OS systems, regardless of the developer, is riddled with security holes and problems.
It seems the automotive industry is discovering this same problem. A team of researchers at the University of California-San Diego and the University of Washington find today’s automotive ECUs are vulnerable to outside attacks. ECUs currently control, and will control even more in the future, a wide set of subsystems. What they found was using a vehicle’s communications port -- accessible to any mechanic or mechanically savvy person -- the researchers were able to mount a set of attacks that soon allowed them to disengage the brakes to mucking about with the instrument panel. The researchers soon found every system, from the engine and brakes to the lights and locks were open to attacks that could prove dangerous.
This might not seem to be much of an issue, as a hacker has to have physical access to the vehicle and its data port. However, with newer vehicles now offering Internet and Blue-tooth connectivity, and people today expecting to be connected all the time to the Web and information, it is not too hard to see that sometime in the future car hacking could be a very real problem. The automotive industry will soon have to face the same kinds of issues the computer software industry faces: offering vehicle owners as much online and simple-to-use access to enhance the driving experience while protecting sensitive on-board systems. The automakers are lucky as this issue can be dealt with now and cheaply.

No comments:

Post a Comment