discuss-gnuradio
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Discuss-gnuradio] GNU Radio & USRP help reveal Security and Privacy


From: Matthias Wilhelm
Subject: Re: [Discuss-gnuradio] GNU Radio & USRP help reveal Security and Privacy Vulnerabilities of In-Car Wireless Networks
Date: Wed, 11 Aug 2010 18:05:14 +0200

Hi, 

for the really scary part, check out this paper:
Experimental Security Analysis of a Modern Automobile -- K. Koscher, A. 
Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. 
Anderson, H. Shacham, S. Savage. 
The IEEE Symposium on Security and Privacy, Oakland, CA, May 16-19, 2010.

All you need is an interface to the CAN bus of the car, and you can do stuff 
like
- disabling the brakes
- braking individual wheels
- increase the RPM of the engine
- shoot windshield fluid
- turn off the headlights
- lock the doors
- show what you want on the speed meter

and lots more. You can put your changes in volatile memory such that the 
evidence is lost on reboot, which you can trigger at will. They have tested it 
while driving as well.
I'm pretty confident that you can get to the central CAN bus via the wireless 
sensors, too. They showed that it worked with  third-party components like a 
radio because the critical and non-critical CAN busses are interconnected via 
bridges.

Matthias

Am 11.08.2010 um 16:56 schrieb Patrick Strasser:

> Hello!
> 
> FYI:
> Just found an article at a German computer news site (Golem)[1] about a paper 
> by Ishtiaq Rouf and Rob Miller from University of South Carolina and Rutgers 
> University about Security and Privacy Vulnerabilities of In-Car Wireless 
> Networks[2].
> They used GNU Radio and USRP to record the traffic between the tire pressure 
> sensors and the car.
> 
> Patrick
> 
> [1] http://www.golem.de/1008/77111.html
> [2] http://www.winlab.rutgers.edu/~Gruteser/papers/xu_tpms10.pdf
> -- 
> Engineers motto: cheap, good, fast: choose any two
> Patrick Strasser <patrick dot strasser at student dot tugraz dot at>
> Student of Telemati_cs_, Techn. University Graz, Austria




reply via email to

[Prev in Thread] Current Thread [Next in Thread]