60 Minutes pushes the panic button again 1


I'm sure that after last night's +60 Minutes report about DARPA hackers taking remote control of a car (and btw what a lame job they did on masking that Chevy Impala to prevent people from knowing what it was) people will start to panic again about automotive security.

First of all, we've yet to see any evidence that they did this without first having physical access to the vehicle and tampering with it as all previous hacks have required. If they did tamper with the vehicle prior to the demonstration, then that really isn't any different from someone going in and cutting the brake lines. If however, they managed to take control without any initial access, this is much more serious. I've been telling people within the industry for years that they need to set up a bounty program like tech companies do for responsible disclosure of security exploits. At least Tesla has been hiring some black hat attackers to try to puncture its systems. Perhaps, this will finally spur everyone to more serious action.?

Time for Automakers to Get Real on Vehicle Security
Recently, the annual Black Hat and DefCon computer security conferences took place in Las Vegas, and this week the National Highway Traffic Safety Administration (NHTSA) announced a notice of propo…

Post imported by Google+Blog for WordPress.


Leave a comment

One thought on “60 Minutes pushes the panic button again

  • Tim Lewis

    Whatever the case, I think it's clear that as cars become more and more connected, they also become more and more vulnerable to attack from someone who did not have previous access.

    Having said that, I do think car companies should allow the possibility of a certain amount of external control (maybe even create an API, is some such thing — encrypted, of course). Ideally, when Google finishes their self-driving car project, they would allow people to buy a device that straps to the roof of a wide variety of approved cars and wirelessly connects to a device plugged into the car's computer port (the specific name of it is slipping my mind at the moment) to control the car's drive-by-wire controls. This would allow the fastest adoption of self-driving cars possible.

    Unfortunately, it seems that this does not line up with Google's vision of self-driving cars. From what I've read, they want to eliminate the need for car ownership entirely. I think this is misguided, not necessarily because I think people like driving too much (really only a small fraction of the population does, and even they mostly admit that most driving is a dull, monotonous task), but rather because people value their independence too much (e.g. how would a person even go shopping for the week's groceries if they didn't own their own car and needed to stop at a few different stores). Furthermore, I think that without at least the possibility of taking control, people will feel helpless and in danger.

    Ultimately, Google's cars may be able to replace taxis/Uber, but not without making people feel uncomfortable, and the vast majority of people will probably still have at least one car, if not two or more.