Please if you cant answer this question, don\'t down vote it and the let others
ID: 660234 • Letter: P
Question
Please if you cant answer this question, don't down vote it and the let others to discuss their opinions instead of closing it.
Yesterday I watched a collection of videos at YouTube for people who can hack a car which is parked 200 meter away from them, they can turn the car on/off and even use the benzene pedal or turn the steering wheel right and left even this car does not belong to any of them, what I want to know how such a thing can happened ?! it is possible to anyone to hack such a thing ? These people also have a video which they hack the main big display in train station which has all the information about coming and going trains in that area and they replaced it with another picture by his mobile.
An explanation of what is happening is really appreciated :) Thanks
Explanation / Answer
The first thing you need to be able to hack a car is access to it. In most cases, this means physical access to the wires inside the car that interface with the car's internal computer (often via a diagnostics connection either under the hood or inside the car interior.)
However, on a growing number of vehicles, there are potentially insecure wireless networks being connected to devices that also connect with the car's internal control network. The most common issue is radios with bluetooth functionality that also have features that require communication with the car, such as providing song data or getting information about the speed of the car to adjust volume.
The process for compromising such a system is complex and still relatively non-trivial, but is doable in many cases. First the attacker has to connect to the wireless network, they then have to compromise the device being connected to (the car radio or A/V system) and then from there, they have to utilize the radio itself to attack the car's internal network.
Once you are on the car's internal diagnostics network, there is a whole lot you can. The commands aren't particularly well documented, but most controls for your vehicle use this network. Engine timing, gear shifting, unlocking and locking doors, opening windows, turning on and off lights, cruise control, etc all are often controlled on this network, so an attacker with access to the internal network can do a whole lot if they have the needed information and skill.
Now practically, unless you are particularly targeted or mass market tools become widely available, the chances of falling victim to such an attack are currently pretty limited, but if someone had a reason to attack you, then the odds could improve dramatically of falling victim to such an attack.
The main point of releasing information like is being released now is to point out to manufacturers that what they thought were acceptable risks are not. A lot of this can be pretty easily fixed by doing things like better securing the hardware and isolating the bluetooth network from being able to interface with the internal network as well as better security on the bluetooth network itself.
Overall, I doubt it should be an immediate cause of concern for you, but disabling bluetooth and other forms of wireless connectivity that can interface with your car would be the first step in ensuring that such attacks would be more difficult to perform, but they would still only require adding a device to your vehicle in order to be able to do something.