I can absolutely see cyber security for cars becoming more and more of an issue as technology advances - this article is right on the money.
I think one issue in a hacker's favor is the lack of consumers educated on the topic. When will car consumers decide that application security on their vehicles is a major concern? When will car makers see a need to leverage the cyber security of their products?
A huge issue right now is that automobile manufacturers don't need to put much effort into creating less vulnerable vehicles. I believe it won't become a priority until someone gets hacked and seriously hurt or killed. Time will only tell. One step in the right direction is when information is presented in a way that appeals more to the general population. It's not fear mongering, it's key way of educating consumers about a real problem (because there is one). One infographic I particularly like is this one by Boston based company, Veracode: http://www.veracode.com/blog/2013/04/the-future-of-cars-connected-vehicles-infographic/
There is a difference between fear mongering and information.This is not fear mongering in my mind.
Fear mongering generally has a goal to do more than inform and often tends toward a specific action. I see none of this in this article and, amongst those posts I have read I have not seen anyone press toward either of these goals.
I remember when I stood up in a conference stating the obvious data capture that was beginning for the internet data over 10 years ago and people saying I was paranoid and fear mongering... All I did was notice the architectural trend in devices and methods used for the purposes of providing broadband data. Some things were not needed to just do what was stated within the above board product descriptions nor "future proofing". Wait! That is now (more) common knowledge.
I think it is addressed to the wrong audience and that the average EE would already know all this. There is no exciting new science or technology that an EE would have to acquire to discrern this situation intuitively. After all, I did not go search for a way to do the reverse engineering I needed to do for the fob replacement. I just used the obvious tools to address the obvious need. It was nothing very earth shattering, believe me.
Krisi, WorldPower: You're right on! When I was a kid in the 60s, my dad bought a new car without power windows. I asked why. He said it was because he had never seen a car with power windows that didn't have problems with them. That was before cars had any computers. Today, they have hundreds. Of course, over the years, power windows became more reliable. But with the unrestrained growth of technology in cars, we now have cars that people don't know how to operate all the tools, and tools that are more prone to failure, perhaps triggering other problems. The cost is driving up cars to the point where most average folks have to lease instead of buy. Is this progress?
Yes, computer driven fuel injection improves mileage. Dandy. Let's do the things that make sense and leave out the bells and whistles that we don't need. Really, we can drive our own cars if the alternative raises even the slightest risk of losing control of it. Right?
Yet another reason why I like my "old" (1997 and 1999) vehicles. Real throttle cables; no automatic braking schemes; NO bluetooth integration (no iPod nonsense, either. Both *can* play cassettes, though.); windows and rear lighting are not on a CANbus network....
Not sure I understand all these attempts to make cars very electronic...so far I see that this leads to very expensive servicing bills and not much else...I don't need my Mazda 3 to be networked, it drives fine already, thank you very much
With Google working on cars that drive themselves and increasing use of network devices in cars, it's only a matter of time before cars crash due to bad data, electrical interference, or malicious intent. Security on a desktop computer may be important, but security for your dashboard will be a life-and-death matter. Until that little wrinkle is straightened out, I'll happily continue to use the tried-and-true key-in-ignition security system.
Some people died here recently of carbon monoxide poisoning because their car was running in the attached garage. It had key fob start. Accident, malfunction, or murder? And how do you shut off the ignition in a car with a start/stop pushbutton if it doesnt want to shut off? What about the secret back doors and possible malware in pre-engineered chips? So called safety automation of what should be driver activity provides more opportunity and incentive for the driver to engage in diversive activities, and enables inherently unsafe drivers to be on the road. Cars need to have a simple foolproof means of allowing the driver to regain total control when necessary.
Yes the more and more electronics parts and technologies are getting added to automobile as enhanced features, the risk of destruction and hacking too increases. But there are positive sides too, if you can access the cars control remotely, one can also save lives if there are failures.
@fmotta, your premise, as described here, "the primary reason most 'secure' areas remain so is that Engineers have less motivation to hack than they do to create. That ratio of hack vs create is shifting a lot and fast," is an interesting one.
Especially the part you mention the ratio of "hack vs. creat."
Blog That A-Ha Moment Larry Desjardin 10 comments Have you ever had an a-ha moment? Sure, you have. The Merriam-Webster dictionary defines it as "a moment of sudden realization, inspiration, insight, recognition, or ...