Hackers Have the Power to Remotely Hijack Half a Million Chrysler Cars

Hackers Have The Power To Remotely Hijack Half a Million Chrysler Cars

 

Adam Clark Estes

An ongoing investigation into the security of Chrysler vehicles bears some pretty startling conclusions. In a couple of weeks, security researchers will reveal the details of a zero-day exploit that affects some 471,000 cars. Put bluntly: Hackers can take complete control of the cars from thousands of miles away.

 

Longtime car hackers Charlie Miller and Chris Valasek recently demonstrated the dangerous possibilities of the Chrysler exploit to Wired’s Andy Greenberg. The journalist actually took a Jeep Cherokee onto the highway outside St. Louis, while the hackers took over control of the car. Using the Jeep’s Uconnect system, which plugs into a cellular network, the security researchers were able to gain control of the car’s entertainment system and then rewrite the firmware to send commands to critical systems like the brakes, steering, and transmission. Greenberg describes the experience:

 

“As the two hackers remotely toyed with the air-conditioning, radio, and windshield wipers, I mentally congratulated myself on my courage under pressure. That’s when they cut the transmission. Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun”

 

What’s especially worrisome about this situation is that Chrysler knows about the vulnerability and doesn’t seem to be taking it too seriously. The company recently released a patch to the Uconnect software that addresses the issue, but it needs to be installed via USB drive or by a dealer.  (Visit this link to download the software update that will fix the exploit.)

Meanwhile, Chrysler sort of scolded the researchers for sharing information about the exploit publicly. “Under no circumstances does [Fiat Chrysler Automotive] condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” the company said in a statement.

 

Although this is not the first time that security researchers have discovered and shared details of a car hack, it’s starting to get pretty real. When there are almost half a million cars that could be commandeered or bricked with just a few key strokes, it’s time for auto companies to take notice, and embrace the community of researchers and politicians trying to make sure our cars are safe.

New Wi-Fi technology Will Make Phones ‘Aware’ Of Their Surroundings

 

New Wi-Fi technology Will Make Phones ‘Aware’ Of Their Surroundings

by 

 

The Wi-Fi radio in your smartphone is already pretty handy at connecting to wireless networks around you, but soon that radio may be able to do so much more. The next generation of Wi-Fi devices will be able to find and communicate with other Wi-Fi nearby and take advantage of new types services that use your proximity as a trigger.

For instance, a consumer subscribed to a social gaming network would get pinged whenever another gamer walks into the same room, allowing them to instantly set up a face-to-face match over their smartphones. It could also allow frequent fliers standing in line at the airport to get notices informing them about exactly how long the wait is based on their distance from the checkpoint.

The technology is called Wi-Fi Aware, and it’s very similar to another technology we’ve been hearing a lot about called beacons, used by retailers and other venues to interact directly with their customers through Bluetooth links. Beacons, however, require retailers to set up Bluetooth transmitters in their stores. Wi-Fi Aware isn’t dependent on any infrastructure, access point, or router since devices discover and communicate directly with one another. That means you can use Wi-Fi Aware devices anywhere, even if you don’t have a link back to the Internet, said Kevin Robinson, director of program marketing for Wi-Fi Alliance, an industry group that oversees Wi-Fi. That capability opens Wi-Fi Aware to the huge world of social networking applications.

Services like Facebook FB 0.18% and Tinder use proximity as way of triggering social interactions—whether alerting you to the nearby presence of a friend or suggesting a potential date—but social networking apps tend to rely on GPS to get their location data, which according to Robinson, isn’t very reliable or accurate. GPS might place you and a friend in the same building, but if that building has 50 floors or 50 different stores that information doesn’t do you much good.

Location and proximity are fundamentally two different concepts, the first describing your location on a map, the second describing two persons’ relation to one another. “Many proximity apps rely on location to back into the idea or proximity,” said Robinson.

Wi-Fi Aware, however, can provide information that’s ultimately more useful for social interaction, he said. “Wi-Fi Aware can tell, for instance, if two devices are rapidly converging on one another or rapidly diverging.” The technology won’t provide the social context for these types of applications. Instead it will supply the device discovery and communications framework that developers can then build their proximity features on top of existing apps. Wi-Fi Aware will also provide the security to ensure that consumers aren’t suddenly flooded with information from every smartphone that passes nearby.

Devices using Wi-Fi Aware will intermittently scan the vicinity for other Wi-Fi gadgets. When they find them, the devices will immediately start coordinating with one another to save power by transmitting on the same schedule like a common heartbeat. Devices will only collect and send information to each other based on permissions the device’s owner has granted. For instance, if you were to configure a social app like Facebook to receive and send proximity notices, then Wi-Fi Aware would only pick the Facebook notices out of constant signal chatter, ignoring messages from all other apps.

When will your smartphone become Wi-Fi Aware? You’ll have to wait for a new generation of devices to emerge as the Wi-Fi Alliance has just kicked off its Aware certification program. For the remainder of the year, device makers will submit their Wi-Fi radio chips, phones and tablets for approval, which means we should start seeing them hit the shelves next year or by the holidays at the earliest.

 

Article courtesy of Fortune.