But their most interesting attack focused on the car stereo. By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse. When played on the car's stereo, this song could alter the firmware of the car's stereo system, giving attackers an entry point to change other components on the car.
-
Recent Posts
Recent Comments
- Adolf Osborne on How to make the world's most impractical shot glass
- Landa on How to make the world's most impractical shot glass
- drew w. on Brodustrial: WWJD?
- Marc Moskowitz on How to make the world's most impractical shot glass
- Jeff on Brodustrial: WWJD?
- woods on How to make the world's most impractical shot glass
- MZ MegaZone on How to make the world's most impractical shot glass
- tom on Billionaire douchebag renounces US citizenship to save 3% on his taxes.
- 205guy on Billionaire douchebag renounces US citizenship to save 3% on his taxes.
- Dennis Nezic on Billionaire douchebag renounces US citizenship to save 3% on his taxes.
Archives
- 2012 (366)
- 2011 (775)
- November 2011 (67)
- October 2011 (72)
- September 2011 (62)
- August 2011 (70)
- July 2011 (53)
- June 2011 (84)
- May 2011 (62)
- April 2011 (67)
- March 2011 (103)
- February 2011 (42)
- January 2011 (31)
- December 2010 (50)
- November 2010 (52)
- October 2010 (57)
- September 2010 (51)
- August 2010 (51)
- July 2010 (46)
- 2010 (725)
- 2009 (590)
- 2008 (519)
- 2007 (374)
- 2006 (505)
- 2005 (578)
- 2004 (524)
- 2003 (634)
- 2002 (496)
Ye Gods, don't tell Sony about this! Can you imagine the malware they would write knowing they could control cars?
"Buy Adam Lambert's next album or we cut the brakes."
Terrifying.
Hmm, why do that, just get the on-board iTunes to buy the tracks without the user's approval.
What, don't cars come in with iTunes yet?
Not until Apple releases the iCar. It won't have a steering wheel, and will just have a single pedal, etc., etc.
The rest of this Apple joke has been left as an exercise for the reader.
When Stefan Savage was working on attacks showing that TCP counting individual acks, rather than bytes, was easily exploited (leading to RFC3465), I christened them 'savage attacks'. He was surprised by the term.
Now, it's a Stefan Savage Hole, so you SSH the car.
(btw, watching the flickery javascript preview update every time I type a letter is very annoying; generic user id picture appears and disappears, and probably needs width/height tags to decrease reflowing.)