(2010-08-30) Automobile Network Security

Some interesting/scary notes on Security of the AutoMobile's electronics. They also mention some external avenues of attack to hack into the car remotely. One is that things like music players become attached to the cars internal network, and that potentially includes things like iPhones which are connected to cell networks and have well-known vulnerabilities of their own. Also, some cars have remote cellular connection to services like onStar, which goes to a component on the car's internal network. And then they found no fewer than five wireless interfaces on the car, and, "While outside the scope of this paper, we wish to be clear that vulnerabilities in such services are not purely theoretical. We have developed the ability to remotely compromise key ECUs in our car via externally-facing vulnerabilities, amplify the impact of these remote compromises using the results in this paper, and ultimately monitor and control our car remotely over the Internet." The second paper looks specifically at wireless tire pressure sensors which are now being required on new cars. They show that the wireless interaction between the tire pressure sensors and the antenna on the back window of the car can be intercepted up to 10m away with a cheap antenna, and the protocol is not secure and can be intercepted and interfered with.