Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

How an Apple security expert ‘bricked’ his brand new jeep
Cult of Mac ^ | December 11, 2014 | Luke Dormehl

Posted on 12/12/2014 12:31:08 AM PST by Swordmaker


The world’s largest brick? Photo: Trucktrend

In addition to Apple devices, noted security expert and The Mac Hacker’s Handbook co-author Charlie Miller has carried out some fascinating (and potentially terrifying) research into hacking vehicles. Last year, alongside fellow hacker Chris Valasek, Miller demonstrated that it is possible to hijack the steering and brakes of a Ford Escape and Toyota Prius using only a laptop connected to the car.

Having done that, he has now moved onto exploring vulnerabilities in other vehicles — including his new 2014 Cherokee jeep. All that research comes at a high price, however, since Miller recently revealed on Twitter that he has managed to “brick” his vehicle, after hacking the head unit. As he put it, “This is an expensive hobby.”

Miller had previously deemed the 2014 Jeep Cherokee one of the vehicles most vulnerable to hackers, alongside the 2015 Cadillac Escalade. His own research was therefore designed to explore the extent of this vulnerability.

He has rated the vehicle hackable based on the number of features that can be hacked (Bluetooth, Wi-Fi, mobile network connections, key fobs, and tyre pressure monitoring systems), the network architecture (giving access to a vehicle’s critical systems, such as the horn, the steering and brakes), and also features such as automated braking, and parking sensors that can be controlled using wireless commands.

Unfortunately, the car head unit he hacked most recently controls functions including the radio, heater, heated steering wheel and seats, rear camera, and sat-nav — leaving Miller with a vehicle best described as “downright primitive.”

After a trip to the automotive shop, where the head unit was replaced, Miller tweeted that, “This is another example of why car research is hard. One little mistake costs you a week and big bucks.”

The hacking appears to have paid off, though, since Miller has determined that his jeep’s software is still vulnerable to jailbreak bug he originally discovered months back.


TOPICS: Business/Economy; Computers/Internet; Hobbies
KEYWORDS: automotive; computing
Navigation: use the links below to view more comments.
first 1-2021-40 next last

1 posted on 12/12/2014 12:31:08 AM PST by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
Charlie Miller, past winner of the White Hat hacking contests, manages to brick his own Jeep by hacking it. . . costs him big bucks! OOPS — PING!


Apple hacker Bricks his Jeep Ping!

If you want on or off the Mac Ping List, Freepmail me.

2 posted on 12/12/2014 12:33:15 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Gee, wasn’t there a reporter recently ‘bricked’ into a tree right before some potentially damaging info got published?


3 posted on 12/12/2014 12:46:46 AM PST by Norm Lenhart
[ Post Reply | Private Reply | To 1 | View Replies]

To: Norm Lenhart
Gee, wasn’t there a reporter recently ‘bricked’ into a tree right before some potentially damaging info got published?

LOL, not quite the same thing. . . heheheheh

4 posted on 12/12/2014 12:59:45 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Swordmaker

Pfl


5 posted on 12/12/2014 1:18:06 AM PST by Clump ( the tree of liberty is withering like a stricken fig tree)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Swordmaker

No I meant there was speculation that someone hacked his car. this just proves it can be done. And you know if they admit it’s possible now, then they have been able to do it for some time.


6 posted on 12/12/2014 1:44:57 AM PST by Norm Lenhart
[ Post Reply | Private Reply | To 4 | View Replies]

To: Norm Lenhart

http://www.theblaze.com/stories/2013/08/13/journalist-michael-hastings-was-investigating-cia-director-john-brennan-before-he-was-killed-in-fiery-car-crash/

Journalist Michael Hastings Was Investigating CIA Director John Brennan Before He Was Killed in Fiery Car Crash
Aug. 13, 2013

EXCERPT

Additionally, an anonymous source recently provided the news station with “an alarming email” hacked from CIA contractor Strafor’s President Fred Burton. The email, which was posted on WikiLeaks, claimed that Brennan previously headed up the government’s effort to crackdown on investigative journalists.

“Brennan is behind the witch hunts of investigative journalists learning information from inside the beltway sources,” the alleged email reads. “Note — There is specific tasker from the WH to go after anyone printing materials negative to the Obama agenda (oh my.) Even the FBI is shocked. The Wonder Boys must be in meltdown mode…”


7 posted on 12/12/2014 2:05:48 AM PST by maggief
[ Post Reply | Private Reply | To 6 | View Replies]

To: maggief

Thats the guy.


8 posted on 12/12/2014 2:10:04 AM PST by Norm Lenhart
[ Post Reply | Private Reply | To 7 | View Replies]

To: Norm Lenhart; All
“No I meant there was speculation that someone hacked his car. this just proves it can be done.”

Look up “the boston brakes”. It appears to have been around for awhile.
http://www.urbandictionary.com/define.php?term=Boston%20Brakes

http://www.whale.to/b/assassination_car.html

http://www.whale.to/c/car_hacking1.html

Its a form of car cyber attack

9 posted on 12/12/2014 2:13:34 AM PST by Polynikes (What would Walt Kowalski do. In the meantime "GET OFF MY LAWN")
[ Post Reply | Private Reply | To 6 | View Replies]

To: Norm Lenhart
No I meant there was speculation that someone hacked his car. this just proves it can be done. And you know if they admit it’s possible now, then they have been able to do it for some time.

You apparently didn't read the article completely. There was no speculative "someone" here hacking Charlie's car. Charlie Miller is one of the world's top experts on computer security. He is an ex-NSA computer expert.

He knows exactly who and when and how his Jeep was hacked.

Charlie Miller did it himself, with his own Mac computer, hooked directly into the Jeep's systems by a cable, playing around with changing things in its programing for his hobby of hacking things.

Only he couldn't put it back together again!

This was a direct possession via direct connect hack, not a remote exploit. Not only was it not reprogrammable, the entire head computer had to be replaced. That is funny.

This is sorta like the kid who took his parent's alarm clock apart. . . and got it back together but it didn't work anymore. Who? Me? No, the cat did it, Mom! Honest!

10 posted on 12/12/2014 2:45:59 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Polynikes

Ah, I get where you are going with this. OK...


11 posted on 12/12/2014 2:47:38 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Swordmaker
Charlie Miller did it himself, with his own Mac computer, hooked directly into the Jeep's systems by a cable, playing around with changing things in its programing for his hobby of hacking things.

I'm confused. He claims he can "hack" into the code but yet couldn't repair the code after changes? Is he really an expert who didn't save a copy of the original code before playing?

12 posted on 12/12/2014 2:50:01 AM PST by raybbr (Obamacare needs a death panel.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Polynikes

Doesn’t surprise me. People laughed when we said years ago when they began computerizing everything this would happen eventually. We got laughed at. Dunno why. Fear probably. Seems an obvious thing to conclude.

There’s a reason I never owned a car with a computer that had wireless access to the computer and it wasn’t because I’m on anyones top 10 list. I just don’t trust them. This is why.


13 posted on 12/12/2014 2:50:18 AM PST by Norm Lenhart
[ Post Reply | Private Reply | To 9 | View Replies]

To: Swordmaker

You misunderstood what I was getting at. I’m not saying the CIA bricked the jeep. I’m saying that people suspected such a thing in the reporter’s accident.


14 posted on 12/12/2014 2:51:55 AM PST by Norm Lenhart
[ Post Reply | Private Reply | To 10 | View Replies]

To: maggief

Investagative journalism?? Isn’t that an oxymoron


15 posted on 12/12/2014 2:57:19 AM PST by carcraft (Pray for our Country)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Swordmaker

Yikes. I think I’ll make my next car a 65 Electra (preferably one with a Nailhead V8). No computers in that thing, not even the clock.

Plus, I like the idea of having a trunk big enough to hold a SmartCar. :-)


16 posted on 12/12/2014 2:58:34 AM PST by DemforBush (A Repo Man is always intense.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

He didn’t “brick the car”, at worst he damaged a part of the car, which was replaced and the car worked again.

I’m betting the stealership didn’t replace anything. They only had to reprogram the “head unit” and they charged him for a new one and a bundle in labor.


17 posted on 12/12/2014 3:06:59 AM PST by Fresh Wind (The last remnants of the Old Republic have been swept away)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Fresh Wind
I’m betting the stealership didn’t replace anything. They only had to reprogram the “head unit” and they charged him for a new one and a bundle in labor.

Another source says they had to replace the head computer. Dealers usually do not have the resources to reflash the programming completely. They usually swap the computers out, flash the specific ID information and done. I had to replace a drive computer in a Chrysler 300M several years ago. It was an exchange deal. The dealer took the old one and sent it back for re-programming.

18 posted on 12/12/2014 3:14:24 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 17 | View Replies]

To: raybbr
I'm confused. He claims he can "hack" into the code but yet couldn't repair the code after changes? Is he really an expert who didn't save a copy of the original code before playing?

Sounds like it. . . or he may have damaged it while in the process of copying it. The articles i found did not specify.

19 posted on 12/12/2014 3:15:27 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contnue...)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Norm Lenhart
“There’s a reason I never owned a car with a computer that had wireless access to the computer and it wasn’t because I’m on anyones top 10 list. I just don’t trust them. This is why.”

I don't believe the cars in question had wireless access to begin with. They were accessed via a transceiver that was installed so as to enable a direct hard wire connection via the transceiver. That would mean someone would have to have to access to the car for a period of time for installation. The job would most likely be quick and direct.

The FBI has been doing similar things with mob figures cars for some time by installing listening devices. With the advent of “Onstar” it becomes even easier if the legality is not a concern.

Look up “the jaguar bug”. The FBI did that back in the mid 80’s when they bugged Anthony “Tony Ducks” Corallo’s car.

20 posted on 12/12/2014 3:39:11 AM PST by Polynikes (What would Walt Kowalski do. In the meantime "GET OFF MY LAWN")
[ Post Reply | Private Reply | To 13 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-40 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson