Posted on 03/10/2017 9:44:15 AM PST by Lorianne
So if you've spent any amount of time around here, you probably already know that the security and privacy standards surrounding the internet of (broken) things sit somewhere between high comedy and dogshit. Whether it's your refrigerator leaking your gmail credentials or your children's toys leaking kids' conversations, putting a microphone and camera on everything that isn't nailed down -- then connecting those devices to the internet without thinking about security and privacy -- hasn't been quite the revolution we were promised.
Obviously for the NSA and CIA, the internet of broken things is a field day, and the fact that the intelligence community would exploit this paper-mache grade security should surprise nobody. In fact, James Clapper made it abundantly clear last year that the internet of not-so-smart things was a massive target for surveillance:
"In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials, Clapper said."
(Excerpt) Read more at techdirt.com ...
Ping.
People who design tech are tools...
Seen this creepy video?
https://youtu.be/QpDzW7YlgsQ
It’s all about speed to market, this is the same stupid mentality the got Microsoft in trouble by not thinking about security.
I think it’s worst than the most paranoid among us imagines...
As one of those “tools” I can tell you that the claim of “connecting those devices to the internet without thinking about security and privacy” is absolute nonsense.
Yes, it is a problem and yes, time-to-market forces are in opposition to threat penetration activities. The main problem is that it is a very difficult topic. You may think you’re secure one day and find out you’re not the next. That said, I and many other people are trying to highlight the issue to everyone we speak and work with. Everything we now do has security requirements. What really woke everyone up was the approaching intersection of highly autonomous and connected vehicles after some high profile vehicle hacks. Not being secure is not safe.
And a desire to push technology because it’s cool rather than applying it to better solve a customers problem. For example, why does your smart TV need a microphone? The answer would probably be to allow voice commands, but how many customers really prefer to talk to their TV instead of using the remote? Compare the unintended consequences...
In America, Television Watches You.
Microphone can be used for communication apps like Skype, but I agree with your comment.
Smirnoff’s joke is now a prophetic reminder of how totalitarian thinking has infected the millennial generation. One of the dumbest generations in history, they would have benefited from experiencing what Yakov had to go through.
What a country.... my ass.
I’m not a software engineer but I’m pretty familiar automotive electronics, and here’s a question:
I understand the nature of onboard embedded processors and commmunications, which we can describe in layman terms as “black boxes connected by networks”. This level of simplification promotes the notion that “cars can be turned into remote control assassination tools” and so on.
But in technical terms, there are multiple networks and boxes. For example the ECU will communicate with other onboard systems such as the transmission and braking systems via CANBUS, and the data and parameters of these devices can be accessed via the OBD-II connenctor.
We also know there are onboard telematics systems (OnStar being the most well known) that use the cellular network, and lower-level simple networks like LINBUS that are used to save wiring and allow control of things like door locks and windshield wipers.
The kind of threat that is always described in the non-technical media would require the ability to access the safety-critical onboard systems (most of which are on CANBUS) via the telematics network (i.e. from a remote location via the internet). Is this possible? If so, why? It’s more of a stretch to think that death or injury could be caused by turning the wipers on or off, but headlights - that could be a problem. So even LINBUS hacks might be problematic. But clearly the ability to interfere with the ECU or other safety-critical systems (like jamming on the ABS) could have fatal conseequences.
Given this, I would not rely on software or a firewall, I would make it absolutely-damn-impossible for those systems to communicate because there would not BE any connection between them. An evil-doer would have to physically access the CAN network (via a connection to OBD-II) in order to do anything and that is no more or less vulnerable than cutting a brake line with a hacksaw.
It this partitioning isn’t being done, it should be.
It was Bill Clinton who signed the law or regulation that required chips be put in all tvs. And that put eyes and ears into everyone’s private homes.
Yes and no.
Yes, there’s usually a number of network types and there’s usually separation between entertainment systems and safety critical devices. When I say separation I mean some gating point, a firewall of sorts. You can’t completely disconnect them however. If the air bags go off I need to know so I can have the Telematics unit call for emergency services. There’s other units on a CAN bus that provide useful data for the infotainment head unit. Integration is essential for the use-cases.
The real danger is when a series of vulnerabilities are found across the *system*. It’s usually not just one thing but a combination. In the famous Jeep hack, where ultimately the hacker could remotely (via internet) interfere with driving, the “firewall” between the infotainment system and the CAN bus accommodated software updates. They were able to hijack the firewall software, now allowing the infotainment system to be able to write data to the bus. Of course they then had to get new software onto the infotainment system to take advantage of this. So it was a series of things.
The notion that “these systems are just so complex nobody will succeed” has largely past due to some of these hacks. CAN doesn’t have security provisions, nothing is encrypted or authenticated so if you have physical access to a car it doesn’t take much to bolt some device on and wreak havoc. New buses, such as Ethernet AVB, can certainly employ authentication and encryption but sometimes the overhead leads to unacceptable latencies in sending/receiving/processing data. There are new standards, like Data Distribution Service from the Object Modeling Group, which defines a publish/subscribe approach that incorporates authentication of clients/servers and allows encryption where desired. There’s also ISO21434, an automotive security standard - but it’s just getting going. I will admit though, the industry was caught a bit flat footed and underestimated what was possible. I’m doing my part to change this.
Part of the problem is how they auto industry works. A hundred years of squeezing vendors to produce the cheapest parts, with ever increasing capability. Software started to creep into more and more things but they were not connected, now the “experience” is becoming software defined. If you ask ANY car maker, on any given vehicle, how many parts have software? They can’t tell you. Then if you asked if all these parts from all these vendors conform to a *system* level security design...well, you can imagine. Many are still crossing their fingers to some extent.
Thank very much for your insightful reply. I’ve been away from it long enough to not know how the infotainment systems are integrated. But I do understand the issues that arise when use cases demand compromises that technical people aren’t comfortable with. In the olden days a similar conflict often arose between Engineering and Styling...you know who won!
As is usually the case, it sounds like it comes down to risk management. Hopefully the system architecture and firewalls provide at least a solid first line of defense.
As we see through Vault 7, nearly anything is possible, given sufficient resources and motivation.
Clipper chip or am I thinking of something else?
Yes, I believe you’re right. Our very own “bug” inhouse. No need for wiretaps, so last year.
You might choose to opt out these features. Then there could be another problem. Insurance companies will encourage drivers to buy such cars because it could reduce accidents and drive down insurance cost. Insurance companies would not look kindly to those who want to opt out. If they opt out, the companies may well jack up their insurance premium.
Things can change if there are too many accidents caused by cars hacked and controlled remotely. Which way insurance companies will go could decide the direction of this technology.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.