Insecurities in vehicles reduce safety
“Hacking — Not Hijacking — Automobiles” addressed computer insecurities in cars as part of the university’s Tech Talk Series and National Engineer’s Week.
Wenyuan Xu, a USC professor of computer science and engineering, explained how results from her recent experiment showed privacy and security concerns in car immobilizers, tire-pressure monitoring systems (TPMS) and Passive Keyless Entry.
Immobilizers prevent a car from running unless the correct key is present. Xu explained that only if the string in the immobilizer matches the key is the car is able to start.
Xu said these can be useful through programs like OnStar that assist drivers locked out of their cars or in accidents. But her study showed that through programs like Bypass, immobilizers can be reprogrammed and ultimately voided.
“With any system, you can always find a way to bypass it,” Xu said.
Car dealerships have the ability to send signals to a car to stop the car’s function through an immobilizer, Xu said. In doing this, dealerships are able to stop the car from functioning if, for example, the finance on the car has not been paid.
As of 2008, all cars contain tire-pressure monitoring systems mandated by the National Highway Transportation Safety Administration.
The intent of TPMS is to improve safety and fuel efficiency by showing a light signal indicating low tire pressure. But Xu said these systems can easily be hacked.
Using handheld devices, Xu’s study found TPMS can be intercepted. The study’s computers picked up the car’s exact location and sent a false message indicating low tire pressure.
Xu said these false messages ultimately indicate a tire pressure problem that isn’t actually there.
“You shouldn’t always believe all the marketing material,” Xu said.
These interceptions can also be dangerous if a driver is tricked into stopping to check their tire pressure, becoming victim to highway robbers, Xu said.
Increasingly, modern cars also have programs, such as Passive Keyless Entry, that do not require a key to get into the car. This program is attained through keys that contain chips that unlock a car according to close proximity.
Xu said these cars are more susceptible to hackers, who are able to gain access by tapping into the key’s signals.
“Hackers can simply walk by the victim, and then drive away,” said Xu.
Until there is better security, Xu said aluminum foil can be wrapped around your keys and credit cards to prevent hackers from intercepting their signals.
In order for a society that depends on car transportation daily to be better protected, Xu asserted that car manufacturers must think of security as a primary interest above cost.
“Hopefully this thing can be solved before someone dies from it,” Xu said.