Optional_Reading

Putin’s chauffeur died this way

fluhthreeex

Which tool here is the one you're referring to?

gavin10

With the Trump appointment of Gina Haspel (after Mike Pompeo did the initial cleaning work) isn't the CIA controlled by white hats now? Really confused about the CIA!

B3bomber

Its sole purpose for existence when created was to lie to US citizens. Name any time that mission changed aside from including new things it does to US citizens (protection is not on that list and never was).

TwitterBannedIt

OLD CARS FTW.

divine_human

thats the reason why i prefer an old car. no hacking possible.

Narow_Foe_Minsk

Remember that "cash for clunkers" thing that was supposedly to "prevent global warming", but was really just to increase profits for car manufacturers by forcing people to buy new cars as all the old ones were scrapped? Guess there was a second motive behind that, old cars don't have computers they can remote control. Wi-Fi/Onstar/Bluetooth gives them the connection and method of attack, cruise control and automatic transmission gives them throttle control, ABS gives them brake control, and power steering gives them steering control.

To avoid this make sure your car has or doesn't have the following:

  • NO ONSTAR/WI-FI/BLUETOOTH/CONNECTIVITY OF ANY KIND - No explanation needed.

  • Manual transmission - Manual transmissions require the physical manipulation of the clutch to function. This limits them to whatever gear the car is in when they hack it, and the moment you realize what is happening you can quickly open the cluth to cut off all power to the wheels. You can also downshift to slow the vehicle down faster if you were at speed when they attempted to murder you.

  • Diesel engines - Diesels are compression-ignited, not spark, so they don't need spark plugs which in all modern vehicles are timed by the vehicle computer instead of mechanically. By the same token, having a car with a mechanically-timed carburetor instead of computer-controlled fuel injectors gives them even less angles of attack.

  • No ABS - ABS's legitimate purpose is to prevent your wheels from locking up when you slam on the brakes. When the computer senses the wheels are locking up due to the driver pushing too hard on the brakes, the computer overrides the driver's brake pedal, decreases the braking force until the wheel stops locking up, then maintains that lessened braking force to safely slow the vehicle down. The ABS stays activated until the driver releases the brakes. When hacked, they could easily continuously feed the computer some bogus signals from the "sensor" saying the wheels are locked up to activate the brake override. This results in your brakes effectively being deactivated.

NakedWarrior

If you've ever driven a car with no power steering or power brakes, and I have, it's not much fun to drive. I'll take my chances I guess. Also, considering how horrible most young drivers are today, they wouldn't even be able to navigate a car without power steering/brakes.

B3bomber

Modern cars do not have true manual transmissions anymore. Just a note.

FireMarshallBill

Not so much power steering as 'fly by wire'. You just want to make sure your steering is actually using a physical steering column instead of a computer signal that the vehicle sends to the steering components.

Narow_Foe_Minsk

Good point. I'd hate to drive without power steering. Drove an old truck that didn't have it once, my arms were sore after cranking that thing all day long. But even with a physical steering column, they can still hack the hydraulics cause the power steering likely still routes through the computer, then you'll be fighting against them to control the vehicle. Still, better than having no control at all.

FireMarshallBill

The point of having a column is that the driver has the control, there are no active pumps or motors actually moving the steering rack. The only pump is to provide the pressurized steering fluid to the rack to make it easier to stear, with nothing to high-jack. The ecu may see the power steering pressure sensor reading, but that would only serve to provide a warning light in the event the pressure is too high/low. It's a non-reactive system.

turitelle

Can you buy a car without all the bluetooth/wifi crap nowadays? I seriously don't know because I'm still driving a car with wind-up windows and no fob... and I like it so I'm not likely to change in the near future.

TwitterBannedIt

I just bought a 98 Caddy for $1,000 and its in decent condition.

Comfy too.

Everyone thinks I'm super old now, but I still drive it like a maniac.

V8.

turitelle

One of the 8,761 internal CIA documents leaked by WikiLeaks on Tuesday reveals that the agency’s Center for Cyber Intelligence has been exploring methods to hack into vehicle systems since at least 2014. As WikiLeaks noted in its release accompanying the documents, “The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.”

While the anti-secrecy organization makes no specific charges in this regard, this information raises new troubling questions about the car crash that killed journalist Michael Hastings in June of 2013 .

Hastings, who was 33 when he died, was the Rolling Stone reporter who wrote an article in 2010 that led to the removal of General Stanley McChrystal from his post as ranking US commanding officer in Afghanistan. Hastings perished at around 4:30 a.m. after losing control of his car and crashing into a tree while traveling at about 100 mph.

At the time of his death, Hastings was investigating another major figure within the Obama administration’s military and intelligence apparatus, then-CIA Director John Brennan. At the time, police declared that there was no “foul play” involved in the accident. Before the accident, however, Hastings had informed his colleagues that he was under government surveillance. He also suspected that his own vehicle had been tampered with, having asked a neighbor to lend him a car.

What the WikiLeaks documents show is that Hastings’ suspicions about his vehicle could very well have been justified. Meeting notes dated October 2014 show that the CIA has a division known as the Embedded Development Branch which lists “potential mission areas,” such as software and networking devices, as targets for hacking. One of the targets listed is “vehicle systems (e.g., VSEP),” likely referring to the embedded computer systems that play a major role in the operation of modern cars (though the acronym is not spelled out).

Embedded systems are computers designed and built to solve only a few specific problems. They are not designed to take human input, but rather are a combination of hardware and software that is designed to do a specific task as a permanent part of a larger system, such as traffic lights, airplane controls or assembly lines in a factory. While in general the software of embedded systems is hard to change by design, the CIA memo indicates that gaining the ability to control many types of these computers is one of the goals of the agency.

One piece of software in embedded systems specifically mentioned by the CIA memo is the operating system QNX, which the memo states is a “big player in VSEP.” Indeed, according to QNX Software Systems Limited, the software has been deployed in more than 50 million vehicles across at least 14 different brands, more than 50 percent of the market share of modern cars.

more at link: https://www.wsws.org/en/articles/2017/03/09/hastings-m09.html

RampancyLambentRaven

CIA coward murderers and terrorists. CIA are America's enemy terrorist combatants.

NoRoyalty

The CIA monsters should be drawn and quartered for their crimes.

TheFaggotMuhammad

Disconnect your OnStar unit!

ioillusion

You used to be able to get some access through tire pressure sensors as well, not sure if that's still the case. Anything that can send CAN Bus messages can potentially take over a modern car.

fluhthreeex

https://www.youtube.com/watch?v=oqFpg7jS3ro ...yeah, that looks like fun.

Have you seen anyone demoing a hijack of the CAN Bus?

ioillusion

I'm not sure about obtaining access remotely, but with access to the inside of the car, you can easily control the things on the bus with one of these: https://www.microchip.com/wwwproducts/en/en010406

fluhthreeex

Sweet. Thanks for the link.

I found a few talks after I posted that talk about Open Source hardware and software tools, and go over some basic things that can be done. A junkyard might be an interesting place to pick up some hardware... not sure why they're risking their own vehicles.

...assuming you don't have time to watch these (i listened/watched them on 2x)

https://www.youtube.com/watch?v=WjncMlpX85I - the interesting parts would probably be the beginning and the end: early he covers previous high profile work on hacking cars but they might be things you're aware of. The middle gives some technical details on an introduction to how to go about working on these systems and pulling off the basic attacks he demo's at the end. Towards the end he gives a demonstration of an attack on the speedometer at 36:00 (vehicle at rest), right after an attack on the odometer (modifying it while at rest), and provides a good summary of how bad car sec sucks at the end.

https://www.youtube.com/watch?v=U1yecKUmnFo - good for the list of a lot of free utilities that allow you to work on the hardware at the beginning. The info in the middle and towards the end is also fairly interesting if you want to get an idea of how "secure" (or insecure) these systems are. Pretty decent slides. Really basic attacks but talks about some important info on the device security, how to crack the key, etc. At the end there's a Q&A that was good with some useful warnings, particularly how you could potentially really fuck a car if you were to fuzz it and override essential variables.

For now though I just need to verify that I've hardware disabled XM, BT, OnStar, my speakers, and any other TXRX that might be there.

Know any sites with free schematic/mechanic manual pdf dumps? Everywhere I've found wants to charge.

nooo

In some vehicles the OnStar unit also provides the bluetooth connection for the car's media center, and in some trucks I think it is connected to the airbags too. Here are directions for removing the cellular board from a GM Silverado's OnStar unit . I bet the procedure is similar for other vehicles.

andrew_jackson

And people thought that I was nuts for not wanting to have a computer in my car.

Thetiedyeguy

Lots of leople think im nuts for saying various phone apps track location, turn on the microphone and camera, record at any time with no notification, acess all data and sell the lot to whoever they want, even though its all in the terms and conditions they mindlessly click yes to. They're called NPCs.

SearchVoatBot

This comment was linked from this v/ShitPostLitterBox submission by @andrew_jackson .

Posted automatically (#9068) by the SearchVoat.co Cross-Link Bot. You can suppress these notifications by appending a forward-slash(/) to your Voat link. More information here .