The company has already issued a patch on its website for drivers, and on Thursday it performed an over-the-air update of some vehicles to block unauthorized remote access, Bloomberg Business reports. The vulnerability, revealed in a report by Wired earlier this week, allowed security researchers Charlie Miller and Chris Valasek to take remote control of a Jeep Cherokee`s onboard computer and entertainment system, remotely controlling the throttle of the vehicle while a Wired reporter was driving it at 70mph on a St. Louis-area interstate highway. Miller and Valasek also demonstrated that they could take control of the vehicle`s brakes and (in some cases) even its steering, as well as the vehicle`s windshield wipers, navigation, and entertainment systems.
The vehicles covered by the recall include the 2015 model year Dodge Ram pickup, Dodge`s Challenger and Viper, and the Jeep Cherokee and Grand Cherokee SUVs. While Fiat Chrysler officials said that there was no known real-world use of the vulnerablity (outside Miller`s and Valasek`s proof of concept), they were taking the recall step out of `an abundance of caution.`
There isn`t a read-only CAN bus. There could be, if a hardware CAN firewall were made...
Basically the CAN bus is how all car systems talk to each other. It`s just one bus for the car and it`s kind of neat in its implementation: each message contains its own priority and that`s used for bus conflicts. MessageIDs are either 11 or 29-bit numbers and lower numbers are higher priority. AIRBAG_WLAMP is 0x12 so it`s quite high priority, to light up an airbag malfunction. 0s on the bus take priority and transmitting devices also listen at the same time, and if what they see on the bus isn`t what they are transmitting they stop for the higher priority message to go through.
What makes this function is that per the standards, only one device is allowed to send any given message ID. Your brake system can`t send an AIRBAG_WLAMP, and your entertainment system sure as hell can`t tell the brakes that the radar detects an imminent collision please press the brakes hard as hell. This is normally fine because yeah, the uConnect doesn`t know how to send those messages so no problem, right?
The remotely accessible nature of the system combined with a vulnerability in the system combine to allow the attacker to overwrite the firmware of the entertainment system, teaching it how to send all these nifty CAN bus messages, thus allowing this.
I doubt that the recall will involve this, but having a hardware firewall between the CAN bus and the remotely accessible portions would be a real solution - the hardware would have to have two transceivers, allow all CAN traffic through to the entertainment system, but only allow some specific messages back through (with potential sanity checks on the content of said messages). That way you get the nifty remote-start features without the ability to remotely disable the brakes because the system thinks it`s trying to park for you
Read original article
No comments:
Post a Comment