2014 Chevrolet Equinox Ls on 2040-cars

Auto blog

Can DARPA hack into a Chevy Impala through OnStar?

An ex-video game wizard named Dan Kaufman tracked a circuitous route to becoming the head of the Software Innovation Division at the Defense Advanced Research Projects Agency. DARPA normally makes these pages because of its work with autonomous vehicles and automobile technology that overlaps with military applications, but for the past five years Kaufman and his multiple research teams have been working on creating unhackable software code that could be used in military drones. Part of that work has involved hacking into just about everything else, and as a segment on 60 Minutes reveals, that includes cars. The masterminds discovered a way to hack into OnStar, the General Motors telematics system. After figuring out how to hook into OnStar's emergency communication system, they overwhelmed it with data. While the computer was busy trying to manage the overrun of data, the research team inserted code that took control of the sedan's other computers, giving it control. So while reporter Leslie Stahl tooled around in a parking lot, a DARPA researcher with a laptop would occasionally take control of the car, like by applying its brakes or, conversely, removing the ability for Stahl to use the brakes. Hacking into vehicles has been in the news for years: Car and Driver ran a feature on the various ways cars could be hacked in 2011, two hackers released a car-hacking code at the hacker-fest Defcon in 2013 and demonstrated how it worked on a Toyota Prius and Ford Escape, and German researchers demonstrated how they could hack into BMW's Connected Drive remote-services system last week via an attack on the cars' telematics units. This isn't about GM or Onstar or the future; hacking into cars of all kinds isn't coming, it's here, and it doesn't take the half-billion-dollar annual budget of a small DARPA division to do it. Check out the 60 Minutes video on the CBS site (you can watch the entire video from a mobile device without logging in). The OnStar hacking starts at 6:45, but it's worth watching what leads up to that. News Source: Jalopnik Chevrolet Safety Technology Infotainment Autonomous Vehicles Videos Sedan hacking 60 minutes

Chevy Corvette is latest car breached by hackers

UPDATE: This story has been updated with comment from General Motors. In the latest car-hacking exploit in a summer full of them, researchers from the University of California-San Diego say they've found a way to manipulate braking in a 2013 Chevrolet Corvette. The vulnerabilities may not be limited to that model. Cyber-security researchers breached the car's security systems via a device they had plugged into the Corvette's OBD-II port, and through that connection, they sent messages that could turn windshield wipers on and off and tamper with the brakes as the car drove at low speeds. It's the latest in a series of car hacks that involve access to critical systems obtained via the OBD-II port, where drivers can plug in devices that provide anything from diagnostic information for mechanics to driving information for insurance companies. Last November, cyber-security engineers from Argus Cyber Security remotely controlled vehicle functions in a car that had a OBD-II dongle called a Zubie installed. In January, researchers from Digital Bond Labs found security holes in an information-tracking dongle popular with more than 2 million Progressive Insurance customers. Those came before prominent hacks unveiled in recent weeks, in which researchers remotely commandeered control of a Jeep Cherokee and, separately, showcased problems with GM's OnStar infotainment system. Regarding the dongles that plug into the OBD-II ports, Stefan Savage, a Cal-San Diego professor involved in the research, tells WIRED that, "we acquired some of these things, reverse-engineered them, and along the way, found that they had a whole bunch of security deficiencies." Savage and others unveiled the latest study at the Usenix security conference Tuesday. In a video of their exploit entitled "Fast and Vulnerable," they show how they sent SMS messages from a smartphone to the dongle plugged into the car's OBD-II port. From there, their messages accessed the CAN bus, a network on the car that connects individual electronic control units, which control dozens of vehicle functions. As they send the commands to brake the car, the driver of the Corvette notes "the pedal doesn't react to any pressure." General Motors issued a written response Wednesday, warning drivers to be careful with third-party devices they plug into their OBD-II ports.

GM shows off 'digital vehicle platform' enabling more in-car tech and OTA updates

It appears to have dropped the sobriquet "Global B," but General Motors' new electrical architecture has bowed in drawings and video. This is the "digital vehicle platform" GM president Mark Reuss spoke to Reuters about in 2015, saying it would move a great deal of a vehicle's computer work to the cloud and enable over-the-air updates. Reuss took the microphone for the debut, too, saying, "Our new digital vehicle platform and its eventual successors will underpin all our future innovations across a wide range of technological advancements, including EVs and expanded automated driving." The system will go into production later this year, appearing in dealerships first either on the 2020 Cadillac CT5 or the mid-engined 2020 Chevrolet Corvette. Yes, these are the same electronics cited for delaying the launch of the C8 Corvette over excessive draw, security and getting the more-than-100 computer modules to communicate seamlessly. When Car and Driver asked about that, GM replied with "No comment." Volkswagen's having the same issues with the Mk8 Golf right now, though, so GM isn't alone, and this will be the new normal among OEMs for a while. What's certifiable is that the new architecture is robust enough to handle 4.5 terabytes of data per hour, which is five times what GM's current wiring can handle. And thanks to Ethernet connections of 100 Mbps, 1 Gbs and 10 Gbs, communication within and without the vehicle happens much faster. The advances mean better screen resolutions, better battery management for hybrids and electric vehicles, the capability for over-the-air updates and "functionality upgrades throughout the lifespan of the vehicle." Cadillac's Super Cruise has already been lined up as a leading candidate for constant improvements in the driving assistance suite, a key part of GM's "vision for a world with zero crashes, zero emissions and zero congestion." And whenever GM decides to take the plunge, it will mean a 48-volt electrical system. More than 300 specialists worked on the digital platform, and security was a huge part of the task. We've already heard that GM consulted with Boeing and military contractors on how to prevent hacking. The carmaker has an internal Product Cybersecurity group that reached out to the research community, and created a "bug bounty" program to crowdsource uncovering any flaws.