In Brief

Car hackers: vehicle security flaws are 'likely to kill someone'

Hackers discover software flaws that could let people take control of vehicles via the web

Computer hacker

Car hackers in the US have demonstrated their ability to take control of a vehicle, including its brakes, steering, engine, radio and air conditioning and said that they will publish a how-to guide on the internet next month.

The hackers, Charlie Miller and Chris Valasek, proved that they could take control of core functions of a Jeep Cherokee to Wired journalist Andy Greenberg.

In the test, the hackers disabled the journalist's accelerator as he drove along a highway, nearly causing an accident with an articulated lorry.

The hackers also demonstrated their ability to remotely control the car's entertainment system, blaring hip hop at full volume, and its climate control system, by blasting cold air into the cabin. They also cut the Jeep's brakes, causing the journalist to careen into a ditch.

Miller and Valasek's hacks on the Jeep were designed to show the flaws in Chrysler's Uconnect internet-connected computer feature, which is installed in hundreds of thousands of Fiat Chrysler cars, trucks and SUVs around the world.

"From an attacker's perspective, it's a super nice vulnerability," Miller says.

Miller and Valasek have been working with Chrysler for months to help the company improve its systems, but have now gone public with the hack and say that they will release part of the code at the Black Hat security conference in Las Vegas next month.

In a statement, Chrysler criticised the decision, saying: "We appreciate the contributions of cyber security advocates to augment the industry's understanding of potential vulnerabilities. However, we caution advocates that in the pursuit of improved public safety they [do] not, in fact, compromise public safety."

The hackers responded that their information release is warranted because it allows their techniques to be tested through peer review.

The publication also "sends a message", Wired says. "Automakers need to be held accountable for their vehicles' digital security."

Miller points out: "If consumers don't realise this is an issue, they should, and they should start complaining to carmakers. This might be the kind of software bug most likely to kill someone."

According to Wired, legislation designed to protect drivers and their passengers from hackers may well follow. US senators Ed Markey and Richard Blumenthal intend to introduce a security bill to set new digital security standards for both cars and trucks.

Recommended

The arguments for and against universal chargers
Phone charger cables
Pros and cons

The arguments for and against universal chargers

Clinical injustice, wireless power and pandas
A nurse with a vaccine
Podcast

Clinical injustice, wireless power and pandas

Facebook: is it ‘monetising misery’?
Facebook co-founder and CEO Mark Zuckerberg
Why we’re talking about . . .

Facebook: is it ‘monetising misery’?

Peloton checks in to hotels and health clubs for future growth 
Peloton exercise bikes
In Focus

Peloton checks in to hotels and health clubs for future growth 

Popular articles

Doctor says we should not sleep naked because of flatulent spraying
The feet of a person sleeping in a bed
Tall Tales

Doctor says we should not sleep naked because of flatulent spraying

Penguins ‘might be aliens’
Penguins
Tall Tales

Penguins ‘might be aliens’

The man tasked with putting a price on 9/11’s lost lives
Kenneth Feinberg at a Congressional hearing
Profile

The man tasked with putting a price on 9/11’s lost lives

The Week Footer Banner