the entertainment system should have zero access to anything that controls the movement of the car. androidauto apps can’t implement self driving functions either. if it’s possible, the car manufacturer was incredibly irresponsible and needs to be sued into oblivion. see, the actual problem is not that irresponsible users could implement “self driving apps”, but that the entertainment system lacks any real security, is filled with vulnerabilities, and often even have remote access capabilities with bluetooth/wifi/cellular, and bad actors could load malware wirelessly that would kill the passengers and whoever else on the road.
Not only is is possible, there are many CAN bus attacks from the entertainment system I’ve seen over the years. That, along with your noted remote attacks makes modern cars a nightmare. It doesn’t help that manufacturers cheap out on basic protections to save a few bucks (see the Hyundai boys and the lack of an installed engine interlock).
One would hope. But given we’ve seen CAN bus attacks over basic radios, I wish I could say I was confident they’ve taken those basic precautions. Car hacking is one of those topics that can keep you up at night when you think about how lax some manufacturers are to save a buck.
Lacking government regulation in the largest markets, proper separation will never be enforced, because it isn’t to the manufacturers’ benefits. And that probably isn’t going to happen until hacked infotainment systems kill enough people to draw attention, unfortunately.
the entertainment system should have zero access to anything that controls the movement of the car. androidauto apps can’t implement self driving functions either. if it’s possible, the car manufacturer was incredibly irresponsible and needs to be sued into oblivion. see, the actual problem is not that irresponsible users could implement “self driving apps”, but that the entertainment system lacks any real security, is filled with vulnerabilities, and often even have remote access capabilities with bluetooth/wifi/cellular, and bad actors could load malware wirelessly that would kill the passengers and whoever else on the road.
Not only is is possible, there are many CAN bus attacks from the entertainment system I’ve seen over the years. That, along with your noted remote attacks makes modern cars a nightmare. It doesn’t help that manufacturers cheap out on basic protections to save a few bucks (see the Hyundai boys and the lack of an installed engine interlock).
yeah, unfortunately. but do androidauto apps have access to the CAN bus? I would at least hope that this platform would not grant access to it
One would hope. But given we’ve seen CAN bus attacks over basic radios, I wish I could say I was confident they’ve taken those basic precautions. Car hacking is one of those topics that can keep you up at night when you think about how lax some manufacturers are to save a buck.
Lacking government regulation in the largest markets, proper separation will never be enforced, because it isn’t to the manufacturers’ benefits. And that probably isn’t going to happen until hacked infotainment systems kill enough people to draw attention, unfortunately.