{"id":365,"date":"2016-08-15T11:11:46","date_gmt":"2016-08-15T11:11:46","guid":{"rendered":"https:\/\/eset-blog.aist.fun\/car-hacking-defcon-style\/"},"modified":"2019-05-29T12:35:09","modified_gmt":"2019-05-29T12:35:09","slug":"car-hacking-defcon-style","status":"publish","type":"post","link":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/","title":{"rendered":"Car hacking: Defcon style"},"content":{"rendered":"<p class=\"wls-paragraph\">This year at Defcon, the car hacking village is bigger than ever, with more cars, car hacking adapters and giant snarls of tiny exposed wires tied to demo stations with car parts screwed to plywood stands than ever before. It\u2019s car hacking 101 here, and class is in full force.<\/p>\n<p class=\"wls-paragraph\">The first thing you notice is the tools are getting better. They\u2019re simpler, easier to buy, and they even have a car hacking badge you can buy that is sort of shaped like a car and has an <a href=\"https:\/\/en.wikipedia.org\/wiki\/On-board_diagnostics\" target=\"_blank\" rel=\"noopener noreferrer\">ODB-II<\/a> interface on one end (those sold our pretty fast) in case you want to dig in.<\/p>\n<p class=\"wls-paragraph\">And lots of folks do \u2013 this place is packed. Last year there was a smattering of workstations and a somewhat smaller snarl of wires \u2013&nbsp;not so this year.<\/p>\n<p class=\"wls-paragraph\">This year the automotive sophistication is increasing, but only a little. Basically most critical messages that your car digests to run its critical systems are in a plain, unencrypted form that are digested by default and then run the part of your car they\u2019re responsible for. Except for a couple of mobile systems like the odometer, much of the rest of the car has the \u201cimplicit availability\u201d model baked in, meaning the modules will almost always listen and act, but do very little to determine if the message is legitimate.<\/p>\n<p class=\"wls-paragraph\">But the car folks have at least started to notice the legitimacy issue in a sort of formal way, drafting up some secure car specs they hope will eventually find their way into real cars. For now it\u2019s just a design goal. If you bought a car today, it doesn\u2019t have this. If you already have a car, it <em>really<\/em> doesn\u2019t have this, or anything close.<\/p>\n<p><span class=\"block_quote_right\">\u201cTHE PROBLEM IS THAT SECURITY COSTS MONEY AND THE CAR FOLKS ARE HYPER SENSITIVE TO INCREASING PRODUCTION COSTS.\u201d<\/span><\/p>\n<p class=\"wls-paragraph\">The problem is that security costs money&nbsp;and the car folks are hyper sensitive to increasing production costs. On your home router you feel like if it costs less than $50, you don\u2019t care. Car manufacturers would care about $50 per car. A lot. Multiply every dollar spent by a million units and you start to understand.<\/p>\n<p class=\"wls-paragraph\">The good news is that authentication <em>can<\/em> be handled in software, it\u2019s just that as of yet, it hasn\u2019t been in large-scale production. So this means the costs can (eventually) be low, once the non-recoverable expense of designing and implementing the system has been recovered. Even then, seemingly simple changes or additions to a car are ridiculously expensive to implement. This is because cars, in general, have different design goals than more traditional electronic doodads.<\/p>\n<p class=\"wls-paragraph\">Consider how upset you\u2019d be if your $50 router failed. Hint: Not very. How about if you\u2019re $50,000 full-size SUV failed while carrying your kids to school. Very unhappy. Like lawsuit unhappy. So while car companies have taken heat for not being earlier to the game, there is an implicit expectation for the devices they produce to basically last forever, whereas you\u2019d be happy if your router lasted more than a couple of years.<\/p>\n<p class=\"wls-paragraph\">Still, if you were a cybersecurity expert who knows a lot about the nuts and bolts of cars, you\u2019d basically have guaranteed employment unless you did something grossly inappropriate \u2013 and maybe even then. Automotive security isn\u2019t going away. Neither are the prognostications of automotive gloom and doom. But the industry is making progress. We hope next year at Defcon there will be even more folks trying to figure out how to secure the platform and share constructively with the auto industry so we\u2019ll all be safe.<\/p>\n<p>Source: <a href=\"http:\/\/www.welivesecurity.com\">WeLiveSecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This year at Defcon, the car hacking village is bigger than ever, with more cars, car hacking adapters and giant snarls of tiny exposed wires tied to demo stations with car parts screwed to plywood stands than ever before. It\u2019s car hacking 101 here, and class is in full force. The first thing you notice<\/p>\n","protected":false},"author":5,"featured_media":1705,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[163],"tags":[],"class_list":["post-365","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-opinion"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.2 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Car hacking: Defcon style - ESET Eesti Blogi<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Car hacking: Defcon style\" \/>\n<meta property=\"og:description\" content=\"This year at Defcon, the car hacking village is bigger than ever, with more cars, car hacking adapters and giant snarls of tiny exposed wires tied to demo stations with car parts screwed to plywood stands than ever before. It\u2019s car hacking 101 here, and class is in full force. The first thing you notice\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/\" \/>\n<meta property=\"og:site_name\" content=\"ESET Eesti Blogi\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/antiviirus\" \/>\n<meta property=\"article:published_time\" content=\"2016-08-15T11:11:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-05-29T12:35:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/Chesky-623x410.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"623\" \/>\n\t<meta property=\"og:image:height\" content=\"410\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"ESET Blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ESET Blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/\"},\"author\":{\"name\":\"ESET Blog\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\"},\"headline\":\"Car hacking: Defcon style\",\"datePublished\":\"2016-08-15T11:11:46+00:00\",\"dateModified\":\"2019-05-29T12:35:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/\"},\"wordCount\":617,\"image\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/Chesky-623x410.jpg\",\"articleSection\":[\"opinion\"],\"inLanguage\":\"en-US\",\"copyrightYear\":\"2016\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/\",\"name\":\"Car hacking: Defcon style - ESET Eesti Blogi\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/Chesky-623x410.jpg\",\"datePublished\":\"2016-08-15T11:11:46+00:00\",\"dateModified\":\"2019-05-29T12:35:09+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/Chesky-623x410.jpg\",\"contentUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/Chesky-623x410.jpg\",\"width\":623,\"height\":410},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Car hacking: Defcon style\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/\",\"name\":\"ESET Eesti Blogi\",\"description\":\"Uudised IT maailmast\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\",\"name\":\"ESET Blog\",\"sameAs\":[\"http:\\\/\\\/eset.ee\"],\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/author\\\/allankinsigo\\\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2016\\\/08\\\/15\\\/car-hacking-defcon-style\\\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"ESET EESTI\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Car hacking: Defcon style - ESET Eesti Blogi","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/","og_locale":"en_US","og_type":"article","og_title":"Car hacking: Defcon style","og_description":"This year at Defcon, the car hacking village is bigger than ever, with more cars, car hacking adapters and giant snarls of tiny exposed wires tied to demo stations with car parts screwed to plywood stands than ever before. It\u2019s car hacking 101 here, and class is in full force. The first thing you notice","og_url":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/","og_site_name":"ESET Eesti Blogi","article_publisher":"http:\/\/www.facebook.com\/antiviirus","article_published_time":"2016-08-15T11:11:46+00:00","article_modified_time":"2019-05-29T12:35:09+00:00","og_image":[{"width":623,"height":410,"url":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/Chesky-623x410.jpg","type":"image\/jpeg"}],"author":"ESET Blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"ESET Blog","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/#article","isPartOf":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/"},"author":{"name":"ESET Blog","@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88"},"headline":"Car hacking: Defcon style","datePublished":"2016-08-15T11:11:46+00:00","dateModified":"2019-05-29T12:35:09+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/"},"wordCount":617,"image":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/Chesky-623x410.jpg","articleSection":["opinion"],"inLanguage":"en-US","copyrightYear":"2016","copyrightHolder":{"@id":"https:\/\/blog.eset.ee\/et\/#organization"}},{"@type":"WebPage","@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/","url":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/","name":"Car hacking: Defcon style - ESET Eesti Blogi","isPartOf":{"@id":"https:\/\/blog.eset.ee\/et\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/#primaryimage"},"image":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/Chesky-623x410.jpg","datePublished":"2016-08-15T11:11:46+00:00","dateModified":"2019-05-29T12:35:09+00:00","author":{"@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88"},"breadcrumb":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/#primaryimage","url":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/Chesky-623x410.jpg","contentUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/Chesky-623x410.jpg","width":623,"height":410},{"@type":"BreadcrumbList","@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.eset.ee\/et\/en\/"},{"@type":"ListItem","position":2,"name":"Car hacking: Defcon style"}]},{"@type":"WebSite","@id":"https:\/\/blog.eset.ee\/et\/en\/#website","url":"https:\/\/blog.eset.ee\/et\/en\/","name":"ESET Eesti Blogi","description":"Uudised IT maailmast","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.eset.ee\/et\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88","name":"ESET Blog","sameAs":["http:\/\/eset.ee"],"url":"https:\/\/blog.eset.ee\/et\/en\/author\/allankinsigo\/"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.eset.ee\/et\/en\/2016\/08\/15\/car-hacking-defcon-style\/#local-main-organization-logo","url":"","contentUrl":"","caption":"ESET EESTI"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/365","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/comments?post=365"}],"version-history":[{"count":0,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/365\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media\/1705"}],"wp:attachment":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media?parent=365"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/categories?post=365"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/tags?post=365"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}