Hello, Veeky Forums

Hello, Veeky Forums.

Miata and RX7 fag here.

In light of Wikileak's Vault 7 release that reveals that the CIA can and does hack modern drive by wire cars, I need to dump my daily driver sedan and replace it with an older model that cannot be taken over remotely.

Basically, it must have a physical linkage throttle control, the brake pedal must directly actuate the brake master, and the steering must not be computer controlled. I know most early 2000s and pretty much all '90s cars will feature all of these.

What should I look into?

Other urls found in this thread:

en.wikipedia.org/wiki/CAN_bus
youtube.com/watch?v=oqe6S6m73Zw
youtube.com/watch?v=54jQ7ut3FBA
en.wikipedia.org/wiki/Vehicle_bus#Protocols
en.wikipedia.org/wiki/MOST_Bus
youtu.be/OobLb1McxnI
twitter.com/NSFWRedditGif

Civic for 3K

dang gotta like tin foil retards like yourself

buy a Cavalier

>Brake by wire
That scares me.

>Strong suspicions have been around for years
>Suspicions confirmed and proven in today's Wikileaks release
"Hurr, durr, tinfoil retard"

you are a tinfoil retard

no doubt about it

I'm not sure I understand the throttle by wire issue... are you not able to shift into neutral if something goes wrong?

have car that can be hacked because drive by throttle and steering

lmao when its hacked and i just drop it to neutral because physical manual transmission

The CIA only fucks with people that try to fuck with their drug operations. Just mind you own business citizen and no harm will come to you.

It's not that you're a tinfoil idiot for thinking that the MIB can do these things - you're a tinfoil hat wearer because you think they'd target you. You're not important, and your google searches are what every 16 year old like you does.
Source: I work for the CIA

>tinfag

Car:
>throttle cable
>brake works without car running
>power steering deactivated
>no ESP
>I´ll deactivate ABS ASAP
Bike:
>carburated
>primitive ignition
>mechanical drum brakes
>no ABS

I think I´m save.

...

>xd if u have nothing to hide u have nothing to fear!!1
this is a /b/-tier argument and you know it

kys

alpha biker

>Basically, it must have a physical linkage throttle control, the brake pedal must directly actuate the brake master, and the steering must not be computer controlled. I know most early 2000s and pretty much all '90s cars will feature all of these.

Wait, I thought all braking systems by law couldn't be fly-by-wire (electronic). Isn't everything just a direct hydraulic linkage between brake pedal and master cylinder? And then an ABS modulator sits between the calipers and the MC.

>deactivates ABS
>dies hitting big deer in the rain

Least you won't get JFK'd

We don´t realy have deers where I live and driving without ABS isn´t even hard, you just have to pulse your braking when you loose traction.

I think you're right but there's electronic brake force distribution and all the syncing with the stability control systems.

From the other thread:
>Anything with a manual transmission mated to a carbureted 12v Cummins with a mechanical fuel pump and fixed fan. As long as you park at the top of a steep enough hill, you don't even need a starter, alternator, or battery.
With all this interest, maybe I should go into business making unhackable cars with pneumatic starters.

How are they getting in to the ECU to do all this? I can see it being possible if there was some kind of GPS involved.

>Source: I work for the CIA

ae86

A. There's many modules on modern cars, not one ECU
B. The modules that control safety things like steering, brakes, and airbags do not receive inputs from the modules connected to wifi/4g/etc.

I said this in the other thread and I'm sure there will be many more: you can't "hack" a car just because it has by wire steering assist/brakes/etc. just like someone who hacks your computer can't turn your faucet on because it's not connected. What someone can do is just cut your brake lines which takes a second.

>B. The modules that control safety things like steering, brakes, and airbags do not receive inputs from the modules connected to wifi/4g/etc.
Is that the case on modern multiplexed cars?

Probably through the diagnostic port or with wifi/bluetooth/usb/whatever in cars with infotainment systems. Don't ask me why the CD player has to talk to the transmission controller, but they do.

> engine overrevs and destroys itself

good going dumbass

>carbureted 12v Cummins
>carbureted diesel
10/10

Better a dead engine than a dead me.

Yes

>through the diagnostic part
Warning, your car can get hacked, all they have to do is break into it and plug something into the can breakout!
>Don't ask me why the CD player has to talk to the transmission controller, but they do.
On what car?

Not in my car.
DIN-Slot masterrace!

Most newer cars have the Infotainment system integrated in the CAN-bus architecture.
Sometimes they can sho fuel consumption or whatever.

> I went through the guard rail into a ravine but at least my revs didn't go over the redline

>Someone breaks into your car, installs a $5 wireless diagnostic device into the diagnostic port, and uses it to lock you out of the steering in the freeway, causing you to crash and die in what looks like a freak accident
>But they would never do this because it's immoral to break into someone's car

>going into neutral
>engine over revs

more like
>go into neutral
>car goes bang bang bang off the limiter like max respec without damaging anything because REV LIMITER

>not dropping it into second and using the friction of exploding bearings to slow you down

They will be on separate CAN lines. The infotainment/body control may receive info from drivetrain controllers but they aren't sending any commands in the other direction. Let's say something like the steering module was not on a private CAN, and accepted messages from the infotainment module, even in this case you couldn't do something like steer the car even if you had remote access to the infotainment module because there are no commands to send, the steering module won't understand for lack of a better word. You would have to write completely new firmware onto both modules, somehow load it on without it being detected and have the vehicle work normally until you were ready to do your CIA assassination. The CIA would have to understand how the car was programmed close to as well the people who designed it, which I just don't believe they have the capability of

Protip: no one cares about your shitbox on the internet either

They could break in the car and removed the steering wheel nut, or the brake pedal pushrod, or really do any number of things that are possible and easy on any car made in the last 200 years. And no, you could not just lock out steering through the OBD2 port. Not only do you not understand how a car works, you are missing the point, this nonsense thread is concerning remote hacking. If someone just wanted to sabotage a car they can already do that easily, they don't because chances are they will get caught.

...

CAN is a BUS system, everything conected to it can communicate with anything else.
en.wikipedia.org/wiki/CAN_bus

I like talking on the bus too

Do you really think you are going to tell me something I don't know and link the wikipedia article on it? Modern cars have many CAN circuits, not just one. If they only had one then any module having a problem would bring the whole thing down, plus there would be way too many messages going through. Safety things like airbags are on their own CAN. And no, not anything can communicate even on their own circuit, because a module has to be programmed to send a specific messages, and another has to be programmed to receive a specific message, and obviously there are security measures in any modern car to prevent CAN signals being injected. Think of CAN like a language, a module can't talk to another module unless they speak the same language.

>obviously there are security measures in any modern car to prevent CAN signals being injected

FCA products excepted of course

ESP systems and some ABS units can self-pressurize without any pedal input.

Electronic parking brakes could be used to force a stop as well.

Yeah, because if they disconnected your brake pedal you wouldn't notice that your brakes don't work until you're going 70 miles per hour on the freeway.

Except the whole point of computer hacking is finding unanticipated ways to gain elevated execution privileges. Even if two systems have no way to control each other, the fact that they communicate opens the door for things like buffer overflow attacks. I don't know how they supposedly hacked these cars so I can't walk you through it, but networked computer systems are never *entirely* safe. And once you come up with a functioning crack, there's hundreds of thousands of vehicles that will always be vulnerable to it because cars rarely get any sort of software update.

That whole story was extremely dubious, with the way they explained it it made no sense, how are they going to find the supposed IP, from the VIN?

>Even if two systems have no way to control each other, the fact that they communicate opens the door for things like buffer overflow attacks.
Overflowing what? There's already a system of priority build into CAN messages, and even if a CAN is overloaded (which happens from bad modules time to time) there are failsafes built in, otherwise if a rat chewed threw a CAN wire the car would crash, but of course that isn't how cars are designed. Also, just because one CAN can communicate with another doesn't even necessarily mean it's also through CAN, often it will be through LIN or 5v signal which can't send the kind of information to do anything (example, airbag module sends 5v signal to infotainment if it has a problem to turn the airbag light on the instrument cluster, no 1s and 0s, it's functioning as a switch). I can tell you have 0 idea how CAN works on a car, why are you trying to tell me anything about it?

They are already developing an electronic clutch that will replace the hydraulic ones.

youtube.com/watch?v=oqe6S6m73Zw

This plus car connection to internet = Poo poo

>They are already developing an electronic clutch that will replace the hydraulic ones.
Whoever is developing it is in for a harsh surprise, seeing as they've been around since 1997

So you're saying that no module ever stores data it received from another module? That seems highly unlikely to me.

What? Where did you get that from? Why don't you go read about how it works instead of making uninformed, useless posts over and over.

>loose
Considering you can't spell "lose" correctly I'm pretty certain you're fucked.

But is it a prototype or can it be installed in cars right away?

The Ferrari F1? It's been installed in thousands of cars, so has the Lamborghini E Gear and BMW's SMG, all of which have an electronically controlled conventional clutch

My point is that if you're storing transmitted data, you're exposing yourself to attacks that manipulate that data in ways that have unforeseeable consequences. A rowhammer attack, for example, repeatedly writes data to an accessible memory row in order to flip bits in an adjacent inaccessible row. Flip the right bits and you can grant execution privileges to data stored in the buffer.

I get that there's layers of isolation and security designed to prevent stuff like this from happening, but once again, nothing is ever completely safe. It's just a matter of being creative and approaching problems from unintuitive angles.

And, you know, spending every waking hour beating your head against a wall until you (hopefully) eventually find a hole.

From what I understand onstar systems can be used to remotely track and disable any vehicle equipped with it. It may not be a solid yank on the wheel into the ditch, but loosing power brakes and power steering at 80mph on a hill would still be a shock.

>loosing
kill yourself you inbred fuck

I already touched on that earlier.
It is possible to manipulate CAN. But in order to do so you would need to-
Figure out how all the modules work in a certain model of car (not impossible, but would be a shitton of work). Gain remote access to the car
How would you even find out this info? You have someone's name, let's assume you somehow obtain the VIN of their car (which you would either need to do physically or get into a franchised dealerships records). Then you would need to access the manufacturers data for the wireless info. You would need to break through all of their security to gain access to the car. Then you would have to write firmware to flash to every module, load it without being detected, now what? The vehicle isn't sending out live date of every CAN signal, unless you had the car in sight you couldn't orchestrate an "attack." This is why I think the Chrysler "hack" story was bullshit. They may have had a security problem but even if they completely fucked up 2 or 3 obvious things every other manufacturer does someone would still need to have physical contact with the car at some point. If someone could even get into a modern cars wireless and inject signals into it then hacking a cell phone would be trivially easy.

I'd really only consider cars made in the past few years susceptible to remote hacking with the introduction of the all in one systems that control everything from steering feel and throttle response, to dampers and brakes.

I wonder how vulnerable something like a tesla is since basically everything interfaces through that big ass touch screen in the center console.

>nothing to hide, nothing to fear, fellow cucks

>systems that control everything from steering feel and throttle response, to dampers and brakes.
Doesn't exist

>everything interfaces through that big ass touch screen in the center console.
No, it doesn't

Are you living in the 90's?

You are apparently if you think any type of "all in one system" controls any car.
>but there's a big screen in the middle, that must mean it's the cars brain
There is 0 difference between the implementation of Teslas screen vs 50 switches going to a body control module in any other luxury car. The car isn't controlled by the screen in any way.

You don't need to hack shit when the manufacturers put fucking backdoors in the systems for the intel agencies in the first fucking place...

The difference is, the control module and info systems including Bluetooth are connected together through the main screen interface which is a vulnerability. I don't doubt tesla did in house pentesting but that doesn't mean it's not vulnerable. No system is completely secure.

Of anyone cared enough about hacking into cars it would be more common, but there's more money and fame elsewhere so nobody gives a shit right now.

Miata
Is
Always
The
Answer

SPEED CAR
SPEED CAR
A
E
EIGHTY-SIX

No chance this is happening. Every model from every manufacturer is made by many different teams of engineers. Nobody is going to sneak in and add some secret code because
A. very few people know how the entire car operates, only small parts (engineering side)
B. you couldn't hide it from the engineers that do
C. there are thousands of models of cars so thousands of people would know about this secret conspiracy
D. a mechanic would either find it when it failed or find out about it after a wreck
And all this, tens of thousands of man hours, people being let in on a grand conspiracy, for what, to assassinate someone with their own Lincoln? No

>The difference is, the control module and info systems including Bluetooth are connected together through the main screen interface
No, they aren't, again, it's no different than an array of switches. Just because you see a big screen doesn't mean it's a big computer that is doing anything different than a module in any other car.


Why do people who have 0 idea how something works feel the need to opine on it on the internet?

>tripfag responding to a bunch of shitposting trolls

what a dumb fuckin thread

Nope. The Toyota Prius for example has a drive by wire braking system. The brake pedal is connected to a pressure tank that simulates the feel of a traditional brake boosted pedal. The master cylinder is not physically connected in any way. In fact, a total electronics failure would result in a total loss of braking, were it not for a backup bank of capacitors mounted in the trunk area that are designed to power the brake system for a time if a total electrical failure occurs.

Lol no.

You can't 'hack' any system on a car without having to make physical modifications to the vehicle. At most this would probably just be a mild inconvenience to the driver that would be easy to fix once the driver noticed the literal malware that has been added on to the car. "Drive by wire" isn't even a great way to describe electronic systems on cars. More accurately all "drive by wire" systems are just electronic actuation assistance as opposed to purely mechanical actuation assistance systems. In other words if the electronic assistance fails there are still mechanical means that allow the car to work perfectly fine, although the effort required from the operator will probably increase.

You could only car you can really 'hack' are self-driving car as there is a computer doing processing tasks there. If you burrowed into that you could make it do anything.

>TLDR
At worst a hacker could make your steering very heavy and 1:1, run like it needs a tune up, make the ABS turn on every time you hit your brakes, and make your dashboard light up like a Christmas tree.

They could engage the brakes on a single wheel using the ESP or ABS systems, steer against you in cars with actual steer-by-wire with a vestigial mechanical backup like the Q50 or in cars that have self driving or self parking abilities and possibly others with EPS, they could lock the throttle open with cars with throttle by wire or that use VVL instead of a butterfly, and they could blow up your engine if they got access to your fuel maps.

I'm not saying anyone has ever actually managed to do any of these things, but claiming that it could never ever happen is retarded.

its not about sneaking in and adding code, its about finding exploits in current systems and using them to their advantage. Also you would be very surprised as to how many pieces of software actually do have backdoors. The thing is your reasoning is flawed, a ECM engineer for a car company most likely isn't writing a magic control panel for steering the wheels or controlling the gas, but rather they leave in code for debugging and testing purposes and it gets enable/usable through zero day exploits. This happens constantly in the software world, backdoors are pretty much always done for maintenance/testing and organizations like the CIA spend all of their time probing software for these back doors/straight up try to bribe the guy who made it.
You're severely over-estimating how complicated the computers that run your car are. Everything is connected at the main ECM and if you can gain root access (being able to execute your own code) then you can do whatever you want to the car depending on how the car is set up. People have already done it before and wired and vice have made videos of joe smoes doing it, I don't know why you think is would be so hard for a government organization with limitless money to do it.


Why do people who have zero idea how something works feel the need to opine it on the internet while being a tripfagging faggot

>brake by wire
Does that even exist? Hydraulic with vacuum assistance, and abs modular can be used for stability control

>No, it doesn't
youtube.com/watch?v=54jQ7ut3FBA
Yes it does, and if some dude can just plug in an oscilloscope and start reading data from the tesla, you can bet your ass that a team of crack engineers from the CIA/NSA could intercept and send their own data to the car.
Now while sure it might take a physical presence to hook into the car if they can't find a way in from the GPS/wifi/radio/ect. it can still be done.

To cars with 4G connectivity
So vehicles built in the last few years

I´m not from a enlish speaking country, so I might spell some words wrong.

You need power to lift the fuel shutoff plunger off its seat if it's the Bosch VE rotary carburetor. You can always take the shut-off apart and remove the plunger but then you'll be stuck using the mechanical stop on the side of the carb.

You could as well use a electric one, that is only activated with a mechanical switch.
You can´t hack a switch and copper wire.

Just use the same pneumatic system that would be spinning up the engine.

>4G
that should be on the LIN bus
and unable to mess with the CAN bus
en.wikipedia.org/wiki/Vehicle_bus#Protocols

...And how are you supposed to get to a safe place after that? Ask the CIA hit squad nicely?

nvm
en.wikipedia.org/wiki/MOST_Bus

jeez you tinfoil retards really are paranoid

can someone please answer OP's question

Look at the sticky.
Most older cars indeed have that.

>On what car?
Some radio/CD players adjust volume based upon driving speed to overcome road noise.

>buying a Tesla
>Ever.

What if your car's computer systems have no wireless connection to the outside world?

Unless you drive a 90s/early 2000s car without remote keys that is not the case.
But if there is no wireless comunication at all, you should be save unless there would be a hidden reciver anywhere.

That's the idea. No onboard wi-fi or any of that bullshit, no in-car phone, and bluetooth only on the head unit which is not connected to the car's other computers at all.

>head unit which is not connected to the car's other computers at all.
Sadly that is not the case in modern cars.
youtu.be/OobLb1McxnI

Yeah I meant putting in my own, so I know it's a separate system.

With all ABS systems I am familiar with engage universally there is no way to only engage ABS on a single wheel unless you were to change the hardware of the system.Like I said they could really 'hack' only be able to do thing to cars with self driving abilities. If they lock the throttle wide open it is fast enough to move the transmission to neutral or engage the clutch both of which are fail safes that exist in case of a throttle failure.

I highly doubt they would be able to blow up your engine by messing with the fuel settings unless you made some really stupid modifications to your car. Normal car engines don't have that kind of compression ratio and are mechanically restrained from operating at those kind of stresses. At worst you could fuel starve or flood the engine.

Plus as I mentioned before all of this is only possible with there being installed hardware on the vehicle as all systems are closed systems with no communication with the outside world. If a car had On Star or something similar it would be possible to access a few cursory features but that is only because GM has installed those remote features at their factories in case you lock yourself out of your car.

No trolling, genuinley curious:

>> 2002 VW
>> ECU
>> Central door lock
>> E-gas
>> OBD2 interface (nothing plugged in)
>> No bluetooth
>> No wifi
>> Hydr. steering
>> Hydr. brakes


Is hacking a car via its radio antenna a thing or tinfoil stuff?

>People post their entire life online for the world to see.
>What the fuck?! Why are people looking at me?!

Confirmed for CIA
>knows about every car build, the process and the people behind and garanties that none have a potentiel security flaw even modern cars with a bunch of software
Yeah... I'll keep my tinfoil on.

probably tinfag shit