Are you over 18?
These Guys Hacked a Car and Now They Want to Show You How to Do It Too
Aug 20 2013
The Michael Hastings crash, which some have described as a possible car cyber attack. Screenshot via.
It's been less than a month since hacker extraordinaire Barnaby Jack was found dead in strange circumstances in a flat in San Francisco. The 36-year-old New Zealander's body was discovered by his girlfriend just days before he was due to appear at a conference for Black Hat ("Black Hat" = malicious) hackers. It was rumoured that he was due to give a speech there explaining how to hack into the computer systems that control pacemakers – thus giving people the ability to give other people remote-controlled heart attacks.
Since then, the authorities have been more or less silent on the investigation into Jack's death. Reporters from the IBTimes have tried to glean information from the San Francisco police department, but all of their enquiries have been deferred to the coroner's office, who will only say that it may be "weeks, if not months" before autopsy results are made available. Jack's friends and family have also closed ranks; going silent save for an understandable plea to be allowed to grieve in private, free from media intrusion.
In this information void, various conspiracy theories have percolated, most of which posit the idea that Jack was killed by some branch of the US government that didn't want him to tell the world how to assassinate people by making their hearts explode. (A scenario you may be familiar with from the TV show Homeland.)
All of this carry on – coupled with the strange death of Michael Hastings, the suicide of Aaron Swartz, the trial of Bradley Manning, the exile of Edward Snowden, the arrest of Glenn Greenwald's boyfriend and other high-profile casualties in the War for Information – has not deterred two DARPA researchers from releasing their own findings.
I rang up Charlie Miller and Chris Valasek to ask them why they decided to tell the world how to hack into a Toyota Prius.
Charlie Miller and Chris Valasek pissing about in a hacked car.
VICE: Hey guys. I spoke to Toyota and they didn't seem hugely alarmed by your findings – they said that what you'd managed to do was "foreseeable", but admitted the need to strive to make their "systems more secure".
Chris Valasek: Toyota is really downplaying what we did. They claimed that the project would require us to "dismantle the dashboard", which is not true. The dismantling of the dashboard was for a secondary project.
Okay. So is there stuff going on behind the scenes? Have Toyota offered you both a job?
Chris: [laughs] No, not yet! They don’t seem too happy with us.
Have they been hostile?
Charlie Miller: Not initially. I don’t know if I’d say it’s been hostile, but they’ve certainly been defensive.
Chris: Neither Toyota or Ford specifically asked us to not publish our research, but I don’t think they were elated that we did, either.
Okay. Could you sum up exactly what this project was?
Chris: Sure. Several months ago Charlie and I got a Toyota Prius and a Ford Escape, and we wanted to see what exactly an attacker could do to physically control a car once it had logged on to its computer network. We can steer, accelerate, brake, remove the brake, sound the horn, operate the seatbelts, work the lights… basically, we can remotely control anything that the car does with its computers.
Charlie: A couple of years ago, some research showed that you could do the remote attacks against vehicles. So we’re just trying to follow on from that and see how it applies to different cars with different sorts of features.
Charlie Miller (left) and Chris Valasek (right).
How many people have the capability to do this? Is it just a few select researchers who have the funding?
Chris: Now that we’ve published our tools it’ll be a lot easier to.
I guess so – you only tweeted all the info and tools a few days ago, didn’t you?
Chris: Yeah, we released everything, so it’s literally open; there’s no paywall or anything. The paper, and all of our code, data, scripts, examples and tutorials on how to make all the tools we did physically – it’s all out there. It does take a lot of resources, and I’m sure that some criminal organisations have that sort of money, but I’d rather everyone who has access to a car and our code be able to start looking at things as well.
Charlie: The goal of our research was to make it so other people could carry on this kind of research.
You mentioned that criminals might have the money to do this sort of thing. How do you feel about that?
Charlie: Car hacking in general could be used as a weapon, but without a remote component, our research alone is pretty benign [because, presumably, you wouldn't want to crash a car that you yourself were travelling in].
Could someone come up with a remote control to hack cars with?
Chris: It is certainly a chunk of work, but it's been done and I’m sure we could do it we cared to try.
Charlie: It only takes a single vulnerability to turn our tethered approach into a remote application...
So isn't that kinda dangerous?
I think keeping the problem secret doesn’t actually help keep people safe. Maybe it does in the very, very short term, but in the longer term the best approach is to find the problems and to discuss them and get them fixed, rather than trying to hide them.
Is this possible in every modern car?
Chris: It really depends on what sort of features the car has, but any car that uses its computers to physically control pieces of the automobile is going to be vulnerable.
Okay, thanks very much guys. Take care.
Follow Joseph on Twitter: @josephfcox
More on people hacking things: