Always strive to learn something useful. --Sophocles

Stomping on the brakes of a 3,500-pound Ford Escape that refuses to stop–or even slow down–produces a unique feeling of anxiety. In this case it also produces a deep groaning sound, like an angry water buffalo bellowing somewhere under the SUV's chassis. The more I pound the pedal, the louder the groan gets–along with the delighted cackling of the two hackers sitting behind me in the backseat. Luckily, all of this is happening at less than 5mph. So the Escape merely plows into a stand of 6-foot-high weeds growing in the abandoned parking lot of a South Bend, Ind. strip mall that Charlie Miller and Chris Valasek have chosen as the testing grounds for the day's experiments, a few of which are shown in the video below. (When Miller discovered the brake-disabling trick, he wasn't so lucky: The soccer-mom mobile barreled through his garage, crushing his lawn mower and inflicting $150 worth of damage to the rear wall.) The duo plans to release their findings and the attack software they developed at the hacker conference Defcon in Las Vegas next month–the better, they say, to help other researchers find and fix the auto industry's security problems before malicious hackers get under the hoods of unsuspecting drivers."

I doubt anyone is surprised. If it's a computer, chances are that eventually it will be hacked. Disabling the brakes? Not good. And I believe it's Infiniti is developing a car that has drive-by-wire steering, where the steering wheel is not physically coupled to the front wheels, which means a computer is translating your input (turning the steering wheel) into orders to turn the wheels.

Ford is a little unique in that they have an interface to their car's computer systems that people are allowed to tap in to, someone developed a vibrating shifter for manual transmissions that tells you when to shift, intended for people who are new to stick-shifts. Supposedly this is port doesn't let you in to a modifiable portion of the computer, but still....

http://tech.slashdot.org/story/13/07/25/1732257/hackers-reveal-nasty-new-car-attacks


In other DefCon news, a hack was demonstrated that easily and totally bypassed Volkswagon's security systems, making it really easy to steal their cars and with leaving no trace, giving the insurance companies a potential out by saying there was no evidence of theft. Volkswagon sued in court to keep the information from being disclosed at DefCon and surprisingly won, so they're going to get a little bit of time to cover their butts before more information on this hack gets in to the wild.

Built by two security experts to demonstrate that it is not difficult to intercept phone calls and that the GSM technical body did a really bad job of implementing security. It contains a cellular system capable of spoofing an actual tower, so you can trick AT&T and T-Mobile phones to connect through it and it can listen in directly, plus it will route the call to the ground so the target(s) might never know they've been intercepted. It has a tiny linux computer onboard with 340,000,000 word dictionary for brute-forcing passwords. And 11 antennas. And it's electric, so it would be pretty much silent when operating.

It's going to be shown at the DefCon conference in Las Vegas next week, I really would like to go to that one of these years.

http://blogs.forbes.com/andygreenberg/2011/07/28/flying-drone-can-crack-wifi-networks-snoop-on-cell-phones/

http://it.slashdot.org/story/11/07/29/1338253/Hackers-Flying-Drone-Now-Eavesdrops-On-GSM-Phones