Easy-to-use software for our machines - Technology
Easy-to-use software for our machines

Easy-to-use software for our machines

Share This

Seth Rosenblatt / The Parallax

Machines and computers are distinguished for a close friendship between them. Specialized software makes the connection between any function of the machine from the brakes to the wheel and the closing of the doors.
And new models are expected to have cars connected to the Internet. But what are the chances of your car getting hacked?
What harm can your hacker cause? And what have car makers done in this regard?
Manufacturers are doing beyond their obligations but still not enough, says Stefan Savage, a professor at the University of California San Diego who specializes in hacking.
He believes that hacking can endanger drivers and passers-by. It also affects the driver's privacy.
Today's challenge is the rise of the automotive industry at desktop level a few years ago by applying the lessons learned from the latter to the machines.
"It will take us long before we feel secure with these things," he said.

Part of the problem, says Dirdre Mulligan, professor at UC Berkley and director of the University of California at the Law and Technology Center at Berkley, is car software, especially self-guiding cars that are easier to manipulate.
When it comes to securing car software there have been isolated and uncoordinated efforts, Mulligan said during a conversation with Savage and me organized by Usenix and backed by Parallax, New Context, Javelin Research and Avast.
In the center of our conversation was the safety of the interconnected car that made the world's lap in 2015 when two security investigators chased a Jeep Cherokee and disarmed the brakes as they walked 112km / h on the highway.
This chaos prompted Chrysler to attract 1.4 million cars out of circulation. Almost at the same time, hackers at the University of Washington found that General Motors had spent 5 years pulling 4.5 million Chevy Impala traffic due to security problems in the OnStar navigation system.
Last year German hackers managed to disconnect 24 different car models by hacking a key. BMW also exhibited proprietary data and keys on the company's website.

Chinese giant Teen's Keen team hacked a Tesla Model X in 2016 and 2017, exposing proprietary personal data.
There have also been some cases where personal data has been exposed by cheating car sensors with self-steering systems or accidents caused by these systems themselves when switching to manual controls.
Savage says car makers remain behind with improving car safety and one of the reasons is that they do not always build their own car software.
There are hundreds of companies that write software codes and the car maker does not have. Manufacturers try to combine 20 different microprocessors and 15 operating systems, a configuration that changes year-by-year.
Washington-based security researcher Karl Koscher, who had worked on hacking with GM together with Sabage, said hardware and software components are so complex that even manufacturers themselves do not know what's in them.

"When we reported the GM about the problems in the Impala models, they said they did not have firmware components. Even the radio station manufacturer had come out of this business. This shows that manufacturers have no information on what's in their cars and rely on security suppliers, "he said.
Many producers questioned about this event refused to respond. Volkswagen's American division said the company has "very seriously" the car and customer safety work and that the equipment and software are constantly monitored.
General Motors, whom Savage considers to be one of the most cooperative producers, with respect for security threats, told The Parallax that he had changed the security philosophy completely since Savage contacted the company in 2010.

General Motors counts 80-100 employees in its cyber security team and has a "red team" that tends to hack computer systems with the support of CEO Marry Barra and the board of directors.
GM also has a reward program launched in 2016 to attract independent researchers and detect security problems.
Even the company aims to distance itself from the current electronic network in use, CAN, which is not designed to prioritize security.
While all deserves applause, hacking experts say most of the producers are in the slow lane in terms of efforts in this regard.
Roderick Currie, who laid the computer security bases for car systems, says he does not expect real changes until something that affects the pockets of the manufacturers happens.

Manufacturers are not taking the risks seriously.
Every month we see news headlines showing some hacking of computer system protocols in cars. He says one of the main reasons is the use of CAN. "There is no way to secure CAN. I realize it's costly his replacement and what drives the manufacturers to adopt something is just money, "he says. "If they save a few cents they will have to do it with cheaper." Car insurance is not impossible, believes Kathleen Fisher, who heads the computer science department at Tufts University. As a manager of the United States Advanced Defense Projects Agency (DARPA), she initiated and managed HACMS and PPAML programs, which are very useful in processing a hacking code. Fisher says the manufacturers must see the variations of the software she built near DARPA, which she demonstrated through a quadrupter against the red team. "There is a lot to do," she says. "Technology exists, just need will." While software upgrading and adopting best computer security practices are the top priorities of manufacturers, they do not address the ethical dilemmas and the problems that artificial intelligence can bring to autonomous machines. A hacker with few coding skills can cheat on a computer brain or an autonomous drive by making it think that there is a speed limit or stop signal opposite. If we do not discuss these issues today, it will remain for engineers and manufacturers to determine how our cars will behave.

No comments: