Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Comment You just have to deal with it (Score 2) 373

If you want a modern car, you're just going to have to accept that right now, they're all full of closed-source, black-box computer stuff. Short of going to work for the manufacturer and signing an NDA, you're never going to be able to get access to the inner workings of these things. The unfortunate truth is that these manufacturers are adding features without incorporating security from the very beginning, in an effort to have more bells and whistles than the other guys. They're getting better about security, but they still have a lot to learn.

The good news is that most of these hacks are at least somewhat mitigated. The Jeep one seems the worst, as it worked over a cellular connection from seemingly anywhere, to get into the infotainment system, and then jump to the car's actual controls from there. Chrysler was able to make some change to their network that (partially?) stopped the attack even if the individual cars were still technically vulnerable. The OnStar hack was a MITM between the mobile app and the OnStar website (due to not verifying the cert); it resulted in being able to do things to the car, but wasn't actually a vulnerability in the car itself. Most of the previous hacks require physically connecting to the OBD2 port in the car. As was stated in related posting, just as with computers, if the bad guy can break into your car and install a dongle, you're pretty much screwed anyway. Just like installing only necessary packages on a server to minimize its attack surface, you can also skip unnecessary vehicle options to reduce the chance of a vuln (though you may have varying levels of success getting a car with exactly what you want and nothing you don't).

We need these hackers to keep pointing out these flaws until the manufacturers fix them (and hopefully completely avoid the same mistake in the future). For now, it's still fairly early in the cycle with lots of learning being done. We need more isolation between the vital control systems and the trivial entertainment junk to completely remove the possibility of something like a USB stick being able to take over your engine, but for the most part these vulns are still rather limited in their application, due to the inherent limitations of actually getting linked up to your car's systems. I'm afraid it might get worse before it gets better, but at least these things seem to be getting addressed by the manufacturers, rather than just covered up.

Comment Re:When the Man In the Middle is You (Score 1) 54

Thanks, that's a much better article. Knowing that this is a Wi-Fi MITM attack greatly reduces the impact, at least for people like me. I'm sure it's very easy for less knowledgeable folks to stumble onto a rogue AP, but I'm not too worried about that with my own personal setup.

I'm still a bit surprised that just opening the app triggers a login (where OwnStar can steal the credentials). As I said, none of the displayed status information updates automatically; if you're going to log me in, why not at least show me current details in the app?

Kamkar’s shown that if a hacker can plant a cheap, homemade Wi-Fi hotspot device somewhere on the car’s body—such as under a bumper or its chassis—to capture commands sent from the user’s smartphone, the results for vulnerable vehicle owners could range from nasty pranks to privacy breaches to actual theft.

That seems like one of the worst places to do this. Due to the phone-internet link, server processing time, and VZW CDMA OnStar connection, the app is rather pokey. Other than possibly showing a curious person how it works or after locking my keys in the car, I would never bother to use RemoteLink if I was already at the car. You need to be where the phone/app is, which is probably not where the car is - that's the whole point of remote access features.

Comment Re:When the Man In the Middle is You (Score 1) 54

Yeah I'm not convinced... I don't see anything in the video that appears to be anything other than the normal functionality of the RemoteLink app by an authorized user. All of the functions listed (remote start, vehicle location, etc) are all normal functions of the app. Under normal use, the app will ask for a PIN for any command with security repercussions, and further commands in the same session will not require a PIN. I'd be very interested to know whether this "hack" is somehow capturing that PIN, or whether this is nothing more than a replay attack. Could be nothing more than copying the current login session from one phone to another...

Also, the remote-start thing is way overhyped. Remote starting a Chevy Volt does nothing more than turn on the A/C. You can't actually start the car and drive away without pressing the Power button, at which point the vehicle will look for and interrogate a valid key fob.

The biggest question I have so far is how he's managing to intercept the data stream between the RemoteLink app and GM. Presumably it communicates via HTTP (though one would hope HTTPS) I doubt that little box is intercepting 3G/4G cellular data, so I suspect that this is only possible via an insecure WiFi connection.

I agree, the video doesn't really prove anything. It simply looks like he's using the app normally. I could make an identical video with my own Volt. I assume he's actually doing what he claims, but the lack of detail in the video means it isn't actually proof of anything.

The SIM800L seen in his device is a quad-band GSM module. He also has a Raspberry Pi and a RTL8187L wireless NIC in there. It seems like it's a MITM attack between the app and OnStar's servers, but the GSM module makes me think he might be generating cellular packets to send directly to the target vehicle. The app doesn't even automatically refresh the displayed vehicle status info just by opening the app, so it doesn't seem like simply opening the app would trigger an OnStar-to-vehicle cellular connection that he could take advantage of.

I suppose it could be for intercepting the app's traffic over a cellular connection, but it seems like breaking into that data stream would be more complex than hijacking a Wi-Fi connection (though I admittedly don't know too much about data over cellular connections). It looks like all of the iPhones that are in use are on VZW cellular connections (the screenshot of the map is on Wi-Fi).

Maybe it's just to give the OwnStar cellular connection ability to report the target vehicle info to him from anywhere? That seems a bit excessive for a PoC for local testing, but I guess if he's taking it to DefCon, he would want it to work there.

If he is doing something with a direct cellular connection, it's somewhat mitigated by the fact that '14 and older models use VZW CDMA for OnStar service, while '15 and newer models have switched to AT&T. I'm sure it wouldn't be too hard to use a different cellular radio in the OwnStar, but it does make the target vehicles somewhat heterogeneous.

Comment Re:When the Man In the Middle is You (Score 1) 54

Crazy that the phone is not just some kind of passthrough ,but instead somewhere in he binary contains enough rights to do anything it likes with your car... the device must be just convincing the app that OnStar said it was OK to use it's unlimited powers to unlock the car and start the engine or whatever.

On the other hand, perhaps that ALSO means the attack cannot work with any arbitrary car, but only with an instance of an app you have already paired to your car so it was given the right credentials? If so it's a much less serious attack than it would seem at first.

The real issue would be, if a rooted Android or iPhone device could have the car-specific credentials scraped, to use at a later time with thier own OnStar app.

The app/phone doesn't communicate directly with the car. The app communicates with the OnStar service via the Internet (you have the same functionality from their website), which then sends commands to the car via cellular data (previously VZW, switched to ATT for '15 with all the new LTE Wi-Fi hotspot stuff).

Comment Re:Please explain (Score 1) 158

As others have said, I have a pile of old cell phones. I currently have 6 iPhones of various vintage in my possession. I also have a few other modern-ish cell phones and tablets as cheap gadgets to play with. I'm sure I have older phones around here too (got some Nextels somewhere...), but I'm not sure on quantity or capability. My car has GPS. I also have a neat little GPS-powered digital speedometer HUD that I bought for my motorcycle.

I'm pretty sure I'm still under 15, but somewhere around a dozen. How many of those get regular use? Just one - my current iPhone. Waze on my phone is better than my car's GPS, the motorcycle's windshield is at a bad angle for the HUD, and the other phones/tablets were just cheap toys to try things out on.

Comment Re:Pull the disk (Score 1) 466

So use the old machine to power the drive up if you don't have the power connector for it. Like a jumper cable. Open the old machine and set it next to the new one. USB adapter to the new computer, power from the old. The old computer will just sit there failing to find a boot drive, and you don't have to open the new one up. An adapter as suggested is the best way to go.

How do you suggest getting the old machine's power flowing through the 44-pin connector on the USB adapter?

On desktop drives with separate connectors, it's a great plan. It doesn't really work on a laptop drive with a single combined connector though.

Comment Worked for me (Score 1) 466

This looks nearly identical to the one I bundled with a HDD for a few bucks back in '09. It has worked great for me on many occasions. As stated, it might have problems if the HDD is especially power-hungry (check its label for power stats), but I expect it will most likely solve your problem pretty quickly, easily, and cheaply. On top of that, it's a good tool to have around for a variety of tasks related to working on random hard drives.

Comment I bought one (Score 1) 330

I picked up a Samsung UN65FH6001F in a 2013 Black Friday deal at Best Buy for under $1,000. It's very simple as far as current TV features go, but it's a great screen if you don't need 50 inputs and 200 apps on your TV.

I think the trend is to make every TV "smart" because it costs them little to nothing to put the existing "smart" chip in the TV, and it gives them more features to list on the box. Worst case scenario, they figure people simply won't use it if they don't want it. I expect the dumb TVs to become harder and harder to find, but you might still find the occasional gem out there. Mine was a BB-specific model, and wasn't even on Samsung's site at first (had to submit a ticket to get them to add it to even register the warranty).

Comment Re:Verizon's Device Unlocking Policy (Score 1) 100

Postpay Device Unlocking Policy: We do not lock most phones or tablets that are activated with our postpay service, either during or after the term of your service contract or Edge installment sales agreement. We do not lock our 4G LTE devices, and no code is needed to program them for use with another carrier. We do not lock our 3G devices, other than our non-iPhone Global Ready 3G phones, and the simple code to program such 3G devices for use with another carrier is either “000000” or “123456.” If the user guide for your device does not provide instructions to access the programming menu, you can contact us at *611 from your Verizon Wireless phone, or (800)922-0204, for assistance.

This is a flat-out lie! I had Verizon through my job and the process of getting my iPhone 5 off their network was an absolute NIGHTMARE! Verizon claimed my phone's hardware was locked to their network and could not be released. I tried to explain to them that cell phones are cell phones. The only company that has a hardware lock is the company who created it; in my case Apple. I told them I should be able to take my phone to any carrier. After 3 hours dealing with their shenanigans I left angry and bitter and my phone still on their network. On a whim I visited an AT&T Store and one of the more knowledge staff was able to help me make the switch. All he did was replace the Verizon SIMM card with an AT&T SIMM card and it worked. To say that Verizon lied to me is an understatement.

The rep you talked to may or may not have lied to you, either intentionally or through ignorance.

We do not lock our 4G LTE devices, and no code is needed to program them for use with another carrier.

However, that line right there covers your situation. The VZW iPhone 5 isn't locked, and will therefore accept a different carrier's SIM. A simple Google search would've shown you this.

However, they use different LTE bands, so you won't get access to AT&T's LTE coverage with the VZW version of the phone.

Comment Check the dates (Score 1) 331

1/22/2015 @ 9:00AM
To fix its business problems and speed up its “transformation,” next week about 26 percent of IBM’s employees will be getting phone calls from their managers.

Updated on Jan. 27 with comment from IBM after fifth paragraph and on Jan. 26 at bottom of post.

1/26/2015 @ 5:42PM
How IBM Is Likely To Spin This Week's Force Reduction

Another source told me the plan was to give the people notice before January 28th so they would be off the books by the end of February - one month.

So the original article is from two weeks ago, and the followup is from last week. Shouldn't all this have already happened by now? I realize that part of the story is that IBM is using certain labels and methods to keep things on the down low, but it seems like we should've heard something more concrete by now if IBM really is getting rid of a quarter of their employees.

Comment ... and that has nothing to do with Waze (Score 1) 468

So characterizing this as a "stalking app" sounds like a huge overreach. Could individual officers not drop off the tracking radar when actually necessary? As when they are undercover or staking out a scene or person?

Mild understatement of the year right there. This is a traffic app where users can report a stationary police officer (speed trap, accident scene, etc.) to make other users aware of the police presence. I'm sure it does cause some speeders to slow down near speed traps when they would otherwise get caught. However, it also causes people to slow down around accidents and just generally be more aware of hazards around them while driving.

Waze has no ability to track individual officers, or do any sort of realtime tracking of police. The app does a decent job (being crowd-sourced, it's only as good as its input) of alerting drivers to police cars stopped on or near roadways, and that's it.

Comment Re:FUD (Score 1) 468

You seem to have missed some news stories.

NYPD Cop Killer Used App to Track Police Movements Since Early December

NYPD Cop killer Ismaaiyl Brinsley was using a traffic app called Waze to track law enforcement's movements, NYC Alerts tweeted on Monday. According to an available screenshot, Brinsley was tracking two officers who were almost 4 miles away from him in Staten Island at 10:44 PM EST since the beginning of December.

Except that, as already stated, Waze doesn't track police. It only supports reporting a parked police car (or any other object/hazard). You could over time collect and analyze data from the reported police locations to determine when and where they tend to be, but that's well beyond the capability of the app alone, and still isn't even "tracking" in the sense implied in the article. The very next sentence after your quote even mentions this:

He thanks a friend of his on Instagram for pointing out the app is not "updated in real time" so it’s not that "reliable."

Voluntary, user-submitted, stationary reports in a traffic app are a far cry from realtime stalking ability. is a copy of the data that the app uses. The app shows when the item was reported and how many times another user verified the info (as shown in the article's screenshot), but there's essentially no detailed info in the report, as you can see. From one of the links in that article (

It is not clear whether Brinsley used the WAZE application as a police location tool for the murders or simply as the application is intended to be used.

There is no way that Waze could be used to track the two officers in the way the article implies, without another Waze user standing next to the officers making new reports as frequently as is required to meet the definition of "realtime".

Comment Re:Touch screens in vechicles = bad idea (Score 1) 123

I recently test drove a Chevy Volt. I was very excited about this car and its technology. But then I tried to turn on the climate control. Way too much touch screen interaction is required to do anything. If not for the touch screen, I might have bought the car, but now I won't even consider it.

I recently bought a Chevy Volt, and agree 100%. The climate control stuff is nearly all on the touchscreen. Instead of turning a knob or moving a lever, I have to hit a button to bring up the climate control screen, then find and touch the desired spot on the screen. The same goes for radio and other miscellaneous controls - I have to hit a button, then muck around with different points on the screen.

To make things even worse, the "physical" buttons on the console aren't actually buttons, but touch-sensitive points. There are some bumps under some of the buttons to help you locate them, but they're all identical and brushing your hand across the surface results in activating all the buttons. With traditional controls, you can feel around until you find the button/knob you need, then activate it. With this, you have to explicitly look at the console to make sure you're not inadvertently touching the wrong spot (and hope you don't hit a bump as you're trying to activate one, as you're more limited in where you can rest your hand for bracing). And somehow they manage to dynamically make the button you want to push very insensitive, while cranking up the sensitivity on all others around it.

Comment Re:Already illegal (Score 1) 256,4668,7-277--339774--,00.html

“This bill does not, as some have claimed, prevent auto manufacturers from selling automobiles directly to consumers at retail in Michigan – because this is already prohibited under Michigan law,” Snyder said in a letter to lawmakers that accompanies the signed bill.

I think it's stupid, but at least it sounds like existing stupidity rather than additional stupidity. For me, the Volt I just bought is a better fit (pure EV for common driving, but the ability to run off gasoline for longer trips), but I'd love to see Tesla gain popularity. I think it will spur innovation from multiple manufacturers and help get a better charging infrastructure built up (hopefully they standardize on a universal charger setup).

"Necessity is the mother of invention" is a silly proverb. "Necessity is the mother of futile dodges" is much nearer the truth. -- Alfred North Whitehead