Am 24.07.2015 um 20:22 schrieb Don Y:> "We don't need to reinforce the doors to the cockpit and provide > DURABLE locks.I'll have to ask you to refrain from using that particular argument. Earlier this year in the Alps, 150 people, including an entire class from a school not to far from here, died in a plane crash _enabled_ by exactly those: reinforced door and a durable lock to the cockpit. The reason was that the cockpit door prevented all attempts to stop a suicidal co-pilot from taking down the plane and everyone on board.
Semi-OT: Hackers Remotely Kill a Jeep on the Highway
Started by ●July 21, 2015
Reply by ●July 24, 20152015-07-24
Reply by ●July 26, 20152015-07-26
On Tue, 21 Jul 2015 19:28:05 +0000, Rob Gaddi wrote:> Relevant to many of us: > http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway > > "Uconnect, an Internet-connected computer feature in hundreds of > thousands of Fiat Chrysler cars, SUVs, and trucks, controls the > vehicle’s entertainment and navigation, enables phone calls, and even > offers a Wi-Fi hot spot. [ ... ] So the discussion topic for all of us > engineers is: whose job should it > be to stop this sort of nonsense from occurring. Ideally there'd be > some sort of government standards dictating what security measures need > to be taken, but practically government's understanding of technology > occasionally covers the toaster. Is it each of our jobs to call stop > the presses when we something so blatantly stupid, and refuse at the > expense of our jobs to work on a security flawed project?Here it is. So you could start your car from your smart phone, etc. (comp.risks): ================================== Date: Tue, 21 Jul 2015 13:03:21 -0700 From: Lauren Weinstein <lauren@vortex.com> Subject: Fiat Chrysler "connected car" bug lets hackers take over Jeep remotely http://arstechnica.com/security/2015/07/fiat-chrysler-connected-car-bug- lets-hackers-take-over-jeep-remotely/ Uconnect, a "connected car" system sold in a number of vehicles produced by Fiat Chrysler for the US market, uses the Sprint cellular network to connect to the Internet and allows owners to interact with their vehicle over their smartphone--performing tasks like remote engine start, obtaining the location of the vehicle via GPS, and activating anti-theft features. But vulnerabilities in Uconnect, which Fiat Chrysler has issued a patch for, made it possible for an attacker to scan Sprint's cellular network for Uconnect-equipped vehicles, obtaining their location and vehicle identification information. Miller and Valasek demonstrated that they could then attack the systems within the car via the IP address of the vehicle, allowing them to turn the engine of the car off, turn the brakes on or off, remotely activate the windshield wipers, and take control of the vehicle's information display and entertainment system. Miller and Valasek also found that they could take remote control of the steering of their test vehicle, the aforementioned Jeep Cherokee--but only while it was in reverse. Thinking about what hackers will do to *autonomous* vehicles.
