[LINK] Killer robots and military ethics
stephen at melbpc.org.au
stephen at melbpc.org.au
Fri Jul 19 04:52:59 AEST 2013
BRD notes,
> Who is responsible for its actions?
Opposition defense-hackers, soon enough?
Obviously, hacking control of autonomous weapons will become a priority.
May tend to limit the destructiveness (eg, nuclear) of such weapons anyway
And, who knows what hackers might be getting up to next ..
$25 gadget lets hackers seize control of a car
Updated 17:52 17 July 2013 by Paul Marks
http://www.newscientist.com/article/mg21929266.500-25-gadget-lets-hackers-
seize-control-of-a-car.html#
After journalist Michael Hastings's death, there were rumours that his car
had been hacked. Now two researchers say they can do it for real
IN THE early hours of 18 June, a Mercedes coupé travelling at extremely
high speed along a Los Angeles street smashed into a palm tree. It exploded
into flames, killing the driver; the impact ejected the engine 50 metres
clear of the car.
Was it an accident? Or was the car hacked, allowing it to be driven off the
road by remote control?
The very idea might sound crazy but it's one that Richard Clarke, a
former counterterrorism adviser to the US National Security Council, has
raised after the driver was identified as Rolling Stone journalist Michael
Hastings. Known for his revealing articles on the US military and its
intelligence agencies, Hastings had emailed colleagues the day before he
died to say that he was going "off the radar for a bit" to chase down a
"big story".
"What evidence is available publicly is consistent with a car cyberattack,"
says Clarke in a Huffington Post interview. Intelligence agencies, he says,
can remotely seize control of a car to make it accelerate wildly or brake
suddenly, for instance.
Clarke cited research, carried out for the US National Academy of Sciences,
showing that "connected cars" equipped with built-in cellular technology
used by dashboard apps and engine-monitoring software can be hacked
remotely. But proof that it could be done in practice has been lacking.
That looks set to change on 27 July, when Spanish engineers Javier Vázquez
Vidal and Alberto Garcia Illera will give a demonstration at the Black Hat
security conference in Las Vegas, Nevada. They have built a $25 device that
lets them bypass security in a car's electronic control unit.
The brains of a modern car, the ECU is a computer that controls engine
power, transmission and braking. Mechanics can diagnose faults by plugging
a laptop into it via standard wired connectors such as the CAN bus.
Alternatively, remote diagnostics and software updates can take place over
a cellular network, as happens with services such as General Motors' OnStar
and Mercedes-Benz's Mbrace.
Vázquez Vidal and Garcia Illera will show how their device which they
claim uses a $1 chip to break encryption can read from and write data to
the flash memory of commonly used ECUs, made by Bosch of Germany. In this
way, they can get more horsepower out of a car, or tell it to burn less
fuel.
"And it would take no time to gain total control over a vehicle deploying
an airbag, activating the brakes, or immobilising a car at any moment,"
says Vázquez Vidal.
How they have done this is unclear. "My best guess is that they have
managed to put the ECU into an unencrypted test state, possibly by playing
around with power-up sequences," says Peter Highton, a senior engineer with
Freescale Semiconductor in Aylesbury, UK, which makes ECU microchips for
racing cars as well as ordinary vehicles.
For security, connected cars should use encryption, but Highton says
carmakers are only just coming to terms with it. "Until as recently as five
years ago, data on the CAN bus of most cars was unencrypted, and so could
be intercepted and altered."
Whatever the causes of Michael Hastings's crash, the need to make cars
secure against hacking will only become more acute. The next version of
Vázquez Vidal and Garcia Illera's device won't even need plugging in to the
target car. "I am already working on a wireless version," Vázquez Vidal
says.
Message sent using MelbPC WebMail Server
More information about the Link
mailing list