[LINK] Killer robots and military ethics

stephen at melbpc.org.au stephen at melbpc.org.au
Fri Jul 19 04:52:59 AEST 2013 

BRD notes,

> Who is responsible for its actions?


Opposition defense-hackers, soon enough?

Obviously, hacking control of autonomous weapons will become a priority.

May tend to limit the destructiveness (eg, nuclear) of such weapons anyway

And, who knows what hackers might be getting up to next ..

$25 gadget lets hackers seize control of a car

Updated 17:52 17 July 2013 by Paul Marks
http://www.newscientist.com/article/mg21929266.500-25-gadget-lets-hackers-
seize-control-of-a-car.html#

After journalist Michael Hastings's death, there were rumours that his car 
had been hacked. Now two researchers say they can do it for real

IN THE early hours of 18 June, a Mercedes coupé travelling at extremely 
high speed along a Los Angeles street smashed into a palm tree. It exploded 
into flames, killing the driver; the impact ejected the engine 50 metres 
clear of the car. 

Was it an accident? Or was the car hacked, allowing it to be driven off the 
road by remote control?

The very idea might sound crazy – but it's one that Richard Clarke, a 
former counterterrorism adviser to the US National Security Council, has 
raised after the driver was identified as Rolling Stone journalist Michael 
Hastings. Known for his revealing articles on the US military and its 
intelligence agencies, Hastings had emailed colleagues the day before he 
died to say that he was going "off the radar for a bit" to chase down a 
"big story".

"What evidence is available publicly is consistent with a car cyberattack," 
says Clarke in a Huffington Post interview. Intelligence agencies, he says, 
can remotely seize control of a car to make it accelerate wildly or brake 
suddenly, for instance.

Clarke cited research, carried out for the US National Academy of Sciences, 
showing that "connected cars" – equipped with built-in cellular technology 
used by dashboard apps and engine-monitoring software – can be hacked 
remotely. But proof that it could be done in practice has been lacking.

That looks set to change on 27 July, when Spanish engineers Javier Vázquez 
Vidal and Alberto Garcia Illera will give a demonstration at the Black Hat 
security conference in Las Vegas, Nevada. They have built a $25 device that 
lets them bypass security in a car's electronic control unit.

The brains of a modern car, the ECU is a computer that controls engine 
power, transmission and braking. Mechanics can diagnose faults by plugging 
a laptop into it via standard wired connectors such as the CAN bus. 

Alternatively, remote diagnostics and software updates can take place over 
a cellular network, as happens with services such as General Motors' OnStar 
and Mercedes-Benz's Mbrace.

Vázquez Vidal and Garcia Illera will show how their device – which they 
claim uses a $1 chip to break encryption – can read from and write data to 
the flash memory of commonly used ECUs, made by Bosch of Germany. In this 
way, they can get more horsepower out of a car, or tell it to burn less 
fuel. 

"And it would take no time to gain total control over a vehicle – deploying 
an airbag, activating the brakes, or immobilising a car at any moment," 
says Vázquez Vidal.

How they have done this is unclear. "My best guess is that they have 
managed to put the ECU into an unencrypted test state, possibly by playing 
around with power-up sequences," says Peter Highton, a senior engineer with 
Freescale Semiconductor in Aylesbury, UK, which makes ECU microchips for 
racing cars as well as ordinary vehicles.

For security, connected cars should use encryption, but Highton says 
carmakers are only just coming to terms with it. "Until as recently as five 
years ago, data on the CAN bus of most cars was unencrypted, and so could 
be intercepted and altered."

Whatever the causes of Michael Hastings's crash, the need to make cars 
secure against hacking will only become more acute. The next version of 
Vázquez Vidal and Garcia Illera's device won't even need plugging in to the 
target car. "I am already working on a wireless version," Vázquez Vidal 
says.

Message sent using MelbPC WebMail Server

More information about the Link mailing list