WEBVTT - Hack That Auto 0:00:04.200 --> 0:00:11.640 Get in touch with technology with tex Stuff from dot com. 0:00:12.000 --> 0:00:15.320 Hey there, and welcome to tech Stuff. I'm Jonathan Strickland 0:00:15.360 --> 0:00:20.040 and joining me once again despite his incredibly busy schedule. 0:00:20.160 --> 0:00:23.239 Possibly the busiest man at how stuff works dot Com 0:00:23.560 --> 0:00:27.280 Ben Bowling, Oh gosh, hey, thank you for having me back, 0:00:27.360 --> 0:00:31.000 and uh good to talk to everyone here in tech Stuff. 0:00:31.040 --> 0:00:34.000 I do have to say I am, at best the 0:00:34.120 --> 0:00:37.600 second or third busiest man. Uh. The dubious privilege of 0:00:37.640 --> 0:00:40.600 the most busy probably goes to our super producer Noel 0:00:40.640 --> 0:00:46.040 Brown Knowles Knowles pretty darn busy. Matt Frederick also really busy. 0:00:46.120 --> 0:00:49.280 That's true. There's probably maybe five or six people that 0:00:49.320 --> 0:00:51.960 you could all claim are the most busy person at 0:00:51.960 --> 0:00:54.720 health stuff Works, and they would themselves be too exhausted 0:00:54.760 --> 0:00:57.760 to argue the point. But Ben, of course, one of 0:00:57.800 --> 0:01:01.520 the many shows that you are of is car Stuff. 0:01:01.560 --> 0:01:03.720 And when I asked you if you would be interested 0:01:03.760 --> 0:01:06.600 to come back onto tech stuff, and you didn't have 0:01:06.640 --> 0:01:08.520 the heart to tell me. No, I said what would 0:01:08.560 --> 0:01:10.080 you like to talk about? And you came up with 0:01:10.120 --> 0:01:13.039 a ton of different suggestions, which really just means that 0:01:13.040 --> 0:01:15.880 you're eventually going to cover all of them. But today 0:01:15.920 --> 0:01:18.360 we're specifically looking at one of the ones I thought 0:01:18.360 --> 0:01:22.560 was the most interesting, hacking a car. And the reason 0:01:22.600 --> 0:01:25.160 why I think it's really fitting that we do this 0:01:25.240 --> 0:01:29.600 is recently I did an episode with Shannon Morse and 0:01:29.720 --> 0:01:32.560 she is one of the hosts of Hack five, and 0:01:32.600 --> 0:01:36.520 she talks a lot about hacking and coding, including hacking 0:01:36.640 --> 0:01:39.319 electronics and and she said, one of the things you 0:01:39.360 --> 0:01:42.120 really wanted to get more into was the idea of 0:01:42.120 --> 0:01:46.480 hacking vehicles and uh. And so I thought, well, this 0:01:46.520 --> 0:01:48.880 is the perfect opportunity for us to expand on this 0:01:49.040 --> 0:01:52.800 because we introduced it with Shannon's interview, and now we 0:01:52.840 --> 0:01:55.800 can really dive into it and look into it. Now. 0:01:55.800 --> 0:01:59.560 The fact that we're talking about this means that we 0:01:59.640 --> 0:02:05.440 have to you confronts some kind of mythical versions of 0:02:05.480 --> 0:02:11.320 the car hacking lifestyle, because we we've all seen depictions 0:02:11.360 --> 0:02:15.200 of this in various like spy movies or television series. 0:02:15.480 --> 0:02:18.840 So Ben, uh, I know that we've got these great 0:02:18.919 --> 0:02:22.440 notes written down. I want to hear you actually read 0:02:22.520 --> 0:02:27.480 out the opening paragraph, all right, in your most dramatic 0:02:27.560 --> 0:02:31.040 kind of approach. Okay, the old inner world, Yes, okay, 0:02:31.120 --> 0:02:34.840 all right. Now, to be fair, Jonathan I when I 0:02:34.880 --> 0:02:36.880 was writing that, it hit me halfway through that I 0:02:36.960 --> 0:02:40.800 wondered who would which of us would this would fall to? Okay, 0:02:40.880 --> 0:02:45.640 so let's set the scene. Imagine that you're in an 0:02:45.720 --> 0:02:49.320 action film driving on a curving road along the side 0:02:49.320 --> 0:02:53.000 of a cliff, and suddenly the breaks don't work, the 0:02:53.040 --> 0:02:56.360 accelerator jams, and as you careem over the side of 0:02:56.400 --> 0:02:59.320 the road, a voice comes on over your radio saying 0:03:00.080 --> 0:03:04.919 you've made a powerful enemy, old friend. The familiar voice 0:03:04.960 --> 0:03:08.400 over your Bluetooth connection is no doubt making a pun. 0:03:08.520 --> 0:03:11.320 Just as your vehicle, now turned into a jet trap, 0:03:11.680 --> 0:03:15.160 hurdles into the abyss. This being a film, the car 0:03:15.200 --> 0:03:19.679 instantly explodes. I have a nice trip. That's not quite right, 0:03:19.680 --> 0:03:23.240 but you know that's I'm the master of the almost 0:03:23.280 --> 0:03:27.760 but not quite appropriate pun. Um. So yeah, this is 0:03:27.840 --> 0:03:30.480 this is something that I have actually seen in movies where, 0:03:30.800 --> 0:03:33.120 you know, the old version of this would just be 0:03:33.240 --> 0:03:37.160 someone's cut the brake line right. But now cars are 0:03:37.240 --> 0:03:40.600 way more complicated than they used to be, and so 0:03:41.240 --> 0:03:43.680 the question is could this actually happen? Could someone take 0:03:43.720 --> 0:03:48.440 control of your car this way? And it's a little complicated, 0:03:48.760 --> 0:03:53.440 and the answer kind of comes out to maybe, Yeah, 0:03:53.480 --> 0:03:57.880 what do you mean by hacking? Yeah, yeah, So you've 0:03:57.880 --> 0:04:02.200 got a great point in the notes. Cars are increasingly computerized. 0:04:02.200 --> 0:04:05.920 There are more and more electronic systems within cars today. 0:04:06.280 --> 0:04:10.120 So they used to be purely mechanical, right. You had 0:04:10.160 --> 0:04:13.440 an engine that you know, a transmission that would transmit 0:04:13.560 --> 0:04:17.279 the the reciprocal power of the engine into rotational force. 0:04:17.320 --> 0:04:21.560 But the tires, you had breakes, you had steering. It 0:04:21.600 --> 0:04:24.560 wasn't even power steering back in the day. These were 0:04:24.600 --> 0:04:28.960 all mechanical systems right down to the windows. Yeah, so 0:04:29.000 --> 0:04:32.560 you didn't have any sort of electronics. But that's not 0:04:32.640 --> 0:04:36.240 the case anymore. Yeah, those are Now a car is 0:04:36.560 --> 0:04:41.680 more like a series of interconnected digital networks and and 0:04:41.720 --> 0:04:44.200 they could have dozens of computers talking to each other, 0:04:44.600 --> 0:04:48.520 or we call these embedded systems often. And here's the thing, Jonathan, 0:04:48.720 --> 0:04:53.400 their proprietary. So that means that these systems are not 0:04:53.560 --> 0:04:56.320 just plug and play things you could stick into any car, 0:04:56.440 --> 0:04:59.680 a GM car and you know, a Toyota would have 0:04:59.800 --> 0:05:04.560 a different approach. Um, they're also not that smart. Yeah, 0:05:04.600 --> 0:05:06.760 as it turns out, the proprietary thing is both a 0:05:06.800 --> 0:05:09.119 good thing and a bad thing. Now often I say 0:05:09.320 --> 0:05:11.680 I don't like the proprietary approach because I want to 0:05:11.680 --> 0:05:14.560 have the choice as a consumer to be able to 0:05:14.560 --> 0:05:17.720 put together a system. However, I like, I don't want 0:05:17.720 --> 0:05:20.039 to be I don't want to be um, you know, 0:05:20.160 --> 0:05:25.720 beholden to one company's approach, which is why I love 0:05:25.720 --> 0:05:28.600 Apple's design. Don't get me wrong, but I'm not an 0:05:28.600 --> 0:05:31.680 Apple guy because Apple products tend to only work with 0:05:31.760 --> 0:05:35.880 other Apple products, or they they in their best implementation, 0:05:35.960 --> 0:05:38.440 they work with Apple products. And if you try and 0:05:38.480 --> 0:05:41.200 mix and match stuff, things start to fall apart pretty quickly, 0:05:41.560 --> 0:05:44.719 and I like to have more of an open approach. However, 0:05:44.800 --> 0:05:47.839 that being said, the experience I might have with that 0:05:47.880 --> 0:05:50.800 open approach may never get to as good a one 0:05:50.960 --> 0:05:52.599 as I would have if I just broke down and 0:05:52.600 --> 0:05:56.680 bought all the Apple stuff. But the other side of 0:05:56.680 --> 0:05:58.760 that is that with the proprietary approach, and we'll go 0:05:58.800 --> 0:06:01.599 into this more later in the pie cast, uh, it 0:06:01.680 --> 0:06:04.479 means that if you're trying to exploit the system, you 0:06:04.560 --> 0:06:07.760 can't take a one one approach, right. One size does 0:06:07.800 --> 0:06:10.920 not fit all, not a cookie cutter type thing, absolutely, uh, 0:06:11.080 --> 0:06:13.680 and it's not. I guess what we're seeing is that 0:06:13.760 --> 0:06:18.880 it's not as easy to you know hack uh multiple 0:06:19.000 --> 0:06:21.839 cars or control of multiple cars. That will see a 0:06:21.880 --> 0:06:24.720 couple exceptions that rule as it is to you know, 0:06:25.320 --> 0:06:28.480 bot net a bunch of computers right right. You can't. 0:06:28.880 --> 0:06:32.039 You can't build a virus that's going to affect the 0:06:32.240 --> 0:06:34.679 entire fleet of cars out there. But you could write 0:06:34.680 --> 0:06:38.080 a virus that exploits a particular vulnerability and an operating system, 0:06:38.400 --> 0:06:41.279 and then any computer using that unpatched version of the 0:06:41.320 --> 0:06:44.839 operating system would become vulnerable to that attack. So it 0:06:44.960 --> 0:06:47.960 is a little different. It's not the same as uh, 0:06:48.360 --> 0:06:50.840 hacking a computer. And keep in mind, hacking a computer 0:06:51.000 --> 0:06:53.240 is not the same as what you'll see in a movie, 0:06:53.560 --> 0:06:56.000 isn't it. It's not like it's not like that nineties 0:06:56.040 --> 0:06:59.080 film Hackers. We can't just reroute the encryption or or 0:06:59.160 --> 0:07:01.960 the or all all the different versions of hacking where 0:07:02.000 --> 0:07:04.760 they show it as a character like suddenly you're an 0:07:04.760 --> 0:07:08.080 avatar navigating through a maze and you actually encounter like 0:07:08.120 --> 0:07:11.440 floating skull and crossbones and oh no, that's the that's 0:07:11.480 --> 0:07:14.320 the firewall. I need to turn around, And that's not 0:07:14.400 --> 0:07:17.520 what hacking is like. It made so many people's first 0:07:17.520 --> 0:07:21.560 computer experience underwhelming. I've got oh, I've got something. This 0:07:21.560 --> 0:07:23.440 a little bit of a sidebar. Do you know that 0:07:23.440 --> 0:07:26.960 show The Strain? Yes, okay, have you watched it? I haven't. 0:07:27.040 --> 0:07:29.080 It's on my list of things to watch, but I 0:07:29.120 --> 0:07:30.760 haven't watched it yet. All Right, this is the one 0:07:30.760 --> 0:07:33.640 with the virus that goes through the eye, right yeah, yeah, yeah, 0:07:33.720 --> 0:07:38.480 it's a it's sort of a paradipe. Yeah, adaptation to 0:07:38.560 --> 0:07:41.520 parasites science. But this is not really a spoiler because 0:07:41.520 --> 0:07:44.320 it's a side note here one of and I mean 0:07:44.480 --> 0:07:46.559 I say this with love because I've watched the show. 0:07:46.840 --> 0:07:49.480 One of the dumbest things that happens and that show 0:07:49.920 --> 0:07:53.480 is that there's a you know, there's a hacker lady character, 0:07:53.680 --> 0:07:57.000 and she's she's crazy in this This billionaire finds her 0:07:57.120 --> 0:07:59.120 and he wants to pay her an exorbitant amount of 0:07:59.160 --> 0:08:02.760 money to get this slow down the internet. It's like 0:08:03.720 --> 0:08:07.960 she's he says, we need you to slow down the internet, 0:08:08.080 --> 0:08:11.920 and she just goes how slow, Like she has the 0:08:12.000 --> 0:08:14.320 dial to the Internet on her a computer, like, well, 0:08:14.400 --> 0:08:16.840 let me just crank this down to three and now 0:08:17.000 --> 0:08:20.000 now everyone's working on a three speed as opposed to eleven. 0:08:20.080 --> 0:08:22.200 It's exactly that and that doesn't even work in a car, 0:08:22.600 --> 0:08:26.000 just for some perspective for people who want to know 0:08:26.160 --> 0:08:30.080 more examples, You've got a pretty good, pretty comprehensive list 0:08:30.120 --> 0:08:33.520 here of the various different things likely run by a 0:08:33.640 --> 0:08:36.520 computer in the average person's car today. Yeah, you've got 0:08:36.520 --> 0:08:38.720 a lot of different systems that are now electronic and 0:08:38.760 --> 0:08:41.840 no longer mechanical. So here's just some that could be 0:08:41.920 --> 0:08:46.719 connected to a microprocessor. Uh, the engine ignition, fuel injection, 0:08:47.280 --> 0:08:52.119 missions controls, that's a big one, breaking steering, transmission controls, 0:08:52.200 --> 0:08:56.839 collision avoidance systems, they definitely have microprocessors. Heating and air 0:08:56.880 --> 0:09:03.360 conditioning systems, navigation systems, communication systems, entertainment systems, safety and 0:09:03.480 --> 0:09:06.480 security systems. So that would include things like a safety 0:09:06.480 --> 0:09:09.240 system might be anything from again, collision avoidance, that kind 0:09:09.240 --> 0:09:11.439 of thing too. And security systems would be things like 0:09:11.520 --> 0:09:15.040 a car alarm or the safety system might be the 0:09:15.120 --> 0:09:18.200 way a dealership is able to track down a vehicle. 0:09:18.280 --> 0:09:21.520 Let's say that you have reported as stolen vehicle. Some dealerships, 0:09:21.559 --> 0:09:26.600 some car companies include systems that allow wherever you bought 0:09:26.600 --> 0:09:28.920 the car from to be able to find where that 0:09:29.040 --> 0:09:32.400 particular receiver is. Well, that receiver has to be able 0:09:32.400 --> 0:09:35.680 to connect and communicate through a system somehow, So that's 0:09:35.880 --> 0:09:38.040 you know, any time you talk about a system that 0:09:38.120 --> 0:09:41.959 communicates to the outside world, that's a potential invasion vector. 0:09:43.360 --> 0:09:46.560 That's where someone can get at your your car. Because 0:09:46.600 --> 0:09:48.720 a lot of car, like a lot of cars, we 0:09:48.760 --> 0:09:50.720 just look at them as closed systems, and a lot 0:09:50.720 --> 0:09:52.920 of them are. A lot of them are totally closed off, 0:09:53.200 --> 0:09:57.400 which means that your your invasion h vectors are limited. 0:09:57.640 --> 0:09:59.320 And we'll talk more about that in a bit, but 0:09:59.360 --> 0:10:02.600 at any rate, your typical car today has probably around 0:10:02.679 --> 0:10:05.840 one hundred micro processors, and it maybe more, and within 0:10:05.880 --> 0:10:07.840 the next few years that's going to double. We're gonna 0:10:07.840 --> 0:10:10.560 see twice. In fact, I am I imagine a lot 0:10:10.600 --> 0:10:13.439 of the cars that are coming out this year, especially 0:10:13.480 --> 0:10:16.520 the high end luxury cars that tend to feature these systems, 0:10:16.600 --> 0:10:18.920 before we see it rolled out to the general fleet, 0:10:19.640 --> 0:10:23.880 they probably already are around two hundred microprocessors. Uh. In fact, 0:10:23.960 --> 0:10:26.400 this this figure of a hundred microprocessors was in an 0:10:26.480 --> 0:10:28.480 article from two thousand eleven, So it may even be 0:10:28.559 --> 0:10:31.200 that your average car has two hundred by now, um 0:10:31.320 --> 0:10:35.559 and and five miles of wiring to connect all those 0:10:35.600 --> 0:10:37.680 systems are in the car. Yeah, that's one of my 0:10:37.760 --> 0:10:41.120 favorite statistics that you're pulled up and and before we 0:10:41.160 --> 0:10:44.839 go aiming further, now we we already i think did 0:10:44.840 --> 0:10:47.839 an okay job of saying that, uh, what you've see 0:10:47.840 --> 0:10:50.280 in hollywood's on what you've see in real life. But 0:10:50.480 --> 0:10:54.600 we should also say that hacking in the way that 0:10:54.640 --> 0:10:56.760 we're using it, which is a little bit more colloquial, 0:10:57.040 --> 0:11:00.360 hacking is not necessarily something that a fee would do 0:11:00.400 --> 0:11:03.959 to your car. Right. It's not necessarily an invasive technique 0:11:03.960 --> 0:11:07.480 to take over a system. Right. Hacking just means that 0:11:07.559 --> 0:11:12.240 you are using techniques to get a specific result, using 0:11:12.240 --> 0:11:15.120 a system that wasn't necessarily intended to get that result. 0:11:15.440 --> 0:11:18.840 So hackers can be of all shapes and sizes. They 0:11:18.840 --> 0:11:20.880 can have all different types of interest. It doesn't have 0:11:21.000 --> 0:11:23.480 to be a computer. You know, we've seen life hacks, 0:11:23.480 --> 0:11:26.800 this idea of you want to achieve a specific outcome, 0:11:26.920 --> 0:11:29.520 here's a cool way to do that. They're not always 0:11:29.520 --> 0:11:32.600 the most elegant approach. It's not always the cleanest or 0:11:32.679 --> 0:11:35.920 the simplest, but sometimes it's it's one that just works. 0:11:35.960 --> 0:11:37.800 That's the goal of the hacker is to find a 0:11:37.840 --> 0:11:41.359 way of making that outcome happen. So early computer programmers 0:11:41.360 --> 0:11:44.200 were called hackers because they were hacking together code to 0:11:44.320 --> 0:11:48.040 make something happen. And sure they might have used, you know, 0:11:48.160 --> 0:11:50.400 twice as many lines of code then we're what was 0:11:50.559 --> 0:11:52.800 strictly necessary, but they were just trying to get it 0:11:52.840 --> 0:11:56.720 done in the time. Well, hackers with cars might be 0:11:56.760 --> 0:11:59.720 hacking their own vehicles. It might not be in order 0:11:59.760 --> 0:12:03.040 to try and sabotage a vehicle, but rather to change 0:12:03.120 --> 0:12:07.000 the parameters that it can work within. So you might 0:12:07.120 --> 0:12:11.840 want to, I don't know, make remove any limiting factors 0:12:12.320 --> 0:12:15.079 and yeah, governors, things like that to to make your 0:12:15.080 --> 0:12:20.200 car um work with greater horsepower or more torque or 0:12:20.840 --> 0:12:24.559 moving a faster top speed. And there are a lot 0:12:24.600 --> 0:12:26.360 of systems that are in place to limit that kind 0:12:26.360 --> 0:12:29.679 of thing so that a car works within safety parameters, right, 0:12:29.840 --> 0:12:32.600 because once you get beyond that, you start to really 0:12:32.679 --> 0:12:36.520 test the strength of the vehicle and maybe that it 0:12:36.600 --> 0:12:40.040 can't hold up to greater speeds over a certain amount. 0:12:40.080 --> 0:12:42.840 And usually once you'll get as a car company that 0:12:42.920 --> 0:12:45.360 will dial that back to within a safe limit and 0:12:45.400 --> 0:12:47.800 say all right, well here's the maximum and it's well 0:12:47.920 --> 0:12:52.360 below that that real top limit, which same sort of 0:12:52.360 --> 0:12:57.320 thing we see with overclocking with microprocessors. So there are 0:12:57.360 --> 0:12:59.920 some car hackers who will go in and they'll reef 0:13:00.040 --> 0:13:04.120 flash the engine engine control unit or electronic control unit 0:13:04.160 --> 0:13:06.520 that's e c U, and they'll go in and they'll 0:13:06.520 --> 0:13:09.640 reflash it, which means that they will essentially start with 0:13:09.679 --> 0:13:13.160 a clean slate and and um change a few of 0:13:13.200 --> 0:13:17.199 the parameters can be really dangerous. By the way, Yeah, 0:13:17.280 --> 0:13:21.439 we're not we are officially not recommending that you do this, 0:13:21.559 --> 0:13:24.800 although it is interesting. Um and in some ways, I 0:13:24.800 --> 0:13:28.520 think there's a very positive note. Statistically speaking, the person 0:13:28.720 --> 0:13:31.880 most likely to hack your car is you. Yeah, that's 0:13:31.920 --> 0:13:35.880 the best news. But it can be really dangerous or 0:13:35.960 --> 0:13:39.560 at the very least, it can damage your vehicle to 0:13:39.600 --> 0:13:42.320 the point where you can't drive it anymore. Or you 0:13:42.400 --> 0:13:45.040 might do something where you're you're tweaking something in the 0:13:45.040 --> 0:13:48.560 e CU, thinking that you're going to squeeze another fifteen 0:13:48.640 --> 0:13:51.000 miles per hour out of the top speed, but turns 0:13:51.000 --> 0:13:55.120 out instead what you've done is have it honking forever 0:13:55.720 --> 0:13:58.320 and you can't stop it. Uh. And you know this 0:13:58.400 --> 0:14:02.800 sort of stuff obvious avoids, warranties. You know there are 0:14:02.800 --> 0:14:05.440 a lot of issues that if if things go wrong, 0:14:06.160 --> 0:14:09.719 you could be stuck with the bill period. There might 0:14:09.720 --> 0:14:11.920 not be any help for you. You might not be 0:14:12.000 --> 0:14:14.599 able to get it covered by insurance or warranties, that 0:14:14.679 --> 0:14:17.720 kind of thing, and you'll have to walk somewhere to pay. Yeah. Yeah, 0:14:17.760 --> 0:14:21.440 So I've seen pictures of stuff like um uh, like 0:14:21.680 --> 0:14:25.320 the the pistons that you would find within an engine, 0:14:25.400 --> 0:14:30.160 just they're unrecognizable because they had been put through such 0:14:30.280 --> 0:14:32.920 speed and force that it beat them out of the 0:14:33.560 --> 0:14:36.000 shape that they were supposed to be in. So bad 0:14:36.040 --> 0:14:38.000 things can happen if you don't know what you're doing, 0:14:38.120 --> 0:14:40.400 and very few people really know what they're doing, and 0:14:40.440 --> 0:14:41.920 in order to get into work you often have to 0:14:41.920 --> 0:14:45.240 do stuff like tweak the fuel injection system, which you know, 0:14:45.280 --> 0:14:47.520 if you don't know your physics and chemistry, you're not 0:14:47.560 --> 0:14:50.120 going to get that mixed right and you could just 0:14:50.320 --> 0:14:53.520 end up making your vehicle undrivable. And there are people, 0:14:53.560 --> 0:14:56.760 of course, especially in the world of racing, who professionally 0:14:57.320 --> 0:15:00.680 tune cars and to a degree hack them. Sure, but 0:15:00.920 --> 0:15:04.200 keep in mind these are cars that are already built 0:15:04.200 --> 0:15:07.080 for racing. They have a much lower lifespan and they're 0:15:07.120 --> 0:15:10.000 only built to do one thing. Yeah, and you know, 0:15:10.080 --> 0:15:13.200 the real issue we're having here is something that's kind 0:15:13.200 --> 0:15:15.560 of you know, we didn't really mention this in the notes, 0:15:15.640 --> 0:15:18.440 but something that we see throughout the industry, which is 0:15:18.480 --> 0:15:21.520 that cars are getting so complicated with all these different 0:15:21.520 --> 0:15:25.560 electronic systems that even people who are experienced mechanics can 0:15:25.720 --> 0:15:29.840 encounter issues because you've got all these different proprietary systems, 0:15:30.200 --> 0:15:34.240 you've got all these different electronic subsystems within the car, 0:15:34.920 --> 0:15:38.680 and uh, you can't necessarily be an expert on everything 0:15:38.800 --> 0:15:43.120 all the time. So yeah, it's it's tough for everybody 0:15:43.160 --> 0:15:46.160 out there, like it's tough for professional mechanics now too. Yeah, 0:15:46.200 --> 0:15:47.800 that's a really good point. I'm glad you made it 0:15:47.840 --> 0:15:50.800 because this maybe is a little bit of a tangent 0:15:50.840 --> 0:15:53.280 for us. But it is very important to note that, 0:15:53.400 --> 0:15:56.960 just as you said, mechanics, especially mechanics who came up 0:15:57.080 --> 0:15:59.360 under what I guess we would call the old school, 0:15:59.720 --> 0:16:04.880 would ways now are increasingly finding that a higher number 0:16:04.920 --> 0:16:09.600 of repairs require shipping to the manufacturer, which is not 0:16:09.640 --> 0:16:11.480 what you want to hear when your car is broken down. Yeah, 0:16:11.480 --> 0:16:15.120 if you're looking at any vehicle post nineteen. It's got 0:16:15.160 --> 0:16:17.600 a lot of electronic systems in it, that's true, and 0:16:17.640 --> 0:16:20.360 some of those are mandated, right. Yeah. In fact, that 0:16:20.440 --> 0:16:23.400 was one of the reasons why the cars are the 0:16:23.400 --> 0:16:27.240 way they are is because you had states like California 0:16:27.360 --> 0:16:29.640 that had to put in emissions controls. I mean, we've 0:16:29.680 --> 0:16:32.280 all seen the pictures of Los Angeles and the haze, 0:16:32.320 --> 0:16:35.640 the pollution that hangs above the city, and so there 0:16:35.640 --> 0:16:37.760 were there was a lot of incentive to try and 0:16:37.800 --> 0:16:39.440 clean up the air as much as possible. Part of 0:16:39.480 --> 0:16:43.640 that was controlling the emissions made from vehicles. So emission 0:16:43.640 --> 0:16:47.160 control systems and emission detection systems became an important part 0:16:47.200 --> 0:16:50.560 of vehicles within that state, and once people started to 0:16:50.600 --> 0:16:54.120 develop onboard diagnostics systems to make sure that a car 0:16:54.200 --> 0:16:57.840 was working within the right legal limits of emissions, that 0:16:58.160 --> 0:16:59.920 rolled out to the rest of the United States and 0:17:00.000 --> 0:17:04.119 became a requirement for all vehicles. And so a lot 0:17:04.200 --> 0:17:07.800 of these were originally electronic systems that were designed to 0:17:07.880 --> 0:17:12.040 make a particular model of car safer than previous models, 0:17:12.600 --> 0:17:16.640 but because of their proved efficacy, they are now required 0:17:16.880 --> 0:17:19.399 in all vehicles, not just you know, the ones that 0:17:19.480 --> 0:17:22.879 they viewed it. So, uh, Scott and I talked about 0:17:22.920 --> 0:17:28.160 how that is also driving the average price of cars up. Yeah. Yeah, 0:17:28.160 --> 0:17:30.679 but they those those cars are getting more and more sophisticated, 0:17:30.760 --> 0:17:33.160 they also get more and more expensive. But it also 0:17:33.200 --> 0:17:35.600 means that, again, we have more and more systems that 0:17:35.880 --> 0:17:41.199 could potentially be exploited. And by potentially we mean that 0:17:41.320 --> 0:17:44.800 your car could be potentially exploited. By exploited, we mean 0:17:44.880 --> 0:17:49.280 that there is proven research, peer reviewed. These guys went 0:17:49.320 --> 0:17:51.920 to def Con. They're not just they're not just you know, 0:17:52.040 --> 0:17:55.080 like you and mean Jonathan hanging out in a garage 0:17:55.080 --> 0:17:57.560 and saying let's see what we can do. Yeah, they're 0:17:57.560 --> 0:18:02.639 not They're not feorizing, right, They have actually done some 0:18:02.760 --> 0:18:06.760 hacking to see how cars can be vulnerable to different 0:18:06.760 --> 0:18:11.200 types of attacks. And you've got a pair of hackers 0:18:11.280 --> 0:18:13.640 that that I think you want to talk about, right, 0:18:13.680 --> 0:18:17.440 Oh yeah, yeah yeah. These would be Miller and Valisc 0:18:17.520 --> 0:18:19.719 There two of the biggest names in the world of 0:18:19.760 --> 0:18:23.119 car hacking research. Charlie Miller Chris Valisac. I want to 0:18:23.160 --> 0:18:26.080 set this up for a quotation that maybe you could read, 0:18:26.359 --> 0:18:29.359 um Miller is a or was at one time a 0:18:29.400 --> 0:18:33.720 security engineer. Twitter valisc director of Security intelligence at a 0:18:33.800 --> 0:18:41.280 Seattle consultancy called IOActive or IOActive, but they they received 0:18:41.320 --> 0:18:45.400 an eighty thousand dollar grant from DARPA to research security 0:18:45.480 --> 0:18:49.040 vulnerabilities of cars. And I think in this context it's 0:18:49.080 --> 0:18:51.120 helpful to think of them as white hat hackers. Yeah, 0:18:51.160 --> 0:18:55.080 they were specifically hired to say, can you can you 0:18:55.200 --> 0:18:59.440 breach this cars systems and exploit it? Because we need 0:18:59.480 --> 0:19:01.800 to know if that's a possibility, and we need to 0:19:01.800 --> 0:19:05.320 know where the vulnerabilities are. That's definitely a white hat approach. Yes, 0:19:05.440 --> 0:19:08.480 So we've got We've got a quotation from a summary 0:19:08.480 --> 0:19:12.840 of their um groundbreaking two thousand eleven paper that if 0:19:13.480 --> 0:19:16.280 absolutely here we go, I made you do the first one. 0:19:17.320 --> 0:19:20.080 Previous research has shown that it is possible for an 0:19:20.119 --> 0:19:24.240 attacker to get remote code execution on the electronic control 0:19:24.359 --> 0:19:28.960 units ECU in automotive vehicles via various interfaces such as 0:19:28.960 --> 0:19:32.920 the Bluetooth interface and the telematics unit. This paper aims 0:19:32.960 --> 0:19:35.480 to expand on the ideas of what such an attacker 0:19:35.560 --> 0:19:38.760 could do to influence the behavior of the vehicle after 0:19:38.960 --> 0:19:42.240 that type of attack. So here's what they did. I 0:19:42.280 --> 0:19:45.000 know that's in some dry language, but they're talking about 0:19:45.000 --> 0:19:49.719 some frankly frightening stuff. They essentially they built the software 0:19:49.800 --> 0:19:54.680 tools to uh enable a Mac laptop, going back to 0:19:54.760 --> 0:19:58.880 Apple uh and and also back to Independence Day. Yeah, yes, 0:19:59.040 --> 0:20:01.240 you're going to explore way to technology. You need to 0:20:01.320 --> 0:20:04.240 use Apple computer in order to insert the code, right, Yeah, 0:20:04.359 --> 0:20:07.400 just reroute the encryptions. That's a little callback for everybody 0:20:07.400 --> 0:20:11.000 who listen to our previous series. Uh. Yeah. They plugged 0:20:11.040 --> 0:20:15.399 into the diagnostic port of the car, which again, um, 0:20:15.680 --> 0:20:18.600 there's an overwhelming chance, unless you're driving a classic car, 0:20:18.720 --> 0:20:21.199 that you have one of these. Yeah. And and this 0:20:21.320 --> 0:20:23.280 was one of those things that was mandated by law 0:20:23.440 --> 0:20:27.080 because it allows a very quick assessment of how a 0:20:27.160 --> 0:20:31.160 vehicle is performing. Yeah, and they they found because they 0:20:31.160 --> 0:20:34.480 are white hat, they presented their software and their findings. 0:20:34.480 --> 0:20:37.160 They want public and transparent with the two thousand thirteen 0:20:37.280 --> 0:20:40.600 def con, and they wanted other researchers in on this 0:20:40.640 --> 0:20:43.560 game to help find and fix the security flaws before 0:20:44.240 --> 0:20:50.639 hackers or you know, incredibly sophisticated car thieves got to them. Usually, 0:20:50.760 --> 0:20:53.439 like when we talk about malicious hackers, we often use 0:20:53.520 --> 0:20:57.080 the term crackers, as in people who cracked the security 0:20:57.359 --> 0:21:00.480 in order to exploit it. Ah, that's all right, you're 0:21:00.480 --> 0:21:02.240 putting me on the game here. You know, it's just 0:21:02.359 --> 0:21:05.400 one of those one of those terms I rarely bust out. 0:21:05.440 --> 0:21:08.159 But that is in fact one because because hacker does 0:21:08.200 --> 0:21:11.720 not necessarily mean malicious exactly, but it often has portrayed 0:21:11.760 --> 0:21:13.600 such in the media. It's a it's a because it's 0:21:13.600 --> 0:21:15.720 a shorthand way of saying, this person who wants to 0:21:15.720 --> 0:21:24.040 get access to your stuff, this is crucial, this kind 0:21:24.080 --> 0:21:27.720 of information. It's crucial because more and more cars have 0:21:28.000 --> 0:21:32.879 onboard WiFi networks, each of which is to a degree proprietary. Know, 0:21:33.200 --> 0:21:37.720 General Motors has on Star, Toyota's got Safety connect etcetera. Um. 0:21:37.760 --> 0:21:41.040 But of course they are not the only researchers in 0:21:41.080 --> 0:21:42.920 the game, and their methods, which we'll talk about in 0:21:42.960 --> 0:21:46.320 a little bit, are not the only options because if 0:21:46.359 --> 0:21:50.440 you recall earlier, ladies and gentlemen, we talked about an 0:21:50.480 --> 0:21:54.800 exception to the rule of multi car hacking. Yeah, so 0:21:55.800 --> 0:21:58.680 car dealerships. You know, I mentioned the idea of having 0:21:58.760 --> 0:22:01.120 those systems in place you to be able to track 0:22:01.200 --> 0:22:04.400 down a vehicle in case it's been stolen, and this 0:22:04.520 --> 0:22:07.160 is becoming a standard feature in a lot of automobiles. 0:22:07.200 --> 0:22:11.560 These days. In two thousand and ten, Omar Or Ramos Lopez, 0:22:11.640 --> 0:22:15.520 who was a former employee of an Austin card dealership, 0:22:16.160 --> 0:22:20.480 used the vehicle tracking system to get revenge. This is 0:22:20.480 --> 0:22:26.000 where we see a well intentioned system, which is, you know, 0:22:26.080 --> 0:22:29.359 designed to do one thing very well, can sometimes be 0:22:29.520 --> 0:22:34.200 put to misuse by someone who has ulterior motives. Reminds 0:22:34.200 --> 0:22:35.680 me of a lot of discussions I've had about the 0:22:35.760 --> 0:22:39.800 n s A. Your your your intentions may have been pure, 0:22:39.960 --> 0:22:42.880 but you've built a tool that humans use, and humans 0:22:42.920 --> 0:22:48.920 have some pretty base desires occasionally. So the system allowed 0:22:49.040 --> 0:22:52.320 the dealer to send wireless reminders about the linquent payments 0:22:52.400 --> 0:22:56.760 to customers and also allowed this particular ex employee to 0:22:56.880 --> 0:23:02.080