'White hat' hackers take control of car systems
Software experts expose security flaws that allow direct access to brakes and steering
Car hacking is not a new field, but its secrets have long been closely guarded. That is about to change, thanks to two well-known computer software hackers who got bored finding bugs in software from Microsoft and Apple.
Charlie Miller and Chris Valasek say they will publish detailed blueprints of techniques for attacking critical systems in the Toyota Prius and Ford Escape in a 100-page white paper, following several months of research they conducted with a grant from the US government.
The two "white hats" - hackers who try to uncover software vulnerabilities before criminals can exploit them - will also release the software they built for hacking the cars at the annual Def Con hacking convention in Las Vegas this week.
They said they devised ways to force a Toyota Prius to brake suddenly at 128 kilometres per hour, jerk its steering wheel, or accelerate the engine.
They also say they can disable the brakes of a Ford Escape travelling at very slow speeds, so that the car keeps moving no matter how hard the driver presses the pedal.
"Imagine what would happen if you were near a crowd," said Valasek, director of security intelligence at consulting firm IOActive, known for finding bugs in Microsoft's Windows software.
But it is not as scary as it may sound at first blush.
The pair of researchers were sitting inside the cars using laptops connected directly to the vehicles' computer networks when they did their work. So they will not be providing information on how to hack remotely into a car network, which is what would typically be needed to launch a real-world attack.
The two say they hope the data they publish will encourage other white-hat hackers to uncover more security flaws in automobiles so they can be fixed.
"I trust the eyes of 100 security researchers more than the eyes that are in Ford and Toyota," said Miller, a Twitter security engineer known for his research on hacking Apple's app store.
Toyota spokesman John Hanson said the company was reviewing the work. He said the carmaker had invested heavily in electronic security, but that bugs remained - as they do in cars of other manufacturers.
"It's entirely possible to do," Hanson said, referring to the newly exposed hacks. "Absolutely we take it seriously."
Ford spokesman Craig Daitch said the company takes seriously the electronic security of its vehicles. He said the fact that Miller's and Valasek's hacking methods required them to be inside the vehicle they were trying to manipulate mitigated the risk.
Miller and Valasek said they did not research remote attacks because that had already been done.
A group of academics described ways to infect cars using Bluetooth systems and wireless networks in 2011.
But unlike Miller and Valasek, the academics have kept the details of their work a closely guarded secret, refusing even to identify the make of the car they hacked.