Gordon And Mike's ICT Podcast
Perspectives on Technology and Education from Gordon F. Snyder, Jr. & Mike Qaissaunee

Hacking Car Anti-collision Systems, August 28, 2016

A group of researchers presenting at this month’s Def Con hacker conference showed how they were able to trick Tesla's sophisticated anti-collision sensors to make a car hit an object it would normally detect in its path.

Before we start on the cars – you went to Def Con this year Mike – how was it?

So let’s get to the cars now – who did this research?

The group consisted of Chen Yan, a PhD student at Zhejiang University, Jianhao Liu, a senior security consultant at Qihoo 360, and Wenyuan Xu, a professor at Zhejiang University and The University of South Carolina.

So can you give a quicker overview of what they did?

They discovered methods for "quieting" sensors to diminish or hide obstacles in a car's path, "spoofing" them to make an object appear farther or closer than it actually is, and jamming, which, Yan said, renders the sensor useless as it's "overwhelmed by noise."

Could this be done now? I mean, if someone is driving a Tesla or any other car with this kind of sensor technology, should they be concerned?

It's important to note that the demonstration was a proof-of-concept that did not mimic real-world conditions today. Researchers were working on cars that were usually stationary with what was sometimes very expensive equipment. They noted that the "sky wasn't falling."

But the experiment suggests that theoretically, a few years from now, somebody could make a device that could jam certain sensors in a nearby car.

Can you talk about these sensors a little more?

There are a number of sensors on a Tesla Model S that are used for a variety of functions. It has radar to detect objects in front of it, GPS for location tracking, and cameras to detect speed limit signs and lane markings, for example. As the talk showed, many of these things can be tricked by a determined attacker.

Is it just Tesla people need to be concerned about?

Much of their presentation focused on the Tesla Model S, but they also successfully jammed sensors on cars from Audi, Volkswagen, and Ford.

So what kinds of systems were they jamming?

Cars with ultrasonic sensors

Cars with parking assistance

The Tesla Model S with self-parking and summon

Let’s talk a little more about what they were able to demonstrate.

In a video demonstrating an attack, the researchers jammed sensors in the rear of the Model S, so the car did not know it was about to hit a person standing behind it. In another, they "spoofed" its Autopilot to trick it into thinking it would drive into something that was not actually there.

You mentioned they talked about using lasers – can you give any details?

They also used off-the-shelf lasers to defeat the onboard cameras, and, in one of the most low-tech demonstrations, they wrapped objects up in cheap black foam that rendered them invisible to the car's sensors.

What kind of feedback did they get from the manufacturers?

Yan said after the talk that Tesla reacted positively when they disclosed their research, and it was researching ways to mitigate these types of attacks. "They appreciated our work and are looking into this issue," he said.

So, in summary what are the auto makers concerned about after this presentation?

  • Realistic issues of automotive sensor security
  • Big threat to autonomous vehicles (present and future)
  • Attacks on ultrasonic sensors
  • Attacks on Millimeter Wave (MMW) Radars
  • Attacks on cameras
  • Attacks on self-driving cars

Where can people get the full Deaf Con presentation?

It's available at Def Con’s website https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Liu-Yan-Xu-Can-You-Trust-Autonomous-Vehicles.pdf

Reference: http://www.businessinsider.com/defcon-tesla-jamming-spoofing-autopilot-2016-8

 

 

 

 

 

 

Direct download: Hacking_Car_Anti-collision_Systems.mp3
Category:podcasts -- posted at: 3:48pm EST

Q: Could you tell us a little about how this research began?

A: Actually in 2013 Flavio Garcia, a computer scientist at University of Birmingham, and a team of researchers were about to reveal a vulnerability in the ignition of Volkswagen cars that allowed them to start the car and drive off without a key. This vulnerability was present in millions of VWs.

Q: You say “about to reveal”?

A: Yes, they were sued, which delayed the publication of the work for 2 years. They used that time to continue their research into vulnerabilities with VW cars.

Q: So did they find anything new?

A: They sure did. The paper they just published identifies flaws not only with the ignition system, but also with the keyless entry system.

Q: How many cars are we talking about?

A: The researchers claim that every Volkswagen sold since 1995 is affected. The estimate is nearly 100 million cars!

Q: Which cars are affected?

A: There are two distinct attacks – one impacts Audi and Škoda cars; the other Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot.

Q: Do they provide any details of the attack?

A: They use radio hardware to intercept signals from the victim’s key fob, using the intercepted signals to clone the key. They started with software defined radio connected to a laptop, but have moved to a small $40 setup that includes an Arduino board with an attached radio receiver.

Q: How concerned should we be?

A: Of the two attacks, the one targeting Volkswagen cars is most concerning because (1) there is no indication to the drivers that they’ve been compromised, (2) one a single button press needs to be intercepted.

Q: Why is the security weak?

A: It turns out that millions of Volkswagen vehicles share a single cryptographic key. Using the hardware we described earlier, researchers capture another key unique to the target vehicle that is transmitted every time the button on the key fob is pressed. By combining these two key, the researchers can clone the key fob. A single interception and the car is “owned”.

Q: So it’s that easy?

A: Not quite that easy. A few caveats. The attacker has to be within 300 feet of the car. The shared key is not quite universal. The shared key may change based on the model of the car and the year. Also, the internal components where the shared is extracted from may be different.

Q: So the key’s not universal. That’s good, right?

A: Yes, except that the 4 most common keys are used in nearly all the 100 million Volkswagen’s sold in the past 20 years.

Q: So should listeners sell their Volkswagens?

A: No, not yet. The researchers have not revealed where the shared key is stored, but a determined hacker could reverse engineer the keys and publish or sell them. And a newer locking system, used in the VW Golf 7 and other models, uses unique - not shared - keys and it his immune to these attacks.

Q: You mentioned that there are two attacks. What’s the second?

A: The second technique exploits flaws in a common cryptographic scheme called HiTag2 that is used in millions of vehicles.

Q: How does this attack work?

A: The hardware setup is similar to the previous attack. One big difference is that you don’t need to extract any internal keys from the car. You do have to intercept more codes from the target key fob - eight codes specifically. These codes include a rolling code number that changes with every button press.

Q: Sounds a lot like cracking a WEP key on a wireless network.

A: It is. In fact, the researchers suggest jamming the key fob so that the driver has to repeatedly press the button. Essentially generating more traffic to capture. Similar to a so-called replay attack used to help speed up the cracking of WEP keys.

Q: Why not just updated the encryption scheme?

A: It turns out the HiTag2 crypto system is hard coded into chips made by semiconductor company NXP. According to NXP HiTag2 is a legacy security algorithm - 18 years old. Since 2009, they have introduced new, more advanced algorithms, but car makers have been slow to transition to these new chips.

Q: So attackers can unlock the car. Can they steal the car?

A: While these attacks focus on the key fob and unlocking the car. Other research - even these researchers previous work - focuses on exploiting vulnerabilities in the ignition system and bypassing so-called immobilizer systems that are intended to prevent the car being driven without the key fob present. Combining these attackers, it would be possible to steal the car. In fact, there is already evidence of sophisticated digitally-enable car thieves using mysterious “black box” devices to steal cars.

Q: So what should car owners do?

A: Car owners can’t fix the vulnerabilities, so there’s little they can do to avoid these sort of attacks. If you’re concerned about someone cloning your key fob (1) don’t leave valuables in the car, (2) avoid using the key fob at all.

Direct download: Lock_It_and_Still_Lose_It.mp3
Category:podcasts -- posted at: 2:15pm EST

References:

http://www.usatoday.com/story/tech/gaming/2016/07/15/beginners-guide-pokmon-go/87133450/

http://www.theregister.co.uk/2016/07/19/hacker_46_months_db_breach/

 

Direct download: Intro_To_Pokemon_Go.mp3
Category:general -- posted at: 7:46pm EST

Title: 4K Ultra High Definition Television

 Introduction

High definition has meant 1080p (1,920 by 1,080) resolution for years now, and it's ready for an upgrade. That's where 4K, also called ultra high-definition, or UHD, television comes in. 4K is finally a mature, accessible technology. In this podcast we take a close look at UHD 4K technology referencing a PC Magazine post.

 

Updates

 First some continued bad news on the security front …

Businesses pay $100,000 to DDoS extortionists who never DDoS anyone – Dan Goodin

http://arstechnica.com/security/2016/04/businesses-pay-100000-to-ddos-extortionists-who-never-ddos-anyone/

Out-of-date apps put 3 million servers at risk of crypto ransomware infections – Dan Goodin

http://arstechnica.com/security/2016/04/3-million-servers-are-sitting-ducks-for-crypto-ransomware-infection/

Now for a little good news …

Petya Ransomware's Encryption Defeated and Password Generator Released – Lawrence Abrams

http://www.bleepingcomputer.com/news/security/petya-ransomwares-encryption-defeated-and-password-generator-released/

http://arstechnica.com/security/2016/04/experts-crack-nasty-ransomware-that-took-crypto-extortion-to-new-heights/

NSA Launces 2016 GenCyber Camps

https://www.gen-cyber.com

Questions:

What Is 4K?

How Is 4K Different Than 1080p? 

What if you have a 4K TV but not any 4K content?

What About HDR?

What 4K TVs Are Out There Now?

Is There Even Any 4K Content You Can Watch?

Do You Need 4K? 

Reference: http://www.pcmag.com/article2/0,2817,2412174,00.asp

Direct download: 4K_Ultra_High_Definition_Television.mp3
Category:podcasts -- posted at: 2:24pm EST

Questions we try to answer in the podcast:

1. What is the difference between an Engineering Technology degree and a Bachelor of Science in Engineering?

2. Can you also get an AS or AAS degree in Engineering Technology at a Community College?

3. What is the career path for an Engineering Technology degree holder versus a Bachelor of Science in Engineering?

4. What should you be doing in high school if you are interested in an Engineering Technology or Bachelor of Science in Engineering degree?

5. What courses will you likely take in college if you pursue an Engineering Technology degree?

6. What courses will you likely take in college if you pursue a Bachelor of Science in Engineering degree?

7. What interests are common to engineering technology degree and engineering bachelor of science degree pursuers?

Reference: https://floridapolytechnic.org/engineering-technology-degree/

Direct download: Engineering_Technology_and_Engineering_Degrees__What_is_the_Difference.mp3
Category:general -- posted at: 3:40pm EST

Intro

On Wednesday, March 30, 2016 the Federal Communications Commission (FCC) started a three-year process of making our mobile internet even faster and better. The government is buying underused TV airwaves and selling it to mobile carriers for billions of dollars. These radio waves—also known as spectrum—will shape mobile US connectivity as streaming video continues to swallow up bandwidth across the country and as we inch closer to 5G internet speeds. In this podcast, we discuss the auction process.

Updates

Ransomware Evolution is Really Bad News ­ - Angela Alcorn

Recently, 10 hospitals in Maryland operated without access to their central network because their domain servers were locked by a ransomware known as Samsam

http://www.makeuseof.com/tag/ransomware-evolution-is-really-bad-news-microsoft-edge-will-intelligently-pause-flash-tech-news-digest/

Victims paid more than $24 million to ransomware criminals in 2015 — and that's just the beginning – Dan Turkel

The DOJ revealed that the Internet Crime Complaint Center (IC3) had received nearly 7,700 public complaints regarding ransomware since 2005, totaling $57.6 million in damages. Those damages include ransoms paid — generally $200 to $10,000, according to the FBI — as well as costs incurred in dealing with the attack and estimated value of data lost. In 2015 alone, victims paid over $24 million across nearly 2,500 cases reported to the IC3.

http://www.businessinsider.com/doj-and-dhs-ransomware-attacks-government-2016-4 

Adobe issues emergency update to Flash after ransomware attacks – Jim Finkle

Adobe Systems Inc (ADBE.O) issued an emergency update on Thursday to its widely used Flash software for Internet browsers after researchers discovered a security flaw that was being exploited to deliver ransomware to Windows PCs.

The software maker urged the more than 1 billion users of Flash on Windows, Mac, Chrome and Linux computers to update the product as quickly as possible after security researchers said the bug was being exploited in "drive-by" attacks that infect computers with ransomware when tainted websites are visited.

http://www.reuters.com/article/us-adobe-systems-cyber-ransomware-idUSKCN0X502K

Spectrum

How about the auction, What’s spectrum?

The way it is being used here, by the FCC - Spectrum is really just a fancy term for radio waves, a specific portion of the electromagnetic spectrum.

What’s going on with T-Mobile?

T-Mobile wants to stop that from happening, saying AT&T and Verizon already control three-fourths of low-band frequencies.

Who else is interested in spectrum?

Comcast, Charter, and Dish Network, Google (?)

How is this auction being setup?

TV broadcasters by Tuesday April 5 must have made official their intentions to accept the FCC's opening price for the rights to the spectrum they currently use for digital TV broadcasts. 

Who is bidding and how much money are we talking about?

AT&T, Verizon, T-Mobile, Comcast, Dish Network, etc

Can you describe the spectrum being auctioned and what will be done with it?

The FCC expects that bidders will provide new wireless services using that spectrum, which is in the 600 MHz band and currently used for UHF TV channels. The characteristics of UHF that make it good for TV also work well for wireless communications and data delivery -- the waves can travel great distances and pass through buildings.

So what happens if a TV station sells its spectrum?

TV broadcasters have the choice of moving to a lower-frequency spot on the spectrum, sharing signals with a neighboring station or giving up broadcasting altogether.

Does the FCC know which stations are going to sell?

While some stations have made their intentions to participate in the reverse auction public, the FCC is not able to announce what percent of the 1,800 eligible TV stations are involved, because of confidentiality protections within the 2012 Congressional action that led to the auction.

What if a station sells? Are they out of business?

As the FCC reorganizes spectrum allocations after the auction, some TV channels may need to be reassigned during the 39-month transition period. Any reassignment requires that the FCC preserve stations' current audience and geographical reach. For more information about the incentive auction, visit the FCC web site http://www.fcc.gov/

You mentioned some big provider names – can you give more details?

Currently, the top four nationwide providers - Verizon, AT&T, Sprint and T-Mobile - combined hold more than 80% of available wireless spectrum. AT&T is expected to spend at least $10 billion on the auction, with Verizon to spend from $8 billion to $10 billion, and T-Mobile between $6 billion and $10 billion. Zino did not estimate Comcast or Dish's spending.

Why do we need more spectrum?

Video takes up 50 percent of all US mobile data and will likely grow to 70 percent in 2021, which is when this rearranged spectrum will go into use. Because video requires more over-the-air bandwidth than other types of data, these bigger lanes will open up the possibility for applications we haven’t even thought of yet. These lower-frequency bands will play a role in 5G. In much the same way that 700 MHz paved the way for America’s world-leading deployment of 4G, so could 600 MHz accelerate U.S. deployment of 5G.”

How fast will 5G go?

5G standards have yet to be defined. In October 2014, Samsung Electronics set the first record by achieving a wireless speed of 7.5Gbps in tests at its DMC R&D Centre at Samsung Electronics in Suwon, South Korea. But in November 2014, the record was beaten by the University of Surrey's 5G Innovation Centre (5GIC), which was founded by a host of telecoms industry partners, including Fujitsu, Aircom, BT, Samsung, Telefonica, Vodafone, Aeroflex and Rohde & Schwarz, as well as the BBC.

5GIC achieved a speed of 0.8 terabits (800Gbps) in its tests. Then on 25 February 2015, it beat its own record by hitting 1Tbps, which is currently the world record.

How about 5G distance?

So far, the most impressive test has been that of Huawei and NTT DoComo, who achieved mobile internet speeds of 3.6Gbps outdoors across the city of Chengdu in Sichuan Province, China in October 2015.

Will there be enough participation?

Good question, there's some concern that not enough stations planned to participate in this latest auction. Only one in ten broadcasters expressed an interest in selling its spectrum in discussions in advance of the auction, according to tech consulting firm the Envisioneering Group. Time will tell.

Bits and Bytes

Why The FBI Director Puts Tape Over His Webcam  – Andy Greenberg

FBI Director James Comey gave a speech this week about encryption and privacy, repeating his argument that "absolute privacy" hampers law enforcement. But it was an offhand remark during the Q&A session at Kenyon College that caught the attention of privacy activists:

"I saw something in the news, so I copied it. I put a piece of tape — I have obviously a laptop, personal laptop — I put a piece of tape over the camera. Because I saw somebody smarter than I am had a piece of tape over their camera."

http://www.npr.org/sections/thetwo-way/2016/04/08/473548674/why-the-fbi-director-puts-tape-over-his-webcam

The Senate’s Draft Encryption Bill Is ‘Ludicrous, Dangerous, Technically Illiterate’ – Martin Kaste

On Thursday evening, the draft text of a bill called the “Compliance with Court Orders Act of 2016,” authored by offices of Senators Diane Feinstein and Richard Burr,  was published online by the Hill.1 It’s a nine-page piece of legislation that would require people to comply with any authorized court order for data—and if that data is “unintelligible,” the legislation would demand that it be rendered “intelligible.” In other words, the bill would make illegal the sort of user-controlled encryption that’s in every modern iPhone, in all billion devices that run Whatsapp’s messaging service, and in dozens of other tech products. http://www.wired.com/2016/04/senates-draft-encryption-bill-privacy-nightmare/

SpaceX Landing

https://www.youtube.com/watch?v=lEr9cPpuAx8

Direct download: FCC_Spectrum_Auction_2016.mp3
Category:general -- posted at: 3:38pm EST

On March 31st, 2016 the US Computer Emergency Readiness Team or US-CERT released alert TA 16-091A titled “Ransomware and Recent Variants”. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Already in 2016, destructive ransomware variants such as Locky and Samas were observed infecting the computers of individuals and businesses – even hospitals and healthcare facilities. The purpose of this Alert is to provide further information on ransomware, its main characteristics, its prevalence, variants that may be proliferating, and how users can prevent and mitigate against ransomware.

References:

https://en.wikipedia.org/wiki/Ransomware_(malware)

https://www.us-cert.gov/ncas/alerts/TA16-091A 

Direct download: What_You_Need_To_Know_About_Ransomware.mp3
Category:podcasts -- posted at: 6:48pm EST

We’ve hear the term “big data” used a lot lately. The term itself makes us thing about lots and lots of information. Sure there’s lots of information but what most important to an organization is what is done with the data. In this podcast we take an introductory look at what big data is, discuss how it is being used, and refer to an excellent document at SAS.com

Direct download: Big_Data_Podcast_022816.mp3
Category: -- posted at: 4:30pm EST

As part of a National Science Foundation grant received by the Educational Development Corporation in Massachusetts, Mike and I have been involved with a group of small business social media experts from around the country defining a step-by-step social media process for Social Technology Enabled Professionals. These small business people build, maintain, manage and leverages online social networks to engage with customers, business partners, employees and key influencers with the goal of building organizational success.  In this podcast, we cover part one of the first duty and discuss some of the tasks involved. 

Direct download: Conducting_Social_Media_Research_Part_1_July_3_2014_Podcast.mp3
Category:podcasts -- posted at: 6:05am EST

All businesses and organizations desire greater engagement with their audiences. However, many are not leveraging the social media platforms that allow for the best opportunities for engagement. From static postal flyers, electronic newsletters to a lack of regular communication, engagement becomes difficult.

Social media platforms call for regular, sustained communications and conversations between the businesses/organizations and their audiences. Blogs allow for that engagement by allowing readers to comment on postings, share links and/or rate postings. Some blogs allow for other interaction functionality like including a poll in a posting. On Facebook and Twitter engagement, in the form of “like,” comment, and re-tweet, is much more the norm than perhaps on blogs.

This podcast will briefly introduce the listener to a three tiered social media strategy approach:

.    1)  Primary (Blog or similarly organized content on an organizational website)

.    2)  Secondary (Platforms such as YouTube, Instagram, Pinterest, etc that can deliver supportive content 
to the primary platform via hyperlink)

.    3)  Broadcast (Platforms such as LinkedIn, Facebook, Twitter which can aggregate audiences 
and are engagement friendly)

Social media platforms call for regular, sustained communications and conversations between the businesses/organizations and their audiences. Given the explosion of new media platforms and social media networks during the past few years, there is significant justification for all businesses and organizations to adopt strategies to leverage these platforms more effectively.    

Direct download: Why_Social_Media_June_2014_Podcast.mp3
Category:podcasts -- posted at: 11:02am EST