Sun, 28 August 2016
Hacking Car Anti-collision Systems, August 28, 2016
A group of researchers presenting at this month’s Def Con hacker conference showed how they were able to trick Tesla's sophisticated anti-collision sensors to make a car hit an object it would normally detect in its path.
Before we start on the cars – you went to Def Con this year Mike – how was it?
So let’s get to the cars now – who did this research?
The group consisted of Chen Yan, a PhD student at Zhejiang University, Jianhao Liu, a senior security consultant at Qihoo 360, and Wenyuan Xu, a professor at Zhejiang University and The University of South Carolina.
So can you give a quicker overview of what they did?
They discovered methods for "quieting" sensors to diminish or hide obstacles in a car's path, "spoofing" them to make an object appear farther or closer than it actually is, and jamming, which, Yan said, renders the sensor useless as it's "overwhelmed by noise."
Could this be done now? I mean, if someone is driving a Tesla or any other car with this kind of sensor technology, should they be concerned?
It's important to note that the demonstration was a proof-of-concept that did not mimic real-world conditions today. Researchers were working on cars that were usually stationary with what was sometimes very expensive equipment. They noted that the "sky wasn't falling."
But the experiment suggests that theoretically, a few years from now, somebody could make a device that could jam certain sensors in a nearby car.
Can you talk about these sensors a little more?
There are a number of sensors on a Tesla Model S that are used for a variety of functions. It has radar to detect objects in front of it, GPS for location tracking, and cameras to detect speed limit signs and lane markings, for example. As the talk showed, many of these things can be tricked by a determined attacker.
Is it just Tesla people need to be concerned about?
Much of their presentation focused on the Tesla Model S, but they also successfully jammed sensors on cars from Audi, Volkswagen, and Ford.
So what kinds of systems were they jamming?
Cars with ultrasonic sensors
Cars with parking assistance
The Tesla Model S with self-parking and summon
Let’s talk a little more about what they were able to demonstrate.
In a video demonstrating an attack, the researchers jammed sensors in the rear of the Model S, so the car did not know it was about to hit a person standing behind it. In another, they "spoofed" its Autopilot to trick it into thinking it would drive into something that was not actually there.
You mentioned they talked about using lasers – can you give any details?
They also used off-the-shelf lasers to defeat the onboard cameras, and, in one of the most low-tech demonstrations, they wrapped objects up in cheap black foam that rendered them invisible to the car's sensors.
What kind of feedback did they get from the manufacturers?
Yan said after the talk that Tesla reacted positively when they disclosed their research, and it was researching ways to mitigate these types of attacks. "They appreciated our work and are looking into this issue," he said.
So, in summary what are the auto makers concerned about after this presentation?
Where can people get the full Deaf Con presentation?
It's available at Def Con’s website https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Liu-Yan-Xu-Can-You-Trust-Autonomous-Vehicles.pdf
Mon, 15 August 2016
Q: Could you tell us a little about how this research began?
A: Actually in 2013 Flavio Garcia, a computer scientist at University of Birmingham, and a team of researchers were about to reveal a vulnerability in the ignition of Volkswagen cars that allowed them to start the car and drive off without a key. This vulnerability was present in millions of VWs.
Q: You say “about to reveal”?
A: Yes, they were sued, which delayed the publication of the work for 2 years. They used that time to continue their research into vulnerabilities with VW cars.
Q: So did they find anything new?
A: They sure did. The paper they just published identifies flaws not only with the ignition system, but also with the keyless entry system.
Q: How many cars are we talking about?
A: The researchers claim that every Volkswagen sold since 1995 is affected. The estimate is nearly 100 million cars!
Q: Which cars are affected?
A: There are two distinct attacks – one impacts Audi and Škoda cars; the other Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot.
Q: Do they provide any details of the attack?
A: They use radio hardware to intercept signals from the victim’s key fob, using the intercepted signals to clone the key. They started with software defined radio connected to a laptop, but have moved to a small $40 setup that includes an Arduino board with an attached radio receiver.
Q: How concerned should we be?
A: Of the two attacks, the one targeting Volkswagen cars is most concerning because (1) there is no indication to the drivers that they’ve been compromised, (2) one a single button press needs to be intercepted.
Q: Why is the security weak?
A: It turns out that millions of Volkswagen vehicles share a single cryptographic key. Using the hardware we described earlier, researchers capture another key unique to the target vehicle that is transmitted every time the button on the key fob is pressed. By combining these two key, the researchers can clone the key fob. A single interception and the car is “owned”.
Q: So it’s that easy?
A: Not quite that easy. A few caveats. The attacker has to be within 300 feet of the car. The shared key is not quite universal. The shared key may change based on the model of the car and the year. Also, the internal components where the shared is extracted from may be different.
Q: So the key’s not universal. That’s good, right?
A: Yes, except that the 4 most common keys are used in nearly all the 100 million Volkswagen’s sold in the past 20 years.
Q: So should listeners sell their Volkswagens?
A: No, not yet. The researchers have not revealed where the shared key is stored, but a determined hacker could reverse engineer the keys and publish or sell them. And a newer locking system, used in the VW Golf 7 and other models, uses unique - not shared - keys and it his immune to these attacks.
Q: You mentioned that there are two attacks. What’s the second?
A: The second technique exploits flaws in a common cryptographic scheme called HiTag2 that is used in millions of vehicles.
Q: How does this attack work?
A: The hardware setup is similar to the previous attack. One big difference is that you don’t need to extract any internal keys from the car. You do have to intercept more codes from the target key fob - eight codes specifically. These codes include a rolling code number that changes with every button press.
Q: Sounds a lot like cracking a WEP key on a wireless network.
A: It is. In fact, the researchers suggest jamming the key fob so that the driver has to repeatedly press the button. Essentially generating more traffic to capture. Similar to a so-called replay attack used to help speed up the cracking of WEP keys.
Q: Why not just updated the encryption scheme?
A: It turns out the HiTag2 crypto system is hard coded into chips made by semiconductor company NXP. According to NXP HiTag2 is a legacy security algorithm - 18 years old. Since 2009, they have introduced new, more advanced algorithms, but car makers have been slow to transition to these new chips.
Q: So attackers can unlock the car. Can they steal the car?
A: While these attacks focus on the key fob and unlocking the car. Other research - even these researchers previous work - focuses on exploiting vulnerabilities in the ignition system and bypassing so-called immobilizer systems that are intended to prevent the car being driven without the key fob present. Combining these attackers, it would be possible to steal the car. In fact, there is already evidence of sophisticated digitally-enable car thieves using mysterious “black box” devices to steal cars.
Q: So what should car owners do?
A: Car owners can’t fix the vulnerabilities, so there’s little they can do to avoid these sort of attacks. If you’re concerned about someone cloning your key fob (1) don’t leave valuables in the car, (2) avoid using the key fob at all.
Sat, 7 May 2016
Title: 4K Ultra High Definition Television
High definition has meant 1080p (1,920 by 1,080) resolution for years now, and it's ready for an upgrade. That's where 4K, also called ultra high-definition, or UHD, television comes in. 4K is finally a mature, accessible technology. In this podcast we take a close look at UHD 4K technology referencing a PC Magazine post.
First some continued bad news on the security front …
Businesses pay $100,000 to DDoS extortionists who never DDoS anyone – Dan Goodin
Out-of-date apps put 3 million servers at risk of crypto ransomware infections – Dan Goodin
Now for a little good news …
Petya Ransomware's Encryption Defeated and Password Generator Released – Lawrence Abrams
NSA Launces 2016 GenCyber Camps
What Is 4K?
How Is 4K Different Than 1080p?
What if you have a 4K TV but not any 4K content?
What About HDR?
What 4K TVs Are Out There Now?
Is There Even Any 4K Content You Can Watch?
Do You Need 4K?
Sun, 3 April 2016
On March 31st, 2016 the US Computer Emergency Readiness Team or US-CERT released alert TA 16-091A titled “Ransomware and Recent Variants”. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Already in 2016, destructive ransomware variants such as Locky and Samas were observed infecting the computers of individuals and businesses – even hospitals and healthcare facilities. The purpose of this Alert is to provide further information on ransomware, its main characteristics, its prevalence, variants that may be proliferating, and how users can prevent and mitigate against ransomware.
Tue, 8 July 2014
As part of a National Science Foundation grant received by the Educational Development Corporation in Massachusetts, Mike and I have been involved with a group of small business social media experts from around the country defining a step-by-step social media process for Social Technology Enabled Professionals. These small business people build, maintain, manage and leverages online social networks to engage with customers, business partners, employees and key influencers with the goal of building organizational success. In this podcast, we cover part one of the first duty and discuss some of the tasks involved.
Direct download: Conducting_Social_Media_Research_Part_1_July_3_2014_Podcast.mp3
Category:podcasts -- posted at: 6:05am EDT
Sun, 15 June 2014
All businesses and organizations desire greater engagement with their audiences. However, many are not leveraging the social media platforms that allow for the best opportunities for engagement. From static postal flyers, electronic newsletters to a lack of regular communication, engagement becomes difficult.
Social media platforms call for regular, sustained communications and conversations between the businesses/organizations and their audiences. Blogs allow for that engagement by allowing readers to comment on postings, share links and/or rate postings. Some blogs allow for other interaction functionality like including a poll in a posting. On Facebook and Twitter engagement, in the form of “like,” comment, and re-tweet, is much more the norm than perhaps on blogs.
This podcast will briefly introduce the listener to a three tiered social media strategy approach:
. 1) Primary (Blog or similarly organized content on an organizational website)
. 2) Secondary (Platforms such as YouTube, Instagram, Pinterest, etc that can deliver supportive content to the primary platform via hyperlink)
. 3) Broadcast (Platforms such as LinkedIn, Facebook, Twitter which can aggregate audiences and are engagement friendly)
Social media platforms call for regular, sustained communications and conversations between the businesses/organizations and their audiences. Given the explosion of new media platforms and social media networks during the past few years, there is significant justification for all businesses and organizations to adopt strategies to leverage these platforms more effectively.
Thu, 7 June 2012
Mike and Gordon discuss current topics.
Online Classes See Cheating Go High-Tech
Facebook Will Disappear by 2020, Says Analyst
Museum of Endangered Sounds
The Mechanics and Meaning of That Ol' Dial-Up Modem Sound
An Honest Review of the Samsung Galaxy Nexus
See You Later WiMAX
Mon, 6 February 2012
Rumors are that Apple is planning on incorporating support for the new faster 802.11ac Wi-Fi specification into products this year. In this podcast we discuss the 802.11ac and other wireless specs.
We discuss the following questions:
- So, what’s the deal with this 802.11ac?
- These 802 dot whatever standards - where do they come from?
- So this 802.11ac is considered non-finalized. what does that mean?
- I seem to get interference from things like wireless home phones. I know spectrum is involved.
- So if I set my access point to run at 5GHz, will all my devices work? What do i need to understand to make it work?
- What about range? You mentioned range limitations at 5 GHz.
- Are there any ways to extend the range? I’ve heard about something called MIMO.
- You mentioned 802.11a which is pretty old. Is the use of 5 GHz new?
- When will we see 802.11ac products on the market?
- What kinds of products from Apple? What are people saying?
- What do you mean when you say potentially for the mobile devices?
Along with the Superbowl!
Thu, 1 December 2011
This is Gordon's December 2, 2011 presentation for a series of mobile boot camps being run by The Commonwealth Alliance for Information Technology Education (CAITE); and the Boston-Area Advanced Technological Education Connections (BATEC) at the University of Massachusetts.
High school students take a day at locations across Massachusetts, working with faculty and business/industry people to learn how to program, design, and market mobile apps using mobile programming platforms. Students will also have an opportunity to enter an app programming contest to be sponsored by BATEC in the spring.
Wed, 23 November 2011
Back in September I had the chance to interview Troy Swanson, an Associate Professor / Teaching and Learning Librarian at Moraine Valley Community College in Palos Hills, IL. In the interview we discussed a paper he published with Public Service Librarian Jeremy Green, also at Moraine Valley Community College. Here's the abstract from that paper published at ScienceDirect.
In the Fall of 2009, the Moraine Valley Community College Library, using guidelines developed by Jakob Nielsen, conducted a usability study to determine how students were using the library Web site and to inform the redesign of the Web site. The authors found that Moraine Valley's current gateway design was a more effective access point to library resources than a mock-up site which incorporated a central-search box on the site homepage. This finding stands in contrast to the observed trends of library Web site design that emphasizes a “Googlized” search.
Troy's findings are very interesting, especially if you are managing/mdifying an existing site or are considering creating one. Here's the links Troy refers to in the podcast.
The Next Level (Blockbuster article)by James Surowiecki
useit.com: Jakob Nielsen's Website
The Googlization of Everything (book review)
Why We Are Not Google: Lessons from a Library Web site Usability Study
(link to Elsevier's Science Direct)