Oh Andy…(aka hacking part 2)
Let me be really, really clear here – I KNOW a wireless vector attack on
a vehicle’s embedded modem is possible. I think it is very, very hard
to wirelessly alter a vehicle’s system.
And I do not think that taking control of vehicles and causing it to
crash via the wireless modem is a real threat at this moment in time and
needs endless airing.
I am not saying that there is nothing to worry about. I know for a fact
that when you put a wireless modem in a vehicle and network it to said
vehicle’s systems, it is possible for it to be breached in a manner not
What I am saying that there is far too much hype around far-fetched
worries and not enough thoughtful, pragmatic, earnest discussions taking
place about the real, honest to Goddess concerns.
Take this for example, Edmund King, president of The Automobile
Association was quoted on December 30, 2014 in The Daily Times as saying
“…the internet found in high-end luxury cars could provide criminals
with the opportunity to interfere with a car’s safety systems, even
while it is driving along the road.”
Wow. Really?! It gets worse.
The article is only 331 words, but manages to pack a lot of scare –
virus, terrorist attacks, ransom, oh my! Mr. King did go on to admit,
“Ultimately there could be a terrorist-type threat to transport systems.
I don’t think we’re there yet but it is something that needs to be
addressed.” (Emphasis added by yours truly. He is right on that front;
we are not there yet.) And this from the President of The Automobile
Association?! Highly irresponsible in my book.
Sadly, these types of scare tactics and sensationalism are ridiculously
easy to find. A real intellectual discussion about the true security
vulnerabilities of connected vehicles is not sexy and won’t garner
headlines, much less get people to actually read your words. There is
no cleavage to connected vehicle security unless you go straight to
freaking people out, preying on their fears.
This was ridiculously clear to me when I was interviewed a few weeks ago
by a British journalist who seemed to get really bored when I talked
about what was a real threat (data breach) and what was not a real
threat (someone remotely controlling your car causing you to crash.)
Now, she could have just been a really stoic woman from Wales and that
was her “I’m interviewing” face, but all of her questions kept trying to
get me to be scandalous, usually not a hard thing to do. I repeated a
few examples Lucas Crowe from TCS gave me that I thought were quite good
and tried to move on. If the interview gets aired at all, I’m sure the
pragmatic bits will be edited out, hopefully along with the extra 20
pounds the camera supposedly adds and maybe a few more for good measure.
That is why I relished Andy Gryc’s blog on LinkedIN. Those who know
Andy and me know that we both enjoy spirited debates and are not
shrinking violets. I do not mind Andy using my opinions as foil and he
was ever the gentleman asking me prior to publishing. Good form all
around. I completely respect Andy and his well-earned knowledge. I
also know that Andy is thoughtful and considerate so, I was really
looking forward to hearing some well-reasoned arguments on what is the
And then he broke my heart by starting off with some unfortunate
statements that fail reality.
He is dead wrong that the automotive community has its head in the sand;
that leadership doesn’t actually understand or appreciate the problem.
The leaders at OEMs, especially I.T. and connected vehicle leaders, and
I would argue, the woman and men at the very top ARE taking connected
car security very, very seriously. There is no status quo to protect
when it comes to telematics because it is currently being developed.
From the earliest days of in-vehicle connectivity (and I was there when
we were using analog), automotive executives, managers and working staff
have been very concerned about breaches in security and have taken
numerous steps to protect the vehicle from wireless vector attacks.
OEMs cannot publically state what they are concerned about, what they
are doing, and why because that will invite attacks.
Is there more the automotive OEMs can learn? Absofuckinlutely. Which is
why I’m so hungry for an earnest discussion and pleased that Andy went
into deep details of what constitutes a true concern. I learned a lot
reading Andy’s blog and highly suggest you give it a twice over.
Andy is correct, there are things to genuinely be worried about. For
example, root privileges held by OEMs and not secured by rotating
passwords or encryption best practices. Odds are, if someone takes
control of a fleet of connected vehicles, it would be an inside job.
Think Edward Snowden for Automotive. It could be something as simple as
“hello world” across 50,000 BlueLink enabled Sonatas that Hyundai did
not plan. That would be disconcerting. The portrait Andy painted of the
hacker as a young man was horrifying to me as mother of a teenage boy.
I get it that being hard is part of the appeal of misusing a connected
vehicle system out side of the original intent. The challenge will be the appeal.
I think Andy pointing out that security needs to be at the core of
design of the system is very sage. What Andy has pointed out about Tier
1 software development practices for telematics systems is deeply
troubling and I can completely picture it, especially the economics of it all. It
is not, however, what I experienced in my very limited way. I did not witness an
OEM abdicating its responsibilities entirely to a Tier 1 or working
separately or not stressing security during the entire process. Quite
the opposite. I am not an engineer. I have never played one on TV.
However, I worked closely with many and I can say that preventing
intrusion and unintended consequences with telematics systems was on the
very top of everybody’s list.
Furthermore, there is the trend of many OEMs taking infotainment and
telematics systems designs in-house. I was speaking with a German OEM
who point blank said that telematics and connected vehicle systems were
too important and critical to be left to any Tier 1. They are moving
everything in-house. I expect this trend to continue. Plus, aren’t
most Tier 1 infotainment division for sale?!
I agree that automotive OEMs need to specify security into the very
architectural aspects of their software design. If you browse OEM job
listings and if you speak with any recruiters, you will notice that all
OEMs are seeking skilled software engineers and you can bet that
security, especially wireless and network security, is top of mind. A
major concern is being able to recruit and retain highly skilled
software and network engineers. OEMs are going to have to pay more and
adopt a more flexible work environment.
Writing that just made me laugh!
THAT is the status quo that needs changing and I know for a fact is
actively being assaulted…at least in the R&D labs of Silicon Valley.
As for CAN-BUS being part of the problem, sure. It is compounded by
wireless access into and out of the vehicle. It is also changing. What
I would like to know is if the move to AVB Ethernet will help solve
concerns for wireless security breaches.
I would like to know what else needs to be considered. I firmly believe
that there are best practices from other industries that can be directly
applied to automotive to strengthen wireless and network software
security. Content Centric Networking anyone?!
I do not want the overwhelming positives that come from having fully
connected vehicles – vehicles that speak to each other, to
infrastructure, to the outside world, that can be read and re-written,
that can tell the right people, “I’m broken in this particular way, fix
me!” and have engineers remotely fix the car – I do not want any of
those to be thwarted by ill-reasoned fears.
I want to create a connected vehicle reality that takes real threats and
concerns and deals with them. I completely agree that at some point,
some young version of Andy will figure out a way to wirelessly and
remotely misuse vehicle systems outside of the original intent. Shit,
people have been altering their vehicles since day one and I wish the
customization was even more prevalent! I would love to easily swap out
my just-okay navigation system with a better one. I would love to have
added a rear-view camera system on my beloved VW Jetta SportWagen
(white, diesel and it is awesome!) as simply as I upgraded the stereo on
my 1977 Chevrolet Caprice Classic (also white and also awesome.)
What I want to identify real concerns, ways to prevent them, and real
solutions when problems cannot be prevented. I want us to use our
connected vehicle systems to their full potential. Damnit! I want to
eat my cake and have it too.
I believe the full potential of connected vehicles can be realized if
really smart, reasonable people get involved and help solve and prevent
real problems. It will take experts outside of traditional automotive
to help. And it will take well-seasoned vehicular engineers. It will
take a change of OEM culture and outside pressure. But I do not think
it will take some wide scale horrific tragedy to get the automotive
industry to wake it because the automotive industry is not asleep.
Call me if you want to put some money on this one.