http://www.forbes.com/sites/thomasbrewster/2015/03/25/hack-a-car-for-60-dollars/
By Thomas Fox-Brewster
Forbes Staff
3/25/15
Eric Evenchick knows what it’s like to be at the mercy of modes of
transport. That might be why the former Tesla intern is so keen to hack
his way to gaining greater control over the vehicles he travels in. When
we speak over encrypted call app RedPhone, he’s stuck in Hong Kong airport
waiting for a delayed flight to Singapore, where he’ll announce the open
sourcing of the CANard tool during the BlackHat Asia conference.
His code will make it cheaper and easier than ever before for tinkerers to
get to the innards of their connected cars to determine if there are any
useful tweaks they can make, or any worrisome security vulnerabilities
that more malicious hackers could exploit. Evenchick is hopeful CANard,
based on the widely-used and much-loved Python language, will have a
greater impact on the car industry in general. It should allow security
researchers of all ilks to easily probe cars for weaknesses, which,
Evenchick hopes, will get them to take vehicle hacking more seriously.
His own tinkering with the code has turned CANard into a more powerful
tool in recent weeks. In particular, it now has the ability to carry out
proper diagnostics over the Controller Area Network (CAN), the
network-on-wheels found in almost all modern automobiles to send data
around the vehicle, he tells FORBES. This means anyone who knows or learns
Python (it’s a good language for newcomers to coding) can start to probe
what functions can be accessed using their computer, whether they run an
Apple AAPL -2.61% Mac, Microsoft MSFT -3.36% Windows or Linux PC. They’ll
also need to buy some associated hardware to connect laptops to the
diagnostics, or OBD2, port, which Evenchick has also produced. He’ll be
shipping CANtact, a CAN to USB interface for the low, low price of $59.95
(USB and OBD2 cable not included). There will only be 100 available in the
first batch, but the hardware is open source too, meaning it’s easily
replicable and even cheaper for those with the right skills.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
