- ISIL creates all-female brigade to terrorize women into following Sharia law
- ISTOOK: Obama wants to be impeached
- Obama to Latin leaders: Help with border
- Military bans troops from Baptist church event honoring ‘God’s Rescue Squad’
- ‘Pocket drones’: U.S. Army developing tiny surveillance tools for the next big war
- Belgian cafe posts sign: Dogs allowed, but Jews stay out
- Gen. Dempsey: Pentagon studying Russian readiness plans not viewed ‘for 20 years’
- John McCain: Botched, two-hour execution of murderer is ‘torture’
- House GOP ready to move border bill
- Bomb squad called after live WWII artillery washes on Cape Cod beach
Texting, grand theft auto style; alarms pose risk
Question of the Day
SAN FRANCISCO (AP) - Texting and driving don’t go well together _ though not in the way you might think.
Computer hackers can force some cars to unlock their doors and start their engines without a key by sending specially crafted messages to a car’s anti-theft system. They can also snoop at where you’ve been by tapping the car’s GPS system.
That is possible because car alarms, GPS systems and other devices are increasingly connected to cellular telephone networks and thus can receive commands through text messaging. That capability allows owners to change settings on devices remotely, but it also gives hackers a way in.
Researchers from iSEC Partners recently demonstrated such an attack on a Subaru Outback equipped with a vulnerable alarm system, which wasn’t identified. With a laptop perched on the hood, they sent the Subaru’s alarm system commands to unlock the doors and start the engine.
Their findings show that text messaging is no longer limited to short notes telling friends you’re running late or asking if they’re free for dinner.
Texts are a powerful means of attack because the devices that receive them generally cannot refuse texts and the commands encoded in them. Users can’t block texts; only operators of the phone networks can.
These devices are assigned phone numbers just like fax machines. So if you can find the secret phone number attached to a particular device, you can throw it off by sending your own commands through text messaging.
Although these numbers are only supposed to be known by the devices’ operators, they aren’t impossible to find. Certain network-administration programs allow technicians to probe networks to see what kinds of devices are on them. Based on the format of the responses, the type and even model of the device can be deduced. Hackers can use that information to craft attacks against devices they know are vulnerable. (In this case, the researchers bypassed these steps and simply took the alarm system out of the car to identify the secret phone number.)
Actually stealing a car wouldn’t be so easy.
You’d have to ensure that the phone number you found is attached to the car you’re standing in front of, for instance. There are hacking tools to do that _ they listen for cellular traffic around a particular vehicle _ but in many cases it’s easier to take a car that doesn’t have an alarm.
The research from Don Bailey and Mat Solnik is unsettling because it shows that such attacks are possible on a variety of other devices that use wireless communications chips. Those include ATMs, medical devices and even traffic lights. Hackers have already sent specially crafted texts with commands to instantly disconnect iPhones from the cellular network.
Bailey, whose specialty is cellphone network security, also found that similar techniques can be used to get a certain type of GPS system to cough up its location data. Such information can be used by stalkers or home burglars, for instance.
The type of GPS system he studied is known as assisted GPS, which means that it uses cellular signals in addition to the usual satellite signals. That makes the system vulnerable.
The research isn’t just about taking off with someone else’s car or finding out where that person has been.
It raises the possibility of other, more sinister dangers, such as those potentially affecting braking and acceleration, said Scott Borg, director of the U.S. Cyber Consequences Unit, a group that studies hacking threats. That becomes possible as networked electronics are more tightly coupled with physical machinery.
TWT Video Picks
President wants everyone but himself to pay more
- 'We're coming for you, Barack Obama': Top U.S. official discloses threat from ISIL terrorists
- 'Pocket drones': U.S. Army developing tiny spies for the next big war
- Ted Nugent loses second casino gig for 'racist remarks'
- Obama orders Pentagon advisers to Ukraine
- ISTOOK: Obama wants to be impeached
- NAPOLITANO: What if our democracy is a fraud?
- Afghan who killed three U.S. Marines in 2012 to serve over 7-year prison sentence
- EDITORIAL: Obama's 'economic patriotism' means higher taxes
- HUSAIN: Fleeing Iraqi Christians find safe haven at the Shrine of Imam Ali
- Brian Kelly, Notre Dame ready for different route to title
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world
Fighting in Iraq