Seems like early 2000s cars were the last of the good cars. You had full airbags by that point but cars were mostly still just basic fuel injected internal combustions engines with sensible transmission choices that had seen probably decades of iteration at that point. If you wanted some crazy infotainment its not hard to roll your own with the standard sized stereo slots in those cars. No telemetry. No "driver aids" behaving nondeterministically. Mechanical linkages vs by wire. Just a car. Starts with a key. Exactly what is says on the tin and nothing more or less.
I'm routinely ridiculed for driving a car with a traditional ignition key, and insisting upon it, as if it's exclusive to Luddities.
Everyone else can enjoy their reflection/replay attacks or whatever.
Honorable mention to Toyota who has still not completely abandoned this simple, functional technology for a clunky fob that can be easily hacked.
FWIW, fobs are not for your convenience. It's for theirs.
> FWIW, fobs are not for your convenience. It's for theirs.
Same with touch buttons. Not for you convenience, it's for theirs.
I'm curious who you are routinely interacting with that they care about your car keys. :D
I do think the writing is on the wall for old fashioned keys, though? For one, they don't really give you that much protection. As laughable as poorly done key fobs are, a physical key is a pretty low bar as far as deterrence goes.
It can be annoying to consider, but cultural norms protect cars far more than anything else. Is why many in suburban areas can get away with having their keys in the cars at all times.
Keys have been chipped for > 30 years. The technology is proven, secure, and reliable. Kia and Hyundai learned this the hard way when they tried to shave pennies a few years ago.
Fobs just created another attack vector catering to people too lazy to take it out of their pocket or purse.
Apologies, I debated whether to add to this, as I don't even disagree that the fobs are largely uselessly easy attack vector.
My argument was also to the doors, though. Again, I got used to just leaving keys in the car at all times. I know movies make a cliche of the keys being above the visor, but I legit did stuff like that for a long time.
My grandparent's car didn't even need a key in the ignition to start. You could just turn it and have it get going for a while. He debated getting it fixed, but ultimately really liked how convenient it was.
My father had one of those vehicles with a keypad on the outside. I thought that was super convenient and quite nice. Especially good for traveling, as you didn't have to bother taking your keys with you.
And my argument was largely around norms. I don't like excessive punishment based societies, in general, but I also don't know why or how some grow to accept that some theft is just expected.
> people too lazy to take it out of their pocket or purse
Keyless start has another legitimate function besides laziness: it allows you to leave your car locked with the engine (and AC) running while a baby or dog is inside.
Of course, you can accomplish the same by having two keys with you; you decide whether that's another example of laziness. :-)
It's not a legitimate function because the car will beep at you if you walk away.
Some aftermarket remote starts have this feature.
However, in many states it's illegal to leave a car running unattended.
Though one could argue in court the baby or dog could serve as the attendant. Having said that, leaving a baby or dog unattended, AC or not, is just stupid.
My Ford from the year 2000 has a 5 digit keypad on the door. I can lock my keys in the car, leave it running, lock and unlock it without an extra key. I can grant anybody access by just giving them the code. I hated carrying the stupid bulky keyless entry fob in my pocket, and threw it in a drawer, so my keychain is very small. It still has a chipped key to turn on the ignition system and start the vehicle. It's vehicle locking perfection.
Chipped keys have constantly fallent to cloning attacks and worse. The idea "you insert it therefore the whole system is secure" is backwards reasoning when the problem is the chips, protocols, and buggy security implementations themselves.
Moving the goalposts. No chipped key car has ever been stolen by beaming some kit off AliExpress at it and simply driving away.
I think the goalposts are solid but maybe there is some misunderstanding/disagreement of what's going on with the chipped physical keys vs fobs causing it to seem as if I must be trying to move them.
There were early generation keys for VATS/Pass-Key I/II style systems in the ~~80s-late 90s which weren't actually "chipped" but had some protection mechanisms mostly based around resistance. They were a bit useless in that they were very limited in possible values so even without a key one could just guess through them. Beyond that, there were also just cheap bypass modules https://www.the12volt.com/installbay/forum_posts.asp?tid=845.... Really, these were not much different than going after a normal physical key car because of the lack of actual chip. I don't think you were referring to these for these reasons, but I thought I'd cover them anyways.
Actual chipped-but-physically-inserted keys https://www.key4.com/gm-transponder-key-b111pt?srsltid=AfmBO... using chips like Hitag2 https://www.nxp.com/products/rfid-nfc/hitag-lf/hitag-2-trans... started to hit the market towards the late 90s. These still don't signal the chip communication through the metal of the key into the ignition though, they use 125 KHz RFID wireless transponders. The difference between these keys and fobs is, at most, the maximum range and they lack the buttons a fob would have. The underlying operation of the chip operate on the same principle though, there was no such thing as "wired"/"physically transmitted" chipped keys. As such cloning them was indeed as easy as buying some random RFID cloner and beaming it at someone's purse to then drive away. Of course the other attacks on the car systems themselves (i.e. without the key) also still exist but that's beside the point.
If you think you know of a chipped physically inserted key which you believe does not ultimately use an RFID transponder I'd be curious what make/model/year. Maybe there is just some key I've never heard of.
I bought kit that can do this off AliExpress.
Here's the repo: https://github.com/joelsernamoreno/EvilCrowRF-V2
Backup cameras are amazing. Especially now that I have kids shorter than my trunk line, I appreciate them even more.
A lot of the other stuff, though, I agree with you.
Back up cameras can easily be added aftermarket if wanted. But frankly, many of those older cars had much better rearward vision that anything today.
Sure, but where I live they are mandated by law in every new car.
There's plenty of kids on my street, and I'm much more comfortable knowing everyone has one when backing out of a driveway, and not just the people who bothered to go get one installed aftermarket.
I'd feel more comfortable if we'd raise the standards for the driving test so that only responsible people can drive. For example, the proper way to park is to back into the driveway. You should never be backing from a smaller road or driveway into the larger one. The perk of this is that you do not have to watch for cross traffic while backing up and also looking at a camera, no gear change delay when pulling out, and better visibility into the area you are backing up to due to your approach. This makes it significantly safer for all parties when exiting the driveway.
That perfect driver doesn't exist. Virtually everyone will eventually drive unsafely when they're sleepy, in a rush, distracted by kids in the backseat, etc.I'd feel more comfortable if we'd raise the standards for the driving test so that only responsible people can drive.To give a programming analogy, this is like saying "we can prevent memory safety issues by only allowing good programmers to use C". Everyone makes mistakes.
And all those things exist with a backup camera too. The point isn't about a perfect driver. The point t is that different people find different things comforting. If we think about this logically, a backup camera is only help a very small percentage of driving time at very low speed, for which the number of fatalities is extremely low. On the other hand, increased driver training applies to all driving situations, including the high speed, higher risk scenarios that are linked to more injuries and fatalities.
Fun fact: if you look at the FARS data for 2017 vs 2023, it appears backup cameras have made no difference at all. All the advocacy websites are referring to old NTHSA reports and none of them are using modern datasets.
But how do you want to test for this? Lots of bad drivers are not bad because they can’t drive well, they just don’t give a shit. They would pass the test with flying colors and go back to driving like there is no tomorrow.
The assumption you have is that it's mostly a physical ability test. In many cases people don't know the rules or the reasons behind them. Right now, it's something like a 50 question test and you only need to get get 75% right. If you don't know what the proper procedure is up to a quarter of the time on only a subset of the rules, that leaves huge room for errors. I see it all the time with people passing on the shoulder and changing lanes in an intersection. These are high risk illegal activities that many people don't even know aren't legal because everyone else does it and cops rarely enforce it. I have yet to meet a person who doesn't give a shit about getting into an accident. Those people are more likely uninformed and overly cocky.
I mean, sure, of course that'd be great too. If we could raise the standards high enough that there was never any accidents ever, that'd be even better.
But the realistic option that worked immediately was mandating backup cameras.
(I would note that even in a world where everyone backed up into their driveways and parking spots, mandated backup cameras would still be a good thing.)
"But the realistic option that worked immediately was mandating backup cameras."
Citation needed. FARS data shows no decrease in reversing fatalities pre vs post backup cameras.
You're also mischaracterizing my argument. The point is, the current test of 50 questions and a 10 minute drive around the block is a joke of a test. Of course you're not weeding out people who aren't fit to drive with such an easy test.
How we got to whatever your country's driving test is comprised of from me simply saying "I like backup cameras" is wild. You seem to think I've said "with backup cameras, everything is fixed!" which is so disingenuous I don't know where to begin. I think you're just trying to be contrarian for the sake of trolling.
By the way, I don't even know what FARS is. There's no agency by that name that I can think of in my country. Does it collect data on accidents worldwide?
I'm guessing you're from the US. Here's a quote from the NIH.
>"This study indicates that drivers not only attend to an audible warning, but will look at a rear-view camera if available. Evidence suggests that when used appropriately, rear-view cameras can mitigate the occurrence of backing crashes, particularly when paired with an appropriate sensor system."
From the IIHS.
>"Rearview cameras reduced backing crash involvement rates by 17%. Reductions were larger for drivers 70 and older (36%) than for drivers younger than 70 (16%)"
FARS is the fatality tracking system in the US. None of the studies I've seen have shown real world fatality reduction. The studies they do have still list things like inattentive drivers or reckless choices. While small increases in non-fatal, typically low speed accidents is good, it's not really adding to child pedestrian safety. Better driver testing and education will provide the better overall improvement in fatality reduction.
Backup accidents aren't high speed and the rate of fatality is low, why would you use FARS data in this context? Its clear cherry picking.
A kid getting hit by a backing up car causes injuries and concussions, and you saying it doesn't "add to child pedestrian safety" to prevent that because they aren't splattered by these incidents is offensively absurd.
I'm using FARS as it's the best data I found. Do you have other data? Or at least data to show that concussions etc aren't proportionate to the fatality numbers since you are implying those have gone down while fatalities have stayed roughly the same?
We must have driven very different cars. Rear visibility has always been terrible, and rear cameras are a god send.
Compare an 80s Caprice, 80s Nova, and similar to any car today, and I think you will clearly see the rear visibility today is much worse.
There were some cars with better visibility. I would question the caprice being one, but generally smaller cars did have better visibility. Such that something like a Kia Soul has ok visibility. Still is absolutely nothing compared to using the backup camera. And the side mirror blind spot detectors are pretty awesome. On all cars.
The backup camera has limited field of view and most require you in a heads down position. This is not helpful for maintaining awareness of your surroundings. It will not help you see a bicyclist speeding by. The blind spot detectors can fail and lead to a false sense of safety, especially on multilateral roads.
Show me the FARS data that supports these as actually saving lives.
Are you trolling? The FARS data does call out the same concerns you list, but in a "we can do even better" way. The fatality and accident numbers have absolutely gone down with backup cameras.
This reminds me of when my father would try to argue that seat belts make people worse drivers. There is a logic to what you are saying. But it doesn't pan out with the data.
Show me the data. FARS rear impact pedestrian fatalities for 2017 (before the mandate) was 71. In 2023 (latest data) it was 68. There were still some percentage of backup cameras prior to 2017 so I checked 2006 and the number was 74. If they were really effective I'd expect a much larger drop.
https://www-fars.nhtsa.dot.gov/People/PeoplePedestrians.aspx
Your dad's argument about seatbelts is that it will make people worse drivers. My argument is that backup cameras don't reduce fatalities because there are few to begin with, involve low speeds, and the data hasn't show any real improvement.
The point, if you want to save lives, let's start where the biggest savings are. Those are better driving testing and education (I do support these) and breathalyzer interlock devices (support these for offenders, not universal).
There are studies where they compared the same vehicles that show it has reduced the numbers. They can go into the actual calculations for how they got that, if you want to see it.
You seem to be asking why you don't see this directly in the data, with a number going down. But you do realize the the number of drivers and miles driven have both increased in that timeframe, right? Such that, if the safety had remained the same, the number of incidents would have gone up. Pretty much by definition, that means a number remaining the same means something kept it from growing.
How about the number of kids playing outside? If that number goes down, that would affect the results too. Again, if those studies exist to compare results, show me.
Just googling "impact of rear view cameras on car safety" brings up the standard studies. They were modest in impact, but the cohort analysis did show results with nobody rejecting their stats.
Older cars are more likely to be things like coupes, a form factor more or less abandoned today. I know, I used to drive a coupe. Dear God, the rear visibility was the worse out of any car. And the side blind-spots. You'd think a small vehicle would have good side visibility but no, all you get are those tiny little back windows.
But, it was a beauty.
Generally, I think you're right. But there is quite a range even for coupes. I'm sure Porsche can afford to use higher strength steels, but the pillars on a 911 are surprisingly thin: https://h7.alamy.com/comp/B082JF/2008-porsche-911-turbo-in-s...
On the other hand, coupes with rear hatches can be particularly bad: https://www.motortrend.com/uploads/sites/10/2015/11/2004-toy...
Looking at the extremes like the Honda CRZ, it does seem to be a low priority area!
Ah, I agree for the most part, however, safety has definitely moved forward. There is a lot more to safety than airbags and seatbelts.
My car hit the breaks for me last week on a highway. I’m quite happy with the computerization of cars for this reason. It could be better as the link shows the downsides, but it probably has saved (tens of?) thousands of lives overall.
My car hit the brakes for me last week on a highway as well, except there was no reason to, there was nothing there. I'm not as happy.
I intentionally opted out of these sort of driver assist features because I don't trust the firmware going into them. If a safety misfeature can be disabled manually you also run the risk of an insurer denying a claim if they find out it wasn't engaged. Better to not have it in the first place and use the mark I eyeball for safety.
Yeah, I'm not happy I have them, but I'm happy other drivers have them. I guess they help overall, since I need to be careful to keep a safe distance from the guy in front of me anyway.
A couple months ago I was driving a rental and I coasted up on slow exit traffic with the intent of dodging right after the person to my right passed me. Well I got that far but I got close enough to the slowing traffic in front of me in the process it decided to brake. And of course because electronic throttle they lock you out of the gas. And it takes a couple seconds for it to decide that no, I really did want to go fast, so it lets me do that but of course the CVT needs to incrementally wind its way there at a leisurely pace.
So instead of cleanly pulling off my merge into a lane going 10mph faster than me I look like a goddamn moron for zipping over and then hard braking away 20mph of speed. All because some programmers buried in Toyota HQ somewhere spent too much time on the HN or Reddit or whatever circle jerking it in the comments with the "you can never go wrong by braking" crowd. Could have been way worse had it been a spicer situation, like merging into traffic with a disabled vehicle at the end of the merge ramp or just about any other case with equal or great speed differential and equal or lesser margin.
A car should do what I say. I can understand doing something when I have provided no input or perhaps ignore a 0-100% press to prevent wrong pedal accidents but this is just horrible systems design. If I'm traveling at speed and mash the gas it stands to reason I did that on purpose.
Even the structures of cars have improved. The crumple zones and structural rigidity is constantly evolving.
I also like sensors and crash avoidance tech.
[dead]
Each improvement is hugely less influential than the last. Seatbelts get you 90% of the way there. Airbags do most of the rest, etc, etc.
All those improvements have been undone by the entire market turning in to brodozers and soccer mum tanks.
I miss them too.
Re. the radio: Now its a big useless screen that shows me useless data while still hiding all the useful data that I can get over OBD-II. And whats worse, that screen is tied to your fucking cars computer and configures your car so you cant remove it, no matter how much the software sucks. I hate my 2022 CR-V's garbage infotainment screen. Its a shit UI, shit audio quality, and the Bluetooth is bugged to all hell. I already have a computer with me in my car called a phone that does everything but better. And that's not saying much.
I came to the same conclusion. The exact year varies a bit by manufacturer.
Chevy's pre-2008 were in a good spot, maybe 2007 for the avalanche body change? Quite a few Hondas and Toyotas were good through the early teens, especially the 4 cylinders.
I have a late 80s GMC pickup, 2005 Buick, and a Chevy Volt. The only one I have any real issues with is the Volt, though that's only been the last couple years as the battery is getting old; the most frustrating thing is needing to run questionable software on an airgapped laptop just to turn the Volt back on when a high voltage safety flag is flipped tripped in the computer.
Really depends on the particular model and when it got refreshed and how much the OEM cares about it more so than the manufacturer.
Sometimes the platforms that the OEMs don't care about are great because the idiot dick swinging engineers who want to hit their KPIs neglect them. Sometimes they're terrible because they get phoned in. The flagship platforms are usually safe but sometimes they put too much bleeding edge tech in them.
Yep that's very true. I always heard good things about the original Chevy Trailblazers, mainly because the motors were extremely reliable and Chevy basically ignored the model until they had to kill it off due to emissions of the inline 6. The 00s Chevy interior was another story, and I hear the transmissions used were either fine or time bombs.
You wouldn't happen to have the software you used to work on your Volt bookmarked that you could share? I've got a Gen 2 Volt that I plan to keep for as long as it makes financial sense and sometimes that shady software is the only option for avoiding the dealership.
I don't remember the name of the exact setup I have. I know I've seen people on the Volt forums have success with the GDS2 software and a VCX Nano OBD2 adapter, though I've never used that myself.
There still are cars being sold without much of new "technology", I daily a MY2024 Abarth 595 that still doesn't have start-stop, ECall, auto braking, telemetry, lane-assist, the infotainment is replaceable by a standard third-party box without messing with the rest of the car and still has a traditional ignition key. It's a basic turbocharged FIAT FIRE engine, so maintenance is stupidly cheap and anyone can do it.
I own a bunch of impractical cars, but my daily driver is a 2005 Honda. I always explain to people exactly this. It's the last good year before everything became too digitized and wireless. It's got physical controls, a real horn, a cable driven throttle and at 350,000 miles with so little maintenance and no sign of stopping.
I also own a 05 55 AMG, also all mechanical, but oh so impracticable :D
Think you're onto something. I'm still rolling a 2005 Toyota. Incredibly functional, reliable, and I can add whatever I want and choose instead of having it forced down my throat by the current wave of nonsense ... Oh, and zero worries about it being hacked !
I read recently about how some cars can be hacked and stolen through the CAN bus to the headlights.
https://arstechnica.com/information-technology/2023/04/crook...
Is there an exploit? I've always wanted to explore the inner workings of my car's computer system, but I don't know how.
I recently read "The car hacker's handbook". It seemed to explain the basics very well and pointed me to all the necessary software and hardware to get started.
It is an interesting topic for sure.
That book looks very promising. Thanks a bunch!
Look up OBD-II.
Bluetooth stacks are very complex due to the initially-vague 1.1 spec and the need for thousands of per-device quirks handlers. Even as specs were tightened, old device interop remains needed. If you implement a stack precisely as per spec, about half the devices out there won’t work with it (no exaggeration).
This situation is not a recipe for good code. Now that BLE has audio (the last thing from classic that it lacked), we can begin phasing out BT classic and this mess. However, it will be a decade before anyone can safely drop bt classic interop.
Basically: anywhere you have a Bluetooth stack that supports bt classic, feel free to ASSUME there are RCEs and DOSs lurking. You will not be wrong.
Source: a full blown case of PTSD from having written and debugged a few BT stacks
Could still contain it though. Bluetooth would only be needed for the non critical sound/calls/navigation stuff which should be it's own separate subsystem, on a read only OS with boot chain security so even if you did find an exploit in the bluetooth stack, it would only give you access to very unimportant things, and only until the car reboots.
Of course I don't expect it's implemented anywhere near securely, but in theory it's very possible. Game console companies have this stuff pretty solved.
I’m half excited about this, and hoping I can exploit the infotainment on my Octavia 4
[flagged]
Why leave out the first 2/3rds of the sentence, which are the more severe ramifications of the exploit?
>From there the attacker can track the vehicle’s location, record audio from inside the car, and obtain the victim’s phonebook data.
Combined with:
>"In some cases pairing is possible without any user interaction"
You end up with a stalker's dream.
But also you're potentially able to backdoor in if future vulnerabilities are found. One foot in the door so to speak.
It's a local attack via bluetooth, location tracking is not very interesting. Recording audio likewise not all that exciting for much the same reason. The phonebook though, that's exfiltrating PII.
>In some cases pairing is possible without any user interaction.
Baloney. No implementations in the wild do this, or they would have loudly trumpeted it.
I can turn any security finding into a "yawn" by either ignoring and/or disbelieving most of it, too.
I agree that it's not world shatteringly bad, but... you're being a bit disingenuous. :)"In order to conduct an attack, the hacker needs to be in range and able to pair their laptop with the targeted infotainment system over Bluetooth. In some cases pairing is possible without any user interaction, while in others pairing requires user confirmation, or it may not be possible at all."Does the attacker actually need to be nearby?
Or does there just need to be some communications link between the car's Bluetooth transceiver and the attacker?
I'd think that installing a BT <--> cell network bridge would easily solve that hurdle.
What BT <--> cell bridge?
The cell -> phone -> bluetooth audio bridge?
I don't think there's an exploit there, but even assuming there was, it'd require an attacker to know the phone number of the person they are attacking and for the car to be on at the same time when they execute the attack.
BT to cell bridge? Just a phone stuck somewhere would work.
They mean to attach a device to the victim car that does Car BT <-> Device <-> 5G <-> Hacker
Seems like you still need a device either exploited or created physically located near your target/s. Maybe a car worm virus? Exploit one car and if it has a cell connection piggyback?
Feels a little like the 90s ILUVYOU emails :)
Are there BT antennas for long range? Like, can I make a Yagi style antenna out of a Pringles can and some all thread like we used to do for WiFi?
No but there are bluetooth gateways that allow local bluetooth LE connections on one side and wifi / cell on the other. Cassia makes some great ones.
I can see somebody setting up a Cassia in a car park and performing all sorts of bluetooth LE shenanigans remotely.
Bluetooth uses the same 2.4GHz as WiFi
> The attacker may also be able
The infosec community loves their weasel words don't they?
The only other career path other than "meteorologist" where they get it wrong half the time with the burden of proof on the recipient, and everyone looks the other way.
Show your work, or it's not possible.
This is the wrong attitude to have.
There are cases where vulnerable code is found, but it may take weeks of tinkering to actually build an exploit that gets arbitrary RCE.
An example could be a buffer overflow that only allows a few bytes to be written. At first, you're likely just causing segmentation faults. DEP and ASLR will make writing an exploit that gives RCE difficult. This is when an attacker "may" be able to do something, if there's an attacker determined enough to figure out a full exploit.
The original researcher might not be interested in spending that time and just wants the vendor to fix it.
Unfortunately, you can only cry wolf so many times before no one will believe you anymore.
