The dark side of digital

Why should I care about Twitter? If you’re like me, you’ve asked yourself this question before. But there are ways that the market for digital applications is affecting even the motoring industry, and they could be a threat to your safety.

Yes, I’m young and “of the age of Twitter”, Facebook and other social media platforms that have emerged from our increasing digital interaction with each other in what is ostensibly a digital age. Still, within my lifestyle of travel to places with little or no 3G connection, of physical things such as ground clearance and articulation, I have wondered why this medium should be of importance to those not interested in connecting digitally.

The benefits of social media platforms aside, there’s an effect on industries from the digital market that may influence us in the future far more than we realise.

Consider Charlie Miller. Charlie is a Twitter security engineer – a “white hack”. Charlie’s job is to find soft spots in the Twitter framework where hackers could get in and expose them so that other engineers can patch them up. Now, if you do know a bit about Twitter, you’ll know that its security has been compromised several times, and hacks are not uncommon. The hackers enter your account in the form of a virus, and are then able to post links on your behalf to lure in your trusting followers.

Charlie Miller’s other job, however, is to find soft spots in the computer systems found in modern and prototype vehicles. He finds them and exposes them so that other engineers, again, can patch them up.

Recently, Miller and colleague Chris Valasek exposed several “bugs” in vehicle systems that brought a wave of panic across automotive-savvy web users and ordinary drivers alike.

They tested the Toyota Prius and Ford Escape, and after many hours plugged into the vehicles’ electronic control units (ECU), they were able to control the vehicle and influence its acceleration, braking and steering. The team had been tasked by the two companies to find and expose weaknesses in their vehicles, in which computer systems were becoming increasingly accessible to users of social media platforms and the internet.

Motor shows have been demonstrating the innovative use of digital space for many years now, with applications such as smart phone synchronisation allowing for your radio station and even ambient temperature at home to be ready and waiting for you when you get into your car.

More recently, the idea of a self-parking car has become a reality, and adaptive cruise control (ACC) has been able to control the speed and braking of vehicles as commonplace as the Honda Accord for years.

BMW’s systems are fairly integrated, with users being able to tweet pre-written messages from their vehicles, adding elements such as the weather and their location to be shared with others. Internet browsing is becoming more common among luxury and mid-level vehicles, as is the streaming of television channels for passengers’ entertainment.

But all this comes at a cost. Security experts warn that manufacturers may be too eager to please an increasingly well-connected market, and in their haste forget about critical safeguards. Security engineers, according to an article by Jim Finkle of Reuters, see cars as “computers on wheels” – and they should be protected as such.

Despite the risks of connectivity-driven applications in vehicles, however, even technology so old that it is already being phased out can be vulnerable.

In 2010, two security engineers remotely hacked into a vehicle by placing a virus on a CD. The CD was inserted into the radio like any other, and the virus allowed them to initiate programs such as “self destruct”. This pops a 60-second countdown timer a la Mission Impossible onto the dash, after which it simultaneously locks the vehicle’s doors, kills the lights and the engine and releases the brakes!

The research group, now disbanded but known as the “Center for Automotive Embedded Systems Security”, refused to release the make and model of the vehicles tested and compromised. Their report even described ways to “infect” cars via Bluetooth.

Since these revelations, the automakers have been driving the research to patch up soft spots and “bugs” rather than be shown up by hackers, which is encouraging for the ordinary driver and buyer.

However, this kind of research can be as dangerous as it can be useful. In fact, the Volkswagen group obtained a restraining order last year against a group of European scientists set to discuss lock hacking methods against Porsches, Audis, Bentleys and Lamborghinis at a conference in Washington.

Valasek and Miller are set to publish their research in a 100-page paper, but considering a quote from Miller that he trusts “the eyes of 100 security researchers more than all the eyes that are in Ford and Toyota”, it’s becoming unavoidably clear just how necessary it is for automotive companies to pay heed to the dark side of the digital age.

* Articles of interest can be found on www.reuters.com (by Jim Finkle) and www.gizmag.com.