Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

September 9, 2015

How to Stop a Smart Car

Filed under: Cybersecurity,Security — Patrick Durusau @ 7:11 pm

Advances in technology render traditional methods of stopping cars obsolete!

No more police roadblocks:

police-roadblock

No more spike strips:

spike-strip

No more PIT maneuvers:

Pit_maneuver.svg

Now you only need a laser pointer!

laserpointer3

John Zorabedian reports in Self-driving cars can be stopped with a laser pointer:


Jonathan Petit was able to launch a denial-of-service attack against a self-driving car by overwhelming the car’s sensors with images of fake vehicles and other objects.

As Petit describes in a paper he will present at Black Hat Europe, he recorded the pulses emitted by objects with a commercial lidar (light detection and ranging) system that self-driving cars use to detect objects.

By beaming the pulses back at a lidar on a self-driving car with a laser pointer, he could force the car into slowing down or stopping to avoid hitting phantom objects.

In an interview with IEEE Spectrum, Petit explained that spoofing objects like cars, pedestrians, or walls was fairly simple; and his attack could be replicated with a kit costing just $60.

Compare the $60 to stop a “smart” car versus $313.94 for a set of MS10 spikes, $45K for a Ford Taurus for the PIT maneuver, or right at $225,000 in cars for the full police roadblock (five cars x $45K).

What lies at the root of the smart car vulnerability?

Unchecked input. The same cause of buffer overflows, SQL injection attacks, etc. A leading cause of computer vulnerabilities is spreading to cars.

Waiting for the day that failure to check input data = strict liability + punitive damages.

Ford got a taste of liability with the exploding Pintos.

Are smart car manufacturers lining up for another taste?

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress