Want CNET to notify you of price drops and the latest stories?

Car hacking code released at Defcon

Car computer hacking hit the gas on the first morning of Defcon 21, as hackers revealed how they took over two of the most popular cars in America.

Seth Rosenblatt Former Senior Writer / News
Senior writer Seth Rosenblatt covered Google and security for CNET News, with occasional forays into tech and pop culture. Formerly a CNET Reviews senior editor for software, he has written about nearly every category of software and app available.
Seth Rosenblatt
3 min read

LAS VEGAS -- You may hate parallel parking, but you're going to hate it even more when somebody commandeers control of your car with you in it.

That was the scary scenario painted over the first two hours at the 21st annual Defcon hacker conference.

"Car hacking is definitely coming," said Zoz, of Cannytophic Design, who presented on how to hack autonomous cars.

Zoz's talk on vulnerabilities that autonomous autos will face followed a fast-paced explanation by well-known computer security experts Charlie Miller and Christopher Valasek of how they spent the past 10 months hacking the self-driving features of two popular cars. Miller, Valasek, and Zoz all spoke to standing-room only crowds of more than 1,000 people.

While car hacking made a big splash at Defcon in 2010 and 2011, those hacks were not publicly documented. "We want it to take two months for everybody to do this," Miller said to loud applause from the packed house.

Before going into their hacking explanation, Miller and Valasek admitted that they were not hardware hackers, and had little experience on hardware basics like splicing wires. But they only had one requirement for their test car: that it be able to drive itself.

From there, hilarity ensued. Instead of following Toyota's guide to removing the dash of their test 2010 Prius, they used a crowbar. Subsequent videos and photos showed them driving around with a laptop wired to the open dash of a car, much to the amusement of the crowd.

The pair also tested a 2010 Ford Escape.

Prerecorded video demos of the hacks showed Miller and Valasek disabling the car's brakes, jerking the steering wheel back and forth while the car was in motion, accelerating, taking full control of the steering wheel, yanking the seat belt tight, turning off the engine, turning interior and exterior lights on and off, honking the horn, and making the console show a full tank of gas when it wasn't.

Surprisingly, neither wore a helmet.

At one point, the car wouldn't start, and they had to get it taken to the Toyota dealer for repairs. It turns out, Valasek said, that they had blown up the inverter. "They said they couldn't fix the car because they'd never seen this problem before."

The two detailed much of the nitty-gritty of their hacking work, covering how they gained physical access to the car's computer and how they figured out how to program the car's computer.

The documentation that they will be releasing in the next few weeks sounds comprehensive, totaling 101 pages of code and data.

Zoz spent his talk in the next hour on the future of automation. Self-driving cars, he told, are essentially robots and will be particularly susceptible to the same kinds of hacks as less complicated robots.

Zoz details the concepts behind how to hack self-driving cars at Defcon 21. Seth Rosenblatt/CNET

Many of these vulnerabilities will be related to directly hacking or indirectly altering the sensors that allow a car to navigate the road without causing accidents. Automated vehicles of all sorts, from person-carrying cars to small drones, rely on a multitude of sensors such as GPS, LIDAR, cameras, millimeter wave radar, digital compasses, wheel encoders, inertial measurement units, and on-board maps.

There are two kinds of sensor attacks, Zoz said. Denial attacks prevent the sensor from recovering data, while spoofing causes the sensor to retrieve bad data.

Each of the sensors on a car or drone can be successfully attacked in several low-cost, low-effort ways. A GPS sensor, he said, can be compromised by purchasing or building a cheap GPS jammer.

Maps are particularly at risk. "You can't have your robot occasionally blowing through a red light," he said to much snickering from the audience.

Zoz, as well as Miller and Valasek, kept returning to a particular point during their separate hour-long presentations: the goal of hacking cars isn't to cause widespread havoc, but to make them safer.

"Now that we've released the data, you can think about how to stop these attacks," Miller said.

And echoing Miller, Zoz also highlighted safety concerns. "When I talk about exploits and countermeasures, I want you to think about counter-countermeasures," he said.

Ford and Toyota have both said that their focus is on preventing wireless hacks, but wireless technology is hardly a bastion of security. We may be approaching an era when the car itself could be to blame for crashes.