Ethically Hacking the CAN System

Kinja'd!!! "ArmadaExpress drives a turbo outback" (armadaexpress)
04/08/2015 at 10:55 • Filed to: internet of things, canbus, ethical, hacking, your mother, keep oppo wired

Kinja'd!!!2 Kinja'd!!! 5

This could be the sort of product that enables developers to build better tools for us as consumers to diagnose our own cars, and allows car manufacturers to tighten up security.

What are your opinions on letting loose developers/ hackers on cars to see what they can do?

!!! UNKNOWN CONTENT TYPE !!!


DISCUSSION (5)


Kinja'd!!! Mattbob > ArmadaExpress drives a turbo outback
04/08/2015 at 11:02

Kinja'd!!!1

its actually not very hard to start messing around on the CAN Bus. For work I just designed, built, and programmed a board from scratch that sends and receives CAN messages for automotive testing. With some programming changes it could easily intercept and retransmit CAN data with whatever changes you wanted. All for about $25 in parts. Also a guy at work ust bought one of these: https://canb.us/ it seems similar to what you posted, but way more developed.

As far as my opinion goes, let them have at it. It is up to the car designers to make sure their data buses are adequately secured against outside interference. For example don't connect an engine controller on the same bus as an internet connected media unit. I don't see the ethical dilemma. If someone gains physical access to your car and installs a CAN device to mess with your car, it is no different than tampering with brake lines or some such thing.


Kinja'd!!! BloodlessWeevil > Mattbob
04/08/2015 at 12:42

Kinja'd!!!0

Actually you cannot intercept CAN signals without cutting into the module harness. The CAN bus works more like a radio station than a telephone. Messages are broadcast on the bus as a whole with no intended recipient. Modules listen for the signals they care about and ignore everything else. You could broadcast a false signal, but it would compete with the legitimate signal and listening modules would throw them both out as unreliable.


Kinja'd!!! Mattbob > BloodlessWeevil
04/08/2015 at 13:49

Kinja'd!!!0

yes... you would have to cut into the harness at the module you want to affect. You have 2 transceivers, one going to the module, and one going to the vehicle harness. Are you telling me this, or for the benefit of everyone?


Kinja'd!!! BloodlessWeevil > Mattbob
04/09/2015 at 08:30

Kinja'd!!!0

Kinda both, I often work with CAN buses in a development capacity, so I try to dispel misconceptions when I can. In your original post you said you could do it with just programming changes, but the devices referred to (by both you and ArmadaExpress) connect to the J1962 connector. Did I miss something there?

I just reread the OP, developers/hackers have been going to town on cars for a while now. We just call them tuners or modders or just people who messed around with their car to make it better. The truth is that you can get a lot of information from the vehicle from the CAN bus, but to make any functional changes you need to reprogram modules. Which usually requires some support from the OEM (dealer diagnostic/reprogram tools and software at a minimum.)


Kinja'd!!! Mattbob > BloodlessWeevil
04/09/2015 at 08:43

Kinja'd!!!0

oh, when I mentioned programming changes, I meant to the module I built at work. It's got 2 CAN transceivers, so you could have a module side, and a bus side. You would have to cut the harness though. I wasn't talking about the devices posted. I agree though, on the point of needing OEM support to really do a lot with the messages. I work for the OEM, and it is hard enough to get the .dbc files I need. I wonder how hard it would be to get them outside of here. Once you have those though, it is fairly easy. I don't have the experience you do with CAN, I do test systems, but it still isn't that hard to pick up.