When I first heard about Experimental Security Analysis of a Modern Automobile, a paper in which researchers at the University of Washington and UCSD explored the what someone could do to the computers in your car I wasn’t worried. It sounded like another one of those theoretical analyses in which the threat is predicated on the attacker somehow getting into your car and attaching something to the CANbus internal network. Then I read the paper. Gulp!
It turns out that not only is the CANbus not all that secure (16 bit static keys), and the security standards not all that consistently followed, but there are multiple vectors through which bad stuff can be introduced. For instance, aftermarket audio systems are attached directly to the CANbus, and a repair shops diagnostic equipment connects to it through the federally-mandated OBD-II connector. While there are supposed to be restrictions on re-flashing the memory of the car’s on-board computers, the researchers found that was fairly easy to do, and even managed to reprogram the cars telematics module (e.g. OnStar) to act as a router between the low speed network where the radio is attached and the high-speed network that operates the engine and the brakes.
Using the reprogrammed module and a laptop connected to the OBD-II connector, they took a car out onto an abandoned airfield and showed how, while the car was moving at speed, they could stop the engine, selectively operate the brakes on any combination of wheels, or disable the brakes altogether.
So make sure you know where that after-market radio has been, hope your mechanic was careful how he downloaded updates to his diagnostics equipment, and hope there aren’t stack-overflow bugs in the telematics, Bluetooth or remote locking modules.