Wireless systems in cars may compromise drivers’ privacy, pose security threatAugust 13th, 2010 - 4:51 pm ICT by ANI
Washington, Aug 13 (ANI): The advent of new wireless technologies in cars might compromise a driver’s privacy and pose a security threat, warn researchers at Rutgers University.
Modern automobiles are increasingly equipped with wireless sensors and devices, such as systems that monitor air pressure inside tires and trigger dashboard warnings if a tire’s pressure drops.
And now researchers have shown that these wireless signals can be intercepted 120 feet away from the car using a simple receiver despite the shielding provided by the metal car body.
Since signals in tire pressure monitoring systems (TPMS) include unique codes from each wheel sensor, this raises concerns that drivers’ locations could be tracked more easily than through other means, such as capturing images of license plates.
TPMS wireless transmissions also lack security protections common in basic computer networking, such as input validation, data encryption or authentication.
The researchers demonstrated how a transmitter that mimics, or “spoofs,” the sensor signal can easily send false readings and trigger a car’s dashboard warning display.
This could prompt a driver into stopping his or her car when there is actually nothing wrong with the tires.
“We have not heard of any security compromises to-date, but it’s our mission as privacy and security researchers to identify potential problems before they become widespread and serious,” said Marco Gruteser, associate professor of electrical and computer engineering and a member of the university’s Wireless Information Network Laboratory (WINLAB).
He noted that tire pressure monitoring is the first widespread use of in-car wireless networking, and because of the increasing cost and complexity of wired electronic systems, it’s reasonable to expect other aspects of automobile operation to come under wireless control.
“A spoofed signal could potentially cause serious safety concerns if stability control or anti-lock braking systems relied on the data. So we are sounding the alarm right now,” he said.
Gruteser acknowledged that intercepting and spoofing signals is not a casual effort.
But the fact that people with college-level engineering expertise could carry out those actions using publicly available radio and computer equipment costing a few thousand dollars shows that systems are vulnerable.
“While we agree this technology is essential for driver safety, more can be done to improve security, such as using input validation or encryption,” said Wade Trappe, a collaborator on the project who is an associate professor of electrical and computer engineering and associate director of WINLAB.
The researchers presented results of their work at the USENIX Security Symposium, one of the premiere academic computer security conferences. (ANI)
- Hackers can attack car control systems, warn experts - May 15, 2010
- New Ferrari technology to 'read driver's mind to adjust car stability' - Jan 08, 2011
- New encoding for foolproof email security - Sep 11, 2012
- Coming soon: Device that wakes up drivers snoozing at the wheel - Nov 11, 2010
- Bluetooth offers round-the-clock health monitoring - Mar 11, 2012
- Devices to be powered out of thin air - Jul 11, 2011
- Vibrations to help in energy harvesting - May 07, 2012
- Engineering student designs computer-operated car in Coimbatore - Oct 13, 2010
- BlackBerry says India can't access encrypted data - Dec 31, 2010
- Scientists crack satellite telephony security code - Feb 09, 2012
- Energy from air could power your mobile - Jul 20, 2011
- Google fires engineer for privacy violation - Sep 15, 2010
- 'Touche' gives human touch to doorknobs, smartphones - May 06, 2012
- MP3 can cost you your car - Mar 17, 2011
- 'Intelligent co-pilot' makes driving safer - Jul 15, 2012
Tags: air pressure, basic computer networking, car body, data encryption, information network laboratory, input validation, metal car, monitoring systems, rutgers university, security protections, security researchers, security threat, sensor signal, tire pressure, validation data, wireless information network, wireless networking, wireless sensors, wireless signals, wireless transmissions