When you hear the likes of Bill Gates, Steve Wozniak and one Stephen Hawking warn you about the dangers of artificial intelligence taking over the world you have to be more serious than just taking it as another flight of fantasy by a sci-fi daydreamer. The threat of the machines taking over the world is no more a fantasy. Artificial Intelligence is probably in the last legs of its development, beyond which it will likely find its own conscience. The code, then, will require a physical means to act as its arms and legs. Those means could be the robot-machines, as depicted in the Terminator movie series, or some other devices which the sci-fi writers have probably not been able to envisage to date. Automobiles, for example.
Think about it. A car is a perfectly independent, mobile entity. It’s almost a creature, and can follow commands to perform certain tasks. If you think that the idea is too far removed from reality, you should probably have, well, a reality check. Using a security loophole in thousands of vehicles using FCA’s (Fiat Chrysler Automobiles) Uconnect internet enabled software, hackers have been able to remotely control their car, even with a driver behind the wheel.
The issue was brought to fore by a report on the noted technology site Wired, whose correspondent Andy Greenberg was hacked remotely, with his permission by Charlie Miller and Chris Valasek, two security researchers. The duo has previously demonstrated how a car can be hacked by taking control of car models such as the Toyota Prius and a Ford Escape.
All images – courtesy Wired
The car in question was a Jeep Cherokee. The hackers, leveraging a security loophole in the car’s software took control of the system, having access functions as critical as engine revs and braking from their laptop, from a remote location. During the demonstration the hackers first played around with the AC temperature and wind blast, switched the radio stations, turned up the volume, brought on the windshield wipers with the wiper fluid getting constantly sprayed on the screen before disabling the engine and brakes, and crashing the car into a ditch. All this while, the driver wasn’t able to do anything to salvage the situation despite fiddling around as much as he willed with the physical controls. The most amazing thing about this entire experiment as we mentioned earlier, is that the hackers never had to even make a physical contact with the car before achieving such critical control.
The Uconnect system, which was the entry point for the hackers, is installed in hundreds of thousands of FCA group vehicles manufactured since late 2013. The FCA group, with some assistance from the hacker duo in question have now released a patch to fix the problem. The update requires the users to physically insert a USB drive into the car’s USB socket and update the firmware. The car owners can perform the security update manually by downloading the software from the company’s website, or have it done through the dealerships.
With hundreds of thousands of cars with the compromised Uconnect system, however, it can be safely assumed that not all cars will be patched with the security update, still leaving thousands of cars vulnerable to an attack by the hackers in the know. Charlie Miller and Chris Valasek, the hacker duo who demonstrated the security loophole, however, claim that it’s not as easy as it sounds. It took the security engineers months of hard work to crack the vault, and they aren’t giving away any of the details to make it easy for those with ill-intentions.
The entire episode, however, makes it abundantly clear as to how vulnerable the software driven systems are to attacks by hackers.
Coming back to where we started off from, does it still appear too difficult for you to see a Genisys-style software entity crashing your car into a tree just for fun? Driverless cars, anyone?
Check out this video detailing how the security loophole was brought to fore
