ELD IS GOING AWAY !!!!!

Until this past fall, there was no indication that the DNC had been hacked, either...until there was. Putting your head in the sand like Tucker and pretending the problem doesn't exist doesn't make the problem go away.

Also from the article:
By sending digital signals within the internal network of a big rig truck, the researchers were able to do everything from change the readout of the truck’s instrument panel, trigger unintended acceleration, or to even disable one form of the semi-trailer’s brakes. And the researchers found that developing those attacks was actually easier than with consumer cars, thanks to a common communication standard in the internal networks of most industrial vehicles, from cement mixers to tractor trailers to school buses.

Perhaps you don't mind being somewhat vulnerable, taking the "it probably won't happen to me" approach, but I don't care to place my life in the hands of others...especially if they may have malicious intent. I oppose any and all efforts to remove the driver from the actual driving. I refuse to own a vehicle without a direct mechanical linkage controlling the transmission, and a physical switch that absolutely cuts the ignition. If the SHTF, I don't want some computer (or a hacker on the other side of a computer) overriding what I'm telling the vehicle I'm driving to do. Anything that introduces that possibility even in the slightest possible manner, I vehemently oppose.

Besides, what's the point of the hazmat background checks if anyone with a computer, internet connection, and a little knowledge can disable your brakes, mash the throttle, and the only thing you can do is choose where to crash? What happens the first time there IS such an attack? I guarantee "the driver" is going to be the FIRST to be blamed...and where's the evidence that would vindicate that driver? Some hackers are pretty good at hiding their footprints in secure systems. In an unsecure system that was never intended to be accessed without a hard-wired direct link, there won't be any traceable evidence...especially if the ECU burns up in the wreck. Unless some group claims responsibility for it, that driver is going to get blamed 100% for the crash.

 

My low mileage '89 T600 is looking better and better every day.

 

Jesus fkn Christ. That part you quoted? That was from having a physical connection to the ecm, not wireless. Go back and reread it without hyperventilating this time. At the risk of sounding like a broken record, I have not denied its an issue that needs to be addressed, nor have the manufacturers. That's why they're taking steps to address it. There's a pretty big difference however between "this could potentially happen" and "omg this is going to happen every time I drive my truck. As soon as I turn the key on its going to crash into a school bus full of kids" Calm down Chicken Little.

If you think this is bad, boy are you going to hate hearing about autopilot in airplanes. Those things are filled with people and can FALL OUT OF THE SKY!!

 

Maybe that USA truck doing the uturn was being hacked and it wasn't the drivers fault.

 

I never denied the fact that it was a physical connection...which as of now, is REQUIRED for anyone to gain access to my ECU. However, once a gateway device with internet or cell access is physically hooked up to the ECU, it opens the door for a hacker to gain access remotely. So what "steps" are they taking to prevent that? Are they going to provide updated ECU files that place more barriers to minimize the potential impact should someone get in through the device? How much is that going to cost?

When I was in college, I had in my small little circle of close friends a guy who could hack the 128-bit encryption, which at the time was the "latest & greatest" out there. So I've always felt the need to take precautions when it comes to what information I leave vulnerable, because if I knew somebody with that capability, how many more were out there...who may not be as honest or law-abiding as my friend? As a result, I don't even keep personal info on my home PC. Even on my tax forms, I don't "save" it with my SSN on the form. No bank account numbers. Nothing. I don't do internet banking, and all online purchases are made with a throw-away pre-paid card...so even if that transaction does get intercepted with my financial info, it won't do them any good. Even my cell phone isn't an Android or Iphone...and even though it is among the most secure devices and "approved for use" by our top government agencies, I STILL don't keep personal info on mine. Even my snail-mail isn't delivered to my house, but rather remains locked up at the post office for me to pick up...and I'm home every night, so it's not like it would be stacking up in my box at the side of the road. When it comes to that sort of thing, I'd rather be "safe" than "sorry". Yes, chances are good that you could live 90+ years and never be a victim of fraud, even if you do just go with the flow and don't take any extra precautions. I'm all for hardening targets, though. I refuse to be a victim of opportunity, and if I do become a victim someday, they had to work a little harder to get me. I take the same approach with my driving and the DOT. I don't have anything to fear, per say, but I still don't care to make it easy for them. That's why I stick to the 2-lanes whenever feasible, and plan my routes so that I cross the least number of scales possible along the way. Never understood the idea of rolling into an area of intense scrutiny, where the BEST CASE scenario is they let you pass without harassing you or wasting your time phishing for something to write you up over.

There is nothing wrong with the desire to be left alone to run your life as you see fit, and looking with skepticism upon anyone attempting to infringe upon that ability. There is also nothing wrong with rejecting the notion that just because something "hasn't happened yet" that it cannot or will not happen in the future. You're right, though, and the chance of somebody hacking into MY specific truck might be relatively insignificant...probably won't ever happen...but your house will probably never burn down, either. Do you have fire extinguishers? A tornado will probably never tear through your property. Do you have a basement or shelter? Stuff happens. It is best to recognize and minimize the risk BEFORE it happens, rather than simply bend over and kiss your ### goodbye IF it happens.

 

I would imagine if hacking ECM's is happening, GM vehicles would have seen it years ago since most have OnStar. Normally hacking occurs for profit, or a huge disruption, and there are bigger paying things out there other than your ECM. Cellular is also encrypted, and is difficult to locate the data stream you want. The encryption is so good to find the exact stream you want, you would have to have the EIN of the device, and know what tower it is connected to, as well as exchange encryption keys. As the system designer stated, looking for the one transceiver on a a cell connection would be like filling a city the size of Chicago with salt, and trying to find 1 salt grain in the billions out there. WiFi is a different story, and cannot be compared.

 

You don't suppose a truck bearing placards for explosives, poisonous gas, corrosives, flammable liquids, infectious substances, or radioactive material might be a bigger, more likely target than say a family in their chevy sedan? Might cause bigger problems and quite a bit of panic if say the throttle was pinned wide open and the automatic transmission locked into gear during rush hour? Nobody thought somebody would bring down a skyscraper by intentionally crashing a commercial airliner into it, either...until it happened. My question is, why are you so willing to allow new vulnerabilities to be created?

Funny you mention WiFi, since these devices have the capability to connect via WiFi. So a driver leaves the device set to search for and connect to WiFi and now they're in. Stop at a truck stop and connect in order to transmit BOL's and other scanned documents, and they've got identifying information from your truck to help them "find" it. Point is, there are serious potential problems, and yet those problems are shrugged off as no big deal because you don't think it'll happen. Yes, I understand that just because it CAN happen doesn't necessarily mean that it WILL. However, when you ignore the fact that it MIGHT happen, you're turning a blind eye to the fact that there are evil people in the world who will take advantage of any opportunity to cause havoc...and by pretending they don't exist makes it easier for them to succeed in their endeavors.

 

Aircraft have used WiFi, satellite, and trunked radio systems for years, yet no one has hijacked one via any of those methods yet, which would be a better headliner, a plane with hundreds onboard, or a truck driver and a few motorists? ELD's also have the ability to turn the WiFi off, and they require an encrypted connection, not plain text like your phone does. Today I was privey to some info one ELD's, freight tracking, etc. The new administration feels the transportation sector needs to implement and use computer based tools, and less time spent on paperwork. I don't care either way, logs are logs, hate or like ELD's, they use encryption, and with all of the ELD's in use today, not one has been hacked, and the technology is constantly updated to prevent breaches. ELD's have to meet financial sector security, they are used to track time, disseminate payroll, and used ti submit bills, etc. While you think of it as a cell phone with WiFi, it is much more secure.

 

But is the plane's WiFi, satellite, and trunked radio systems tied into the navigation and flight controls? Or are they separate systems? On a truck, you're connecting this device directly to the computer that controls all of the truck's operating systems which makes the vehicle itself vulnerable as opposed to simply the communication system. A hacker can control the throttle, parts of the braking system, the transmission (if an auto), warning lights and buzzers, gauges, and anything else that runs through the computer on a truck.

Whether a plane can be hacked or not, though, doesn't really matter to me. The biggest plane I've ever been on only sat 4 people and was owned and piloted by the son of my grandma's sister....twin engine prop plane without a whole heck of a lot of advanced systems on board. I've never flown commercially, and really haven't any need or desire to go anywhere I can't drive to myself. I prefer to travel on my own terms, on my own schedule, at my own pace, and at my own convenience. It is one of the reasons I don't run OTR...layovers p!$$ me off. I don't want to have to worry about whether my luggage made it or not, relying on people to shuttle me around, renting a car, or any of the other headaches involved in traveling by plane, bus, or train. Not to mention, when I do travel, I'm seldom without items strictly prohibited by the TSA. That being the case, I couldn't care less how "secure" a plane's systems are because I'm not going to be on one. I am, however, not only the driver of a truck, but also the owner of the truck that I drive. As such, I have a vested interest in ensuring that it remains as safe as possible.

 

In aircraft it is connected to the avionics, engines, and flight controls. While inflight they constantly communicate with satellites that Boeing, GE, AirBus, MBZ, and a host of others gather flight data off of, as well the airlines maintenance systems. When it is on the ground, they can use cellular, most use the WiFi, pull up to the terminal and guess what the plane does? It downloads a host of information via WiFi. You have your mind made up, won't look at how the technology is used and implemented, encryption, safeguards, public/private keys and handshakes, or a host of other safeguards to prevent what you are in a panic over. Until the public understands what is available, and protects themselves using the tools available, systems will be hacked, plain and simple. Look at the number of people running WIndows 95 and XP, they are wide open for hacking.