On Sunday, September 27, 2015 at 10:30:12 PM UTC-5, Don Y wrote:
On 9/27/2015 7:11 PM, Uncle Monster wrote:
On Sunday, September 27, 2015 at 4:26:33 PM UTC-5, Don Y wrote:
On 9/27/2015 2:15 PM, Uncle Monster wrote:

Well hell, the only vehicles left running after the coming EMP attack
will be diesels with the simple mechanical fuel delivery and engine
controls..

I don;t worry about an EMP -- I suspect I will have more pressing concerns
in that case than worrying about a vehicle!

The problem with the architecture of many car control systems is they
don't physically (or even logically) partition subsystems so that a
compromise of one can't compromise the others!

E.g., most "hacks" access the car's control infrastructure through the
entertainment/navigation systems -- things that should have no reason for
*talking* to the brakes, engine controls, steering, etc. Yet, because
this wasn't accurately considered as a potential attack surface during the
design, there are no/few precautions to protect against such attacks after
the fact.

This is the sort of naive thinking (full of unspoken ASSUMPTIONS) that
leads to big-time problems down the road.

By way of a different, though similar, example, most businesses employ
firewalls to "keep intruders out". They block INBOUND connections to the
machines *inside* their firewall.

But, they ignore the fact that a machine *inside* the firewall can
(typically) initiate a connection to damn near any other machine *outside*
the firewall. And, once that connection is (intentionally) established --
by malware -- the inside machine is now *past* the firewall yet under the
control of some outside entity.

Ooops!

I must state that I'm not a conspiracy nut, just a regular nut. I've noticed
a pattern over the years of the intrusion of technology into every aspect of
the lives of people. People are willingly giving up privacy and control of
their lives to new technology which in turn can allow government to control
people. Do as you're told or government will turn off your car, travel, ID,
money, computer, phone, housing, utilities, benefits, health care and
anything else a government gets its hooks into.

People are primarily turning over control to *corporations*. Those folks
have LESS constraints on what they can do with that than the gummit. And,
they represent convenient "one stop shopping" for the spooks to go
poking around with a secret writ -- so you (ALL!) have no idea that a
search is even under way!

Basically, people are
falling all over themselves to give the government the ability to take away
their rights, freedom and liberty at the push of a button.

Blame much of this on the Patriot Act: "Oooo! Protect me from the bad guys!"

If a government
can easily take something from you, a run of the mill criminal can do the
same.. I'm sure others have noticed a pattern of government using new
technology to exert control over the lives of a citizenry who're are
completely oblivious to it. Geez! o_O

The problem is more fundamental than conspiracies.

With increasing levels of technology, more things are economically
feasible. E.g., when the PSTN was largely an analog device, a
wiretap required physical access to the wires servicing the individual
in question. Once the PSTN went digital, that "voice" is now just
so many "bits" on a virtual circuit. Additional virtual circuits
can be created at will -- no "wire" involved. So, calls from any
number of "taps" can be routed to anyone, anywhere for free.

Electronic funds transfers make it easy for folks to observe where
monies are being moved. Previously, you had to watch a "paper
instrument" (treasury notes, cashier's checks, etc.) make a
physical journey to know the actual recipient.

When "communications" were written on sheafs of paper and
encapsulated in envelopes that were physically transfered
from sender to recipient, you had to physically intercept those
transfers to see what was being said. And, be aware of EVERY
means by which those transfers could take place (USPS, FedEx,
courier, etc.). With email, they're just bits that can
clandestinely be copied and routed to alternative locations.
No need to examine an envelope to see if it has been tampered with!

When a mechanical linkage connected the gas peddle to the
throttle, you had to exert physical force on that linkage,
at some point, in order to influence the vehicles speed
(indirectly). When the accelerator is just a position *sensor*
that feeds "data" to a computer, then anything that can spoof that
data can pretend to be the accelerator.

The folks making these design decisions are also blissfully
ignorant/unconcerned with these possibilities -- or their consequences!
That's where the vulnerability creeps in.

I've worked in a lot of different technical fields like broadcast and two way radio, alarm systems, computers, control systems plus telecom and data systems. Basically anything that uses electrons. One of the last things I was doing before I became too ill to work was installing and servicing VoIP telephone systems. Because of this, I tend to look at how to frak with and hack technology like I was writing a spy novel or script for a TV show or spy movie. I see an alarm system and I think,"How can I actually circumvent that thing." When I worked on security systems I tried to think like a crook who wanted to get by it. How can I tap a phone system. How can I intercept or jam radio communications? How can I hack into a wired or WiFi network to frak with the computers? How can I interfere with and cause malfunctions in a control system. I have a song in my head "Think Like A Terrorist" done to the tune,"Walk Like An Egyptian" by the girl group The Bangles. It's very entertaining to daydream about hacking and fraking with technology and even more fun to experiment. ^_^

[8~{} Uncle Terrorist Monster