Hackers Can Take Over Cars And Drive Them With A Nintendo Controller

A pair of security experts demonstrated to the BBC that some ordinary models of cars can be overridden -- despite whatever the driver is doing behind the wheel -- using a laptop, some software and an old Nintendo Entertainment System gamepad.

The hack -- which Toyota, in response, says it doesn't consider a "hack" -- requires plugging into a vehicle's electronic control unit through a diagnostics port, as researchers Charlie Miller and Chris Valasek did on a 2010 Ford Escape and Toyota Prius. From there, software written by the pair overrode commands the driver gave the car -- including acceleration, braking and steering. Gauges also were manipulated to show ludicrous speeds or zero fuel. Most terrifying, perhaps, the horn was utterly at the hackers' mercy.

A Toyota spokesman quibbled with the BBC, noting that the hardware driving the car had to be physically connected to it, therefore not rising to the level of a "hacking".

"The presence of a laptop or other device connected to the [on board diagnostics port] would be apparent," the spokesman said.

Miller and Valasek say that's not the point. The cars don't appear to acknowledge from where the commands are being sent, a sure way to shut down this kind of secondary control -- which is dangerous for any number of reasons. The duo said they wrecked a few test cars while testing and revising their software.

Miller notes that the conversation on remote-control car hacks varies widely, from some saying this isn't important to others saying it's common knowledge. He and his partner plan to release their findings publicly because "if you're just relying on the fact people aren't talking about the problem to stay safe, you're not really dealing with the problem."

Toyota, for its part, defended the firewall technology aboard its cars, saying it protected vehicles from remote and wireless services.

Car hackers use laptop to control standard car [BBC via Jalopnik]


Comments

    I'm sure that if this were the norm, many catastrophes would ensue.

    It'd be cool, though.

    Bonus points to them for making it a NES controller and not going the easy route with a more modern pad. Scary AND stylish!

    Sure it doesn't look like a hack yet ... but for the next trick, plug a small computer device with a 3g modem in it into that diagnostic port, and then remote control it *from outside the vehicle*.

    You don't even need sophisticated control ... if you want to kill the driver, just disable the brakes and lock on the accelerator . Or if you want to ambush the driver, put on the fuel light to trick the driver into pulling in at a nearby petrol station.

    Not a hack unless one can connect wirelessly over the net.

    At that point we're screwed...

      I think they already did something like this once where they used a luxury car's wireless tyre pressure sensors to gain access... except the only thing they could do is falsely activate warnings on the dash, nothing more.

    Wireless OBD connectors have been available for a long time.
    Sure, you couldn't attack a random car, but you could mess with friends and family...

      Not sure about toyotas, but my hyundai has a second diagnostics port under the bonnet. If toyotas do too, its simply a case of going to the shopping center, choosing a car, popping its bonnet from the outside (not hard), and bam. Heck, if you're already thinking of taking over the car like this, why not just break the window, plug in the wireless dongle, and rustle in the center console to make it look like a simple breakin, i doubt theyd check the port when replacing a window

    So I can hook up my old NES controller and drive? Sweet, time to give back seat driving a new definition.

Join the discussion!