Not an Outlander issue (I think)

[ChrisMiller]

But the IT site The Register is reporting that the (similar to the PHEV) phone app for the Nissan Leaf has no security applied, so anyone can access your vehicle if they know the VIN (on all European cars this has to be publicly visible).

I've done a quick check and my phone reports "WPA2 PSK" for the WiFi connection (that's good, for those not in the technical know), so the Mitsi app looks secure (and pairing a device requires the key and is quite complicated, as several complaints on this forum testify). I may try to run a WiFi sniffer from my laptop and see what's happening, if I can summon the enthusiasm - has anyone tried this, I know there are some other IT security guys on here?

The linked article is a bit OTT, talking about 'draining the battery' (obviously much more of a problem on a pure EV, like the Leaf), I'm not sure how you could do that using the phone app, and I've posted a comment on The Register to that effect.

 

[Carnut]

Not being a computer geek, I would assume that unless you had the password supplied with the car nobody could get in.
Apart from altering your car's settings, I don't see what damage they could do if they did hack it.
Not something about which I shall lose any sleep.

 

[maby]

Not being a computer geek, I would assume that unless you had the password supplied with the car nobody could get in.
Apart from altering your car's settings, I don't see what damage they could do if they did hack it.
Not something about which I shall lose any sleep.

Cars are complex and highly integrated systems these days, so the damage that a hacker could do is difficult to predict. Security researchers have successfully demonstrated the ability to make at least one current production model do an emergency stop using a spoofed RDS radio signal over the FM radio, so it would be unwise to assume that successfully hacking the Outlander MMCS would not give the ability to do some very unpleasant things!

 

[raymie]

The linked article is a bit OTT, talking about 'draining the battery' (obviously much more of a problem on a pure EV, like the Leaf), I'm not sure how you could do that using the phone app, and I've posted a comment on The Register to that effect.

From the app you can turn on the heating and lights for a start, that would drain the battery to a significant degree (although I think the heating will not activate below a certain battery level).

 

[ChrisMiller]

I think that the app turns on the heating and lights only for a fixed period (selectable 10/20/30 minutes). If I'm wrong, or if the app could be 'hacked' in some way, I suppose on a cold night with heating set high you could cause significant depletion, but my (limited) experience is that pre-heating drops the battery only by one or two bars (and the LED lights presumably much less).

 

[maby]

It's not things like depleting the battery that we should be concerned about - it's things like unlocking the car, disabling the alarm and starting it ready to drive away. The remote app clearly has access to the CAN bus since it is doing things like reconfiguring a range of car settings and turning on systems like the heating and lights. I certainly would not bet large amounts of money that someone who has successfully hacked into the PHEV wifi could not then start and drive it away.

 

[ian4x4]

The areas of concern are in the methods used to update car software, the ability to introduce executable code into the system, and the security of the basic settings and permissions of the cars operating code.
Hopefully Mitsubishi have secured these from changes introduced via WiFi, but I am not sure that they (and other manufacturers) have secured their onboard engineering ports sufficiently. This may give trouble to future owners of cars which have been 'hacked' and have unofficial settings in the car's base operating systems.

 

[maby]

The areas of concern are in the methods used to update car software, the ability to introduce executable code into the system, and the security of the basic settings and permissions of the cars operating code.
Hopefully Mitsubishi have secured these from changes introduced via WiFi, but I am not sure that they (and other manufacturers) have secured their onboard engineering ports sufficiently. This may give trouble to future owners of cars which have been 'hacked' and have unofficial settings in the car's base operating systems.

It's true that the microcontrollers used in most cars are going to be Harvard Architecture which makes them a lot less vulnerable to the standard hacking techniques of code injection and buffer overflows, but they are also typically very small devices which limits the scope to implement sophisticated protection mechanisms against hacking. There's going to be little, if any, firewalling of the WiFi port...

Also, since they are single purpose systems, you can be reasonably sure that all PHEVs on the road will be running identical firmware. I could spend a week hacking my own PHEV sitting outside my house and then be pretty confident that any techniques I develop on it will work with most, if not all, PHEVs on the road. Unlike PCs, there's no concept of installing anti-virus software.

 

[ian4x4]

Is this what we should be worried about? How can a subsequent owner be sure that the car's programming is as the manufacturers intended.

http://www.myoutlanderphev.com/forum/viewtopic.php?f=10&t=2330

I believe that this will be a problem in all cars in the future. (plus, of course, the bodging of some non franchised maintenance)

 

[maby]

The more I think about it, the more I think this could be a problem for the PHEV. We know that the remote control app can get at the CAN bus and control many of the car's engineering systems. We also know that the remote control app can update the firmware within the car - an update last year added extra functionality in the form of a user selectable time-out for the pre-heating function. Officially, it does require some fiddling with the internal controls in the car to accept the firmware update, but we can't be sure that it is not possible to get round this. As I said before, the real danger with car systems is the standardisation of the firmware. It would not be hard for a hacker to gain unrestricted access to a PHEV which would allow them to analyse and probe the control systems. We already have a third-party chipping specialist mucking about with one here and the fact that he seems to have made significant progress in a short time leads me to believe that the microcontrollers are not locked down and can be dumped with standard programming tools. This would mean that the hacker will not have to rely on good guesses and luck - he can simply dump out and disassemble the code in the control systems which will give him a good head start in looking for vulnerabilities.

 

[anko]

We know that the remote control app can get at the CAN bus ....

I don't think this is true. The app has access to one specific ECU and that this ECU may have access to the CANBUS, but that is something different. The ECU will no let the app do anything it does not want it to do.

 

[maby]

We know that the remote control app can get at the CAN bus ....

I don't think this is true. The app has access to one specific ECU and that this ECU may have access to the CANBUS, but that is something different. The ECU will no let the app do anything it does not want it to do.

The app has access to a wide range of car systems - it can display the battery charge level, control the heating and aircon, display status including that of the door locks and the main power, control the lights, access the vehicle alarm and change a range of vehicle settings including the behaviour of the door locks. That is definitely indicative to me of access (possibly indirect) to the CANBUS. The issue then is how secure Mitsubishi have been able to make the gateway. Many major software developers have been caught out - I would not lay any very large bet on Mitsubishi having managed to block everything.

As I said above, the situation is further complicated by the fact that a hacker can gain direct access to a vehicle that is identical to yours or mine. The chipper who has been posting here on EV modifications seems to be able to dump and disassemble the code in the ECUs - so any hacker wanting to compromise the car can be sitting comfortably in his living room reading through the code, looking for weaknesses.

 

[ian4x4]

I was involved in the early days of software engineering, when patches to the operating systems and machine code were sent to site in a raw form.
It was then up to you to dump out the machines memory on to reams of paper, then identify the address the modified code (quite often a jump instruction) needed to go, and then identify the relevant patch area to put the new instructions.
This was then punched on to cards and fed into the mainframe. There more than one layer of code between you and the hardware, and more than likely there is more than one path through the hardware to allow testing.

I tell you this because any error can produce catastrophic results. These did not usually appear until some time later and were very, very, difficult to find.

Please be very careful introducing any unauthorised changes to your car's code, because even well meaning changes can have unexpected consequences.

Rigorous change control and testing could save your life. It is a 2 ton 110mph car, not a mobile phone. Some of the posts I read, not only on this PHEV forum, worry me.

Sorry to be a bore, but my later jobs were heavily into running very secure computer systems.

 

[greendwarf]

Presumably this thread should be re-titled "not a Gx3h" issue.