In-car WiFi security dangers
p2pnet view Security | WiFi:- Wireless networks are part of a growing number of cars with Tire Pressure Monitoring Systems (TPMS) the first in-car WiFi units to be integrated into all new vehicles in the US.
And they’ll soon be deployed in the EU.
But researchers at the University of Southern California and at Rutgers University say the WiFi systems present serious security and privacy problems.
The team studied Tire Pressure Monitoring Systems using both laboratory experiments with isolated tire pressure sensor modules and experiments with a complete vehicle system aind in their abstract to Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study, they say “eavesdropping is easily possible at a distance of roughly 40m from a passing vehicle”.
Not only that, but, “reverse-engineering of the underlying protocols revealed static 32 bit identifiers and that messages can be easily triggered remotely, which raises privacy concerns as vehicles can be tracked through these identifiers, they say, going on >>>
Further, current protocols do not employ authentication and vehicle implementations do not perform basic input validation, thereby allowing for remote spoofing of sensor messages.
We validated this experimentally by triggering tire pressure warning messages in a moving vehicle from a customized software radio attack platform located in a nearby vehicle.
The paper includes recommendations for improving the privacy and security of tire pressure monitoring systems and other coming in-car WiFi sensor networks.
(Cheers, Ivan)
… and identi.ca
August, 2010
Use free p2pnet newsfeeds for your site. It`s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
