FBI issues safety warning to auto makers on vehicle software security
The FBI this week sent out a warning to car makers and owners, alerting them to potential security holes in automotive software, all while still pushing Apple to create a method to break into securely encrypted iPhones.
In a public service announcement published this week, the FBI and national Highway Traffic Safety Administration alerted both car manufacturers and the general public that they should be aware of cyber security threats to vehicle software.
The warning is largely in response to exploits publicized by Charlie Miller and Chris Valasek, who last year successfully hacked into a Jeep Cherokee from more than 10 miles away. Miller and Valasek were able to remotely disable the Jeep's accelerator while adjusting the air conditioning, radio and windshield wipers.
The whitepaper produced by Miller and Valasek was cited by the FBI in this week's warning, noting that almost 1.5 million vehicles were recalled as a result of the findings. As a result, the bureau has asked manufacturers of vehicles, components and aftermarket devices "to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles."
While the FBI pushes the auto industry to improve the security of its software, Apple has accused the law enforcement agency of attempting to forcefully weaken its own iOS platform for iPhone. In Apple's view, the U.S. government is attempting to force the company to create a new operating system, which it has dubbed "GovtOS," that would allow officials to crack into any securely locked iPhone.
Apple's concern is that the creation of a "GovtOS" would lead to dangerous security flaws on mobile devices, which could allow hackers to remotely control or extract information from a device. Of course, that's exactly the kind of exploits the FBI is also looking to stop with its warning to automakers this week.
Last month, a U.S. magistrate judge ordered Apple to comply with an FBI request to assist investigators in unlocking an iPhone 5c linked to last year's San Bernardino terrorist shooting. The government needs Apple engineers to create and sign a flawed operating system that would suppress the iPhone's passcode counter and passcode entry limited, allowing a brute-force attack to unlock the device.
Apple is resisting the court order, and will face off in court with the Department of Justice next Tuesday, one day after the company will hold a media presentation to announce a new 4-inch iPhone and 9.7-inch iPad.
Auto security is also of interest to Apple, as the company builds the CarPlay infotainment system utilized by automakers and aftermarket head unit manufacturers. The company is also believed to be working on its own top-secret auto initiative dubbed "Project Titan."
In a public service announcement published this week, the FBI and national Highway Traffic Safety Administration alerted both car manufacturers and the general public that they should be aware of cyber security threats to vehicle software.
The warning is largely in response to exploits publicized by Charlie Miller and Chris Valasek, who last year successfully hacked into a Jeep Cherokee from more than 10 miles away. Miller and Valasek were able to remotely disable the Jeep's accelerator while adjusting the air conditioning, radio and windshield wipers.
The whitepaper produced by Miller and Valasek was cited by the FBI in this week's warning, noting that almost 1.5 million vehicles were recalled as a result of the findings. As a result, the bureau has asked manufacturers of vehicles, components and aftermarket devices "to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles."
While the FBI pushes the auto industry to improve the security of its software, Apple has accused the law enforcement agency of attempting to forcefully weaken its own iOS platform for iPhone. In Apple's view, the U.S. government is attempting to force the company to create a new operating system, which it has dubbed "GovtOS," that would allow officials to crack into any securely locked iPhone.
Apple's concern is that the creation of a "GovtOS" would lead to dangerous security flaws on mobile devices, which could allow hackers to remotely control or extract information from a device. Of course, that's exactly the kind of exploits the FBI is also looking to stop with its warning to automakers this week.
Last month, a U.S. magistrate judge ordered Apple to comply with an FBI request to assist investigators in unlocking an iPhone 5c linked to last year's San Bernardino terrorist shooting. The government needs Apple engineers to create and sign a flawed operating system that would suppress the iPhone's passcode counter and passcode entry limited, allowing a brute-force attack to unlock the device.
Apple is resisting the court order, and will face off in court with the Department of Justice next Tuesday, one day after the company will hold a media presentation to announce a new 4-inch iPhone and 9.7-inch iPad.
Auto security is also of interest to Apple, as the company builds the CarPlay infotainment system utilized by automakers and aftermarket head unit manufacturers. The company is also believed to be working on its own top-secret auto initiative dubbed "Project Titan."
Comments
Still I think this flaw is useful for the FBI in case a criminal was driving one of these cars.
I really hope Apple will be able to throw this tone-deaf move back at the government.
"Write a 1-time GovCarPlay that lets us control the steering wheel of a terrorist's car and drive it off a cliff."
I knew things were on a slippery slope when my partner's Focus had put itself into "slow" mode and the repair guy arrived, plugged in his diagnostic equipment and said he could do anything because we had the old version of the software! Too old to get an update to the latest ...
The FBI has a terrible history, and their public reputation was crafted thru Hollywood productions (of which they've helped encourage or sponsor). They suck at investigation, abysmal on active crime scenes, and almost completely redundant. People complain about military spending, but we already enough layers of domestic law enforcement, let's save everyone a couple nickels and a lot hassle for these federal cops without a purpose.