Stuxnet - The Virus - GM Forum - Buick, Cadillac, Chev, Olds, GMC & Pontiac chat


Lounge For casual talk about things unrelated to General Motors. In other words, off-topic stuff. And anything else that does not fit Section Description.

Reply
 
 
 
Thread Tools Search this Thread
Old 06-09-2011, 11:41 AM   #1
Rick
Posts like a Camaro
Thread Starter
 
niceguy's Avatar
 
Join Date: Jun 2008
Location: Toronto, Ontario, Canada
Posts: 1,105
Thanks: 0
Thanked 0 Times in 0 Posts
niceguy is on a distinguished road
Default Stuxnet - The Virus

[YT]http://www.youtube.com/watch?v=7g0pi4J8auQ[/YT]
niceguy is offline   Reply With Quote
Old 06-09-2011, 08:07 PM   #2
-- SITE DONATOR --
True Car Nut
 
ymmot04's Avatar
 
Join Date: May 2009
Posts: 4,638
Thanked 5 Times in 4 Posts
ymmot04 is a glorious beacon of lightymmot04 is a glorious beacon of lightymmot04 is a glorious beacon of lightymmot04 is a glorious beacon of lightymmot04 is a glorious beacon of lightymmot04 is a glorious beacon of light
Default

I'll be the first to admit I love technology, but I'm also the first to rip out every type of data connection that has any contact with the motor functions of my vehicle, and the one who hides behind numerous firewalls and layers of encryption. If there is an entrance, someone will find a way to open it and get in. If there is not an entrance, someone will MAKE one.

The video didn't mention that from inside the plants there is NO access to the internet. They thought that protected them from this type of event, but anything that passes data to the computer is a "door". Flash drives for example.
ymmot04 is offline   Reply With Quote
Old 06-09-2011, 09:50 PM   #3
Retired Senior Admin

Expert Gearhead
 
Danthurs's Avatar
 
Join Date: May 2006
Location: Sheboygan Wisconsin
Posts: 29,661
Thanks: 0
Thanked 16 Times in 13 Posts
Danthurs is a name known to allDanthurs is a name known to allDanthurs is a name known to allDanthurs is a name known to allDanthurs is a name known to allDanthurs is a name known to all
Default

That'* scary stuff. And it'* only beginning, makes you wonder what will happen in the near future. Skynet comes to mind.
Danthurs is offline   Reply With Quote
Old 06-09-2011, 11:48 PM   #4
Senior Member
Certified GM nut
 
SignOfZeta's Avatar
 
Join Date: Mar 2005
Location: New Milford, CT
Posts: 2,284
Thanked 16 Times in 13 Posts
SignOfZeta has a spectacular aura aboutSignOfZeta has a spectacular aura about
Default

There have been a few people who have claimed to have plugged into the OBD-II port of CAN-based vehicles and been able to change radio stations, engage the brakes, and other nasty stuff.

Assuming it'* all true, it implies CAN bus access, which means that an adversary: (a) has OBD-II cable connected to your car and his computer, or (b) has studied GMLAN protocol documentation and developed a remote control device that has been soldered onto your car somewhere.

Just because a network is isolated doesn't mean that security is an afterthought. Not having a CAN- or GMLAN-enabled vehicle, I haven't paid much attention to the matter.
SignOfZeta is offline   Reply With Quote
Old 06-10-2011, 09:19 AM   #5
Administratus Emeritus
Certified Car Nut
 
GXP Venom's Avatar
 
Join Date: Jan 2006
Location: Purgatory, Pennsylvania
Posts: 16,538
Thanked 7 Times in 4 Posts
GXP Venom is on a distinguished road
Default

Makes me wonder what can be manipulated by a saavy Tech who can hack into OnStar Colin. Just how far can one command funtions through that network. I know they can track the car, lock the windows, shut off the engine. Is it possible complete PCM control can be had through OnStar and someone who has breached GM'* OnStar satellite system???
GXP Venom is offline   Reply With Quote
Old 06-10-2011, 10:53 AM   #6
Senior Member
Certified GM nut
 
SignOfZeta's Avatar
 
Join Date: Mar 2005
Location: New Milford, CT
Posts: 2,284
Thanked 16 Times in 13 Posts
SignOfZeta has a spectacular aura aboutSignOfZeta has a spectacular aura about
Default

Quote:
Originally Posted by GXP Venom View Post
Makes me wonder what can be manipulated by a saavy Tech who can hack into OnStar Colin. Just how far can one command funtions through that network. I know they can track the car, lock the windows, shut off the engine. Is it possible complete PCM control can be had through OnStar and someone who has breached GM'* OnStar satellite system???
Knowing business software, I'm sure the developers abstracted and simplified things. As far as remote control, the call center reps likely only have the Track Vehicle, Lock/Unlock Doors, and Kill Fuel buttons on their screen.

But is that all OnStar is capable of, or can some disgruntled engineer write his own command sender and do things that the original designers never intended?

If GM has ever rolled out updates to OnStar that retroactively apply to older cars (e.g., "OnStar can now do X and Y, even on older cars, no new hardware needed!"), then chances are the answer is yes.

OnStar is a closed protocol, as are the doors of GM'* server room. We won't ever know much about how secure it is until the first hack takes place and the media jumps down their throat.

No one ever thought to secure HTTP, IP, DNS, SNMP, or SMTP; only later did they realize that they should bolt on some protection (HTTPS, IPsec, SNMPv3, SMTP-AUTH).
SignOfZeta is offline   Reply With Quote
Old 06-10-2011, 11:13 AM   #7
Administratus Emeritus
Certified Car Nut
 
GXP Venom's Avatar
 
Join Date: Jan 2006
Location: Purgatory, Pennsylvania
Posts: 16,538
Thanked 7 Times in 4 Posts
GXP Venom is on a distinguished road
Default

Seeing Playstation and several immense bank and credit entities take huge hits,.... protocol can't be developed "bulletproof". It has come to the point I am seriously thinking of having all my credit/debit account numbers changed and reverting to buying only in the real world and paying monthly bills by check and snail mail. It'* a sad inconvenience but recent events show us nothing is safe, and this hacking is only going to accelerate and eventually become severely malicious like no one could imagine.
GXP Venom is offline   Reply With Quote
Old 06-10-2011, 08:12 PM   #8
Senior Member
Posts like a Northstar
 
RobertISaar's Avatar
 
Join Date: Jul 2010
Location: Camden, MI
Posts: 615
Thanks: 0
Thanked 0 Times in 0 Posts
RobertISaar is on a distinguished road
Default

speaking as someone who both reverse engineers and writes PCM code, it'* entirely possible that Onstar can do everything a Tech2 can do to a local vehicle(engage/disenage/modify pretty much anything PCM controlled, not to mention the various other modules in car).

it'* actually not even difficult assuming GM allows for ANY kind of software updating to the onstar stuff. just modify the program to allow for "fun, new capabilities", flash it to the module'* PROM and boom, you now have the potential to screw with whatever you want wirelessly on the vehicle you've been dealing with.

the only real trick to all of this is breaking whatever encryption GM uses for communicating between the vehicle and onstar itself, then you could potentially cause all of this on any onstar equipped vehicle....
RobertISaar is offline   Reply With Quote
Old 06-10-2011, 11:52 PM   #9
Senior Member

True Car Nut
 
sseidriver97's Avatar
 
Join Date: Mar 2010
Location: Portage mi
Posts: 7,124
Thanked 3 Times in 3 Posts
sseidriver97 is on a distinguished road
Default

this is why i do not have a bank account but a firproof safe with 1/4 inch steel welded around it and sunk into the floor..i KNOW my money is safe.Sue i have to give someone cash to use their credit card to buy stuff online but i know where my money is going and that only I can control it
sseidriver97 is offline   Reply With Quote
 
 
Reply

Related Topics
Thread Thread Starter Forum Replies Last Post
Stuxnet Virus Jonpro03 Lounge 17 12-08-2010 02:07 AM
VIRUS?? GAMEOVER Lounge 5 04-05-2004 12:30 AM
NEW VIRUS... SSE14U24ME Lounge 7 03-25-2004 02:20 AM
Please help with virus!!!! 94Regal Lounge 4 03-17-2004 12:30 PM
WORM VIRUS ALERT! BonnieBrougham Lounge 1 01-08-2004 02:19 AM


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -4. The time now is 07:36 AM.


We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.