Welcome to StemRules.com, your platform for STEM business, career, education news and information.
Look around and let us know what you think.We will be tweaking the site.
Latest News

Cars Are Even More Vulnerable to Hacks Than You Thought

9.2.HackedCars.hacker

Control of Brakes, Safety- Components Are at Risk

9.2.HackedCars.large

Hardware setup in which an Android phone is integrated with the head unit of a 2015 model vehicle (upper left). MirrorLink is the connection protocol and allows the driver or passenger to control phone apps via the car’s dash and steering wheel controls.

Researchers from two universities have published a paper, A Security Analysis of an In-Vehicle Infotainment and App Platform, showing another way that smart cars may be hacked.

Damon McCoy, a New York University assistant professor of engineering, and students at George Mason University (GMU) spotlighted vulnerabilities in MirrorLink: the protocol connecting smartphones to auto infotainment systems.

[Check out other STEMRules pieces featuring cyber security.]

MirrorLink was created by the Connected Car Consortium (CCC). It  represents auto and smartphone makers, and aftermarket consumer electronics sellers. The CCC never released a security patch for MirrorLink, as carmakers use different smartphone-to-IVI standards.

The researchers used online hacks to show how easily MirrorLink is unlocked, and controlled a 2015 vehicle purchased from eBay . Once open a linked phone can control many car systems. MirrorLink is also vulnerable, if not be relocked after a car is customized.

9.2.HackedCars.Mazloom

Sahar Mazloom is a co-author of the car security study. She is a PhD student, working in the Security Lab, in the GMU Department of Computer Science. Mazloom received both her MS (Honors) in Artificial Intelligence and her BS (Honors) in Computer Engineering from Azad University, Qazvin, Iran.

Her current research is on Secure Computation, Differential Privacy, Applied Cryptography, Application/Protocol Security Analysis, Reverse Engineering and Penetration Testing (Software & Hardware).

The NYU/GMU team’s research was funded by General Motors, the National Science Foundation, and the US Department of Homeland Security. The paper was presented, in August, at the 10th USENIX Workshop on Offensive Technologies (WOOT ’16) in Austin, Texas.

Citation:

NYU Tandon School of Engineering. “Vulnerabilities found in cars connected to smartphones.” ScienceDaily. ScienceDaily, 1 September 2016. <www.sciencedaily.com/releases/2016/09/160901125240.htm>.

Tags: cyber security, cybersecurity

Leave a Comment