Re: car hacker's lists?
At 06:02 PM 4/22/00 -0400, Dave Emery wrote: ... > What this means, of course, is that access to the exact location >of an Onstar equipped vehicle is probably entirely determined by the >policies and integrity of the Onstar control centers and software - if >they decide to let a nosey cop locate your car without telling you or >having any kind of warrent or other lawful authorization they can and >you will never know it happened. And more significant, of course, if >there is a security problem or integrity problem with their operations >many other individuals or groups such as private investigators working >for divorce lawyers and the like may be able to get this information via >the usual dishonest and bribable employees (where PI's get much of their >info such as bank and toll records). ... Another good reason to make sure the BatCave is sufficiently shielded. Good luck, Sean
Re: Re: car hacker's lists?
At 10:24 PM 4/21/00 -0500, Jim Choate wrote: > >On Fri, 21 Apr 2000, I wrote: > ... >> For the latter problem, using signals as close to the actual police bands >> as possible, you could "calibrate" the system. This would be easiest with >> fixed placement receivers, but not impossible with mobile units. > >Don't have a clue what you're talking about here. Care to clarify? Unimportant, with what you said about propagation of echos, but. Basically, going around with radios, saying "I'm at 4th and Main, now I'm at 5th and Main...", until you have mapped out how things echo. Like I said, irrelevant in light of what you said about echos not being a problem. Good luck, Sean
Re: car hacker's lists?
While I don't know of any lists, the first thing I'd do is go figger out who the programmers are at "tuner" shops like Dinan's (in MtnView), and then go ask them. They concentrate on engine management systems AFAIK, but I'd bet at least some of 'em are clued into what all in general is happening with computer & comm gear installed in production autos. JeffH
Re: car hacker's lists?
I haven't been following the list for a while, so if this cuts into an older arguement. I apologize. At 04:45 PM 4/21/00 -0700, Eric Murray wrote: >On Fri, Apr 21, 2000 at 04:25:45PM -0600, Pope Golgotha Pierced the Zeroth wrote: >> On Fri, 21 Apr 2000, Jim Choate wrote: >> ... >You could do that now, on current cop radio setups. > >You just need a network of cypherpunks with radio scanners, direction >finders and GPSs, a way to recognize different cops by their radio >transmissions, and a way to communicate the cop location vector data >amongst the cypherpunk participants. Recipients need only do the >triangulation using the vectors to locate the cops. > ... You wouldn't even need more than one person. One radio, properly built using two receivers and some timing circuitry, could locate a transmitter in much the same way as you can tell where someone is from his voice. If the signal comes in a little early on the left, but not early enough for it to be in a direct line with the two antennas, then you have two possible locations. One forward, one rear. Add a third antenna and you should be able to get a 2D location down near perfectly. Problems with this system, and the one you and someone else mentioned. Radio silence leaves you blind. If the cops wized up to it, they would begin relying on personal communications, and general public systems, like CB's and cellular, (please excuse the spelling), phones. On anything but an idealized plain, obstructions would reflect and absorb signals, making accurate mapping near impossible until you developed, probably from experience, a map of the absorbative/reflective effects of the landscape. Passive echolocation would be bad enough in a forest, try using it in a cave or other high echo environment. For the latter problem, using signals as close to the actual police bands as possible, you could "calibrate" the system. This would be easiest with fixed placement receivers, but not impossible with mobile units. Interestingly enough, bearcat, if I recall correctly, made a little police band scanner designed specifically to alert you when there was activity in your area. It was (is?) marketed to people who lived in states that had outlawed radar detectors. Good luck, Sean
Re: car hacker's lists?
On Fri, 21 Apr 2000, Steve Schear wrote: > Sounds like a market opportunity to manufacture very low power jammers > which operate on the GPS frequency(s) Which were just announced about three days ago. The future is downloading. Can you hear the impact? O[rphan] D[rift>] Cyber Positive The Armadillo Group ,::;::-. James Choate Austin, Tx /:'/ ``::>/|/ [EMAIL PROTECTED] www.ssz.com.', `/( e\ 512-451-7087 -~~mm-'`-```-mm --'-
Re: car hacker's lists?
On Fri, Apr 21, 2000 at 04:25:45PM -0600, Pope Golgotha Pierced the Zeroth wrote: > On Fri, 21 Apr 2000, Jim Choate wrote: > > > There is a new system planned to go into the police cars that includes a > > wireless datanetwork coupled with GPS and general car control (e.g. > > turning on sirens) via a touch screen. They just finished a test run and > > are expecting to go live in the next couple of years. > > Now there's a daydream come true, perfect GPS'd Cop-Radar. Just > drop an LCD screen in your car, and speed all you want in perfect security! You could do that now, on current cop radio setups. You just need a network of cypherpunks with radio scanners, direction finders and GPSs, a way to recognize different cops by their radio transmissions, and a way to communicate the cop location vector data amongst the cypherpunk participants. Recipients need only do the triangulation using the vectors to locate the cops. You wouldn't need to be able to decrypt the cops communications as long as you could distinguish the individual cop transmitters. You'd probably want to have an encrypted authenticated channel for exchanging location vectors. Although some way of anonymously contributing vectors to the system would be interesting- of course you wouldn't want the cops in on the system, or they could send incorrect readings. You'd need to have a way of authenticating that a data transmiter was an authentic cypherpunk without giving out real meatspace identification info. There's a lot of ways to do that though. Another problem is how to avoid giving away location data for the cypherpunks participating in the scheme. The data, if it's accurate, would be salable- long-distance truckers, who are already pretty wired, would love to have it (the ones that are independents that is; many big trucking firms have data recorders on their trucks to record when a driver's been speeding or driving more than the government-mandated number of hours). I'm sure lots of other people who would rather avoid police for one reason or another would be interested. If it worked and became widespread, it would of course be made illegal. I don't know the exact laws about the legality of doing direction-finding on radio sources, but in a sense it's just a high-tech version of the trucker's CB radio "smokey reports" or whatever they're called. If it wasn't banned and became widespread, then highway policing would have to change no more stealth runs up to a pack of cars (safely) speeding down the highway at 10 over and picking out the weakest from the herd for a ticket. OTOH, sometimes cops cruise highways wanting to be visible (slows traffic and makes people behave) and if everyone knows where they are, the effect would be greater than having to depend on seeing the cop car. -- Eric Murray www.lne.com/~ericm ericm at the site lne.com PGP keyid:E03F65E5
Re: car hacker's lists?
At 05:00 PM 4/21/00 -0500, you wrote: >On Fri, 21 Apr 2000, Eric Murray wrote: > > > Anyone know of mailing lists devoted to hacking/understanding the > > electrical systems of cars? I know there used to be a list run by > > John DeArmond which dealt with do-it yourself fuel injection and similar > > issues, but he dropped off the net five or six years ago and closed the > list. > >You should contact whatever organization oversees auto insurance in Texas. >Recently some of them have been putting GPS recorders with transceivers in >cars to pro-rate the insurance based on actual individual driving habits. >This has lots of opportunity for abuse. Sounds like a market opportunity to manufacture very low power jammers which operate on the GPS frequency(s) --Steve
Re: car hacker's lists?
At 08:47 AM 4/21/00 -0700, Eric Murray wrote: > > >Anyone know of mailing lists devoted to hacking/understanding the >electrical systems of cars? I know there used to be a list run by >John DeArmond which dealt with do-it yourself fuel injection and similar >issues, but he dropped off the net five or six years ago and closed the list. > >Modern cars have computers (and networks!) which are getting pretty >powerful. Some GM vehicles have mini-"black box" data recorders which >record the last N seconds before a crash. This info is then given to >the insurance companies "in aggregate only". > >More and more cars are coming with systems such as OnStar, which >combines a cell phone and GPS and ties into the car sensors, so that >for instance their service center operators can call your car if it's >in an accident... I'm interested in finding out what else they track. As am I. According to the owners manual, it can also be used to unlock your car if you lose your keys, and can be used to locate your car if it is stolen. So there are full remote query capabilities integrated into the system, no mention of security systems. The owners manual (GM part #12450652 Feb 2000) states: "The OnStar Advisor will then initiate tracking in order to locate and track the vehicle and provide this information to the appropriate police authorities. Note: To protect subscriber privacy, OnStar will not provide the location of a vehicle to anyone other than a law enforcement authority." Notice that this is not qualified in any way. A LEO flashing a badge and asking for the location is allowed access to the information, according to this statement. Nothing about warrants, not even a statement like "authorized law enforcement", just "law enforcement authority". No Constitution required... I plan on removing and reverse engineering mine in the near future, would like to know what others have done as well before I start. Kerry L. Bonin (speaking for self, insert lawyer joke here...) Sr. Engineer, Security/Cryptography & Advanced Visualization, Cisco Systems. VScape lead architect - Adaptive secure clustering for multiuser VR.