Home » blogs » dsiegel's blog

i hax0red your b33mer... i haz ur cookie k thx bye

dsiegel's picture

Imagine starting your car and seeing that message on your dash.

If this happens, it's not outside of the realm of possibility.  BMW labs is experimenting with the use of IP sub-systems for internal communications, which is a pretty interesting idea!  One of the draw backs of using standard protocols and components is the availability of knowledge around said commonly available technology, but IP can be secured pretty well, so if it's done properly hacking shouldn't be a big concern. 

The author didn't mention the possibility for 3rd party after market add-ons, but one would think they'd be possible if the car has IP packets flowing through it's veins, but then that would reopen the possibility of security threats too, so it might be in BMW's best interest to try and prevent any sort of external tampering with the system.

I think the author of the article is a little confused about IPv6, though.  He says:

Costs drop because fewer specialized components are needed, and the new
version of IPv6 is even better than the more than fine performance from
IPv4.
I would love to know how the new version of IP is even better than the performance of IPv4, especially given that it doesn't perform as well as IPv4, which I noted in a previous post.  In some discussions with members of the IT community from various government agencies, they are leery of deploying IPv6 for security reasons (not because of known issues but more because of the unknown issues that have yet to be discovered because IPv6 is not widely adopted yet).  As a result of these factors as well as overall adoption rate, IPv6 support might actually cost a bit more than IPv4 for several more years.

Despite the erroneous implication of improved performance, if this just a proof of concept and 3rd party after-market add-ons are not a priority, why not design it around IPv6?  IPv6 might even help insure that the system stays a somewhat closed
one...or it might be the killer app that drives further development and
investment in IPv6.  Furthermore, you could do crazy stuff like putting an RFID tag on every nut and bolt in the car, build an RFID-to-IPv6 proxy server, ping every last component on the car, and triangulate their position to make sure they're all where they are supposed to be.  Then when your mechanic ends up with those extra parts and throws them to the side like he did before, you can run the diagnostic before leaving the shop and call him on it.

Better make sure there's an on-board DNS system too, just so we don't have to see the following error message 'Communication Failed with device 2001:450:1999:900:0:670:1708:1920'.  :-)

posted by Dave Siegel


Trackback URL for this post:

http://blogs.globalcrossing.com/trackback/383
dsiegel – Tue, 2007 – 12 – 04 14:02
IP ConvergenceIPV6
dsiegel's blog

don't contrive to maintain the status quo

we are doomed if we continue to ignore progress, we have all done RFC 1925, as amusing as it is, we have to realise that the community cannot keep this contained, just because we now ask that the plebicicite can work out how to use their computer to translate from dotted decimal to hexidecimal is naieve (aren't we the smart ones) in the full especialy given the fact that you guys are using ISIS as your IGP and in effect already using a derivative if Radia's finest work the next generation defacto, in spite of you using a hacked up trafic engineered solution. to come out with such nonsense makes me chuckle.
Well I digress that the biggest worry is that with the debt that your company is carryingand that you as a very good technology driver are being constrined by the lack of investment to take the next step as so many of your counter parts.
I consider that unless we move to IPng we will continue to stress-out the edge whilst preserving the core, IPng has far too many advantages for an impoverished Tier 1 like yourseles to restrain. IMHO this issue was solved with MPLS anyhow, but then reusable RF1918 addresses suits the inferior service you service providers give anyhow. truth bein that IPng gives an opportunity for me to ask how many beers I have left in the fridge, whether I my sausages are out of dateamd know if they are my sausages, but I wonder if you take a drop.
the only people who fear RFID are those with something to hide

evangellick (not verified) – Wed, 2007 – 12 – 19 22:26
reply

I can't wait for the day

I can't wait for the day I have to call up my mechanic because my ABS system is getting packet loss

FWD (not verified) – Thu, 2007 – 12 – 13 17:35
reply

Post new comment

*
*


*

  • Easily link to terms in various wikis or other websites by typing [[prefix:term]]. Use the "|" character to create a "piped link," e.g., "[[w:public transport|public transportation]]" displays as "public transportation." For a full list of available prefixes and the websites to which they point, see interwiki.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <pre> <br> <p> <em> <img> <blockquote> <table> <tr> <td>
  • Lines and paragraphs break automatically.
More information about formatting options
Verify comment authorship
Captcha Image: you will need to recognize the text in it.
*
Please type in the letters/numbers that are shown in the image above.