Car-hacking threats get Congressional scrutiny

475030820

Congress wants to know more about how federal regulators and major car manufacturers plan to protect drivers from automotive cyber attacks.

Lawmakers from the House Committee on Energy and Commerce wrote letters to 17 automakers and the National Highway Traffic Safety Administration on Thursday, asking each about their readiness to thwart car hackers.

“The explosion of new, connected devices and services is exacerbating existing cyber-security challenges and has introduced another potential consequence – the threat of physical harm,” the committee wrote.

After a slow start, auto industry executives have taken steps in recent years to secure vulnerable parts of their vehicles. But as the number of connected cars on the road mushrooms and development of vehicle-to-infrastructure communication progresses, threats are multiplying as quickly as automakers can address concerns.

Written questions from the subcommittee members hint at the scope of the challenge. Vulnerabilities exist in the smartphones drivers bring into cars, in third-party diagnostic devices plugged into OBD-II ports, in the automotive supply chain, in over-the-air software updates, and elsewhere. Lawmakers seems to acknowledge the enormity of the potential pitfalls, writing to NHTSA that, “threats and vulnerabilities in vehicle systems may be inevitable.” But the committee wants to know how industry leaders and regulators intend to keep pace with the concerns.

This isn’t the first Congressional foray into the automotive cyber-security realm. US Senator Ed Markey (D-Massachusetts) proposed legislation in February that would compel automakers to fix security holes and strengthen privacy protection for driving data.

In the House, cyber security and privacy concerns have piqued the interest of the Energy and Commerce subcommittee on Oversight and Investigations, which held a hearing on the impact of the Internet of Things on the health-care industry several weeks ago. With an influx of connected systems in vehicles making news and privacy concerns surfacing, leaders say there is bipartisan interest in automotive cyber security.

NHTSA established an office of about a dozen employees to handle cyber-security concerns about three years ago, and late last year, the agency compiled a 40-page report on best practices in the industry for dealing with cyber threats.

But some of the more interesting questions the House has for automakers aren’t as much about internal procedures as they are external relations.

One of the more interesting questions asked in the letters is how both NHTSA and major OEMs interact with third-party security researchers. This is a timely point, because industry leaders are currently seeking to block cyber researchers from accessing their vehicles by fighting a proposed exemption in copyright law that would ensure continued outside analysis.

Security experts told a US Copyright Office panel last week their research in this fledgling field has been hindered because they feared prosecution for possible violations of the Digital Millennium Copyright Act.

In today’s letter, Congressional leaders ask how NHTSA coordinates with the research community. If it’s not yet doing so, the letter asks NHTSA administrator Mark Rosekind to “please explain why not.”

Another area where the lawmakers have shown interest is in how car companies are using over-the-air updates to patch security flaws, and whether NHTSA has evaluated those efforts. Other than Tesla, many OEMs have been tight-lipped about their use of over-the-air updates to fix existing security concerns.

Wireless software updates hold great promise, in that cars could be updated with stronger security measures without mechanics needing physical access to provide the latest updates. BMW showcased this earlier this year, when it provided over-the-air security updates to 2.2 million cars that outside researchers had determined were vulnerable to remote hacks.

But these over-the-air updates also are potentially perilous – should a malicious attacker to infiltrate them, they potentially allow millions of cars to be exploited in a single instance.

The letters ask NHTSA and automakers to respond to those questions and others by June 11.

[Source: Autoblog]

Ford attends Facebook Hackathon to create The Social Car

We are a social bunch here at your Portland Ford dealer, Dick’s Mackenzie Ford in Hillsboro. We have a facebook page and keep up on all the social media trends. The good folks at Ford are also a social bunch!

The people at Ford have been facilitating social connections for more than a century. Just as Facebook wasn’t the first social network, Ford didn’t produce the first car. But, what Henry Ford and his team did was take a smarter approach by creating reliable and affordable transportation that put millions of people on the road around the world, thereby connecting more people with each other.

The mobility enabled by the car allowed people to get together with friends and family over greater distances and with more frequency than ever before, a trend that has continued to evolve for more than 100 years.

And now, Facebook is redefining what it means to socially connect by offering hundreds of millions of people the ability to connect with their friends, family and other interesting people, no matter where in the world they are.

In fact these online connections have become so pervasive that many young people are more interested in having a data-enabled smartphone than a driver’s license. Thilo Koslowski, lead automotive analyst for Gartner, recently told the New York Times, “Mobile devices, gadgets and the Internet are becoming must-have lifestyle products that convey status. In that sense these devices offer a degree of freedom and social reach that previously only the automobile offered.”

While not everyone is more interested in Facebook than driving just yet, the trend is clear that people are connecting and sharing online more than ever. Researchers and developers at Ford understand that customers are increasingly bringing that online social experience into their car via the smartphone.

In order to explore what these converging trends mean to the customer, Ford and Facebook engineers got together and held a 24-hour “Hackathon” at Facebook’s Palo Alto campus looking at ways to socialize the car. The teams of hackers worked through the night to prototype some ideas that were demonstrated to the entire group at the end of the event. The best of those ideas are now being further developed in Ford’s Dearborn labs.

Over the past five years, Ford has enhanced mobile connections with the award-winning SYNC® connectivity system that is now installed in more than 4 million vehicles. SYNC lets drivers listen to their favorite tunes, answer calls, get directions and more using simple voice commands while keeping their eyes on the road and hands on the steering wheel, providing a safer solution for the smartphone revolution that is now being brought into our cars.

Today, SYNC is great if you know what song you want to listen to or where you want to go. But what if you want to expand your audio, cultural or culinary horizons? While Facebook enables people to stay in touch with their friends, the social content generated by users actually makes it far more than just a simple communications tool.

Imagine if SYNC could leverage all of the information from you and your friends put on your Facebook timelines to make your drive more personalized? Instead of just asking for a nearby restaurant list from your navigation system, the restaurants presented could actually be ones that have been “liked” by your friends. Or you could ask if your friends are nearby and request navigation to their location. How about listening to the same stream of music that your friends are “DJ’ing” from the comfort of their own home?

And, why shouldn’t your car work for you to make your life more convenient? If you’re on your way to an appointment and running late, SYNC could automatically notify your friends with an estimated time of arrival. Then, upon arrival, SYNC would automatically “check-in” to your location.

When someone is behind the wheel, the first priority will always be to remain focused on driving and making it safely to your destination. But, at a time when consumers are starting to prioritize Internet access over access to a car, we need to explore what that means for car ownership. By safely blending Facebook connections with the power of SYNC, Ford could extend the social experience and use it to once again revolutionize your time behind the wheel.

You can find the full line of new Ford in Portland at Portland Ford dealer, Dick’s Mackenzie Ford in Hillsboro. We are part of Dick’s Auto Group.