科学美国人60秒 SSS Remote Door Controls Are Car Security Flaw
时间:2018-12-24 作者:英语课 分类:2016年Scientific American(八)月
Today's cars have loads of computer smarts built in. Like the chips that allow you, with the push of a button to unlock your car. And as new cars move down the assembly line, automakers program those functions into the car.
"They produce one car and they program a cryptographic secret in it, in order to secure it against thieves." Timo Kasper, a cryptographer and engineer at the security and IT consulting company Kasper & Oswald. "Then comes the next car on the production line and they put the same secrets into the second car. And then comes the third car on the production line and they again put the same secrets into this car. And they repeat this process for millions of cars in the world. And now millions of cars in the world share the same cryptographic secret. Of course, this secret is not so well protected anymore, because it's in every of these million cars, and in every remote control. And this is of course a typical example of how to not do it."
And yet, he says that's exactly how the Volkswagen Group did do it, for many cars manufactured in the last 20 years. Kasper and his colleagues decoded 1 that shared cryptographic secret by studying the design and operation of chips from VW Group cars and remotes. After hacking 3 the hardware, they were easily able to eavesdrop 4 on and decrypt unlocking signals, clone the remote control and unlock cars. They presented the details August 12th at the USENIX Security Symposium 5, in Austin, Texas. [Flavio D. Garcia et al., Lock It and Still Lose It—on the (In)Security of Automotive Remote Keyless Entry Systems]
Kasper says VW is aware of the problem—and they're not alone. "This is not a VW bug 6 but this is a red line, as we Germans say, through all the automotive industry." In fact, in the same study, they showed that another encryption system used by many other brands, including Ford 7, Chevy, Nissan and Mitsubishi, has a weak cryptographic algorithm—which, again, allowed the team to break into more than a dozen cars.
Bottom line? It's easier to hack 2 into cars than many drivers might have imagined. So if you want to avoid eavesdropping 8, the researchers recommend simply ditching remote controls and cryptography, and just go back to the good old metal key.
—Christopher Intagliata
- The control unit decoded the 18 bits. 控制器对这18位字进行了译码。 来自《简明英汉词典》
- Scientists have decoded the dog genome. 科学家已经译解了狗的基因组。 来自辞典例句
- He made a hack at the log.他朝圆木上砍了一下。
- Early settlers had to hack out a clearing in the forest where they could grow crops.早期移民不得不在森林里劈出空地种庄稼。
- The patient with emphysema is hacking all day. 这个肺气肿病人整天不断地干咳。
- We undertook the task of hacking our way through the jungle. 我们负责在丛林中开路。
- He ensconced himself in the closet in order to eavesdrop.他藏在壁橱里,以便偷听。
- It is not polite to eavesdrop on the conversation of other people.偷听他人说话是很不礼貌的。
- What have you learned from the symposium?你参加了这次科学讨论会有什么体会?
- The specialists and scholars present at the symposium come from all corners of the country.出席研讨会的专家学者们来自全国各地。
- There is a bug in the system.系统出了故障。
- The bird caught a bug on the fly.那鸟在飞行中捉住了一只昆虫。
- They were guarding the bridge,so we forded the river.他们驻守在那座桥上,所以我们只能涉水过河。
- If you decide to ford a stream,be extremely careful.如果已决定要涉过小溪,必须极度小心。
- We caught him eavesdropping outside the window. 我们撞见他正在窗外偷听。
- Suddenly the kids,who had been eavesdropping,flew into the room. 突然间,一直在偷听的孩子们飞进屋来。