Emerging risks: Car hacking


illustration of vehicle cybersecurity

As our cars and trucks become more computerized, the potential risk of a cyber attack increases. We have an increasing array of technologies in our vehicles designed to improve our safety, our convenience and our comfort – from electronics, sensors and wireless connectivity to assistive technologies for crash prevention and parking assist. Technologists say that the modern car has at least 100 million lines of code in various computer systems. That increases our potential risks for bad actors to hack our cars.

Innovation & Tech Today discusses these vehicle cybersecurity risks and gives examples of our increasing exposure:

  • Mobile apps used to control car features (like remote start) are proliferating and can expose data and vehicle functions if they’re not properly secured.

  • Apps can now be downloaded to your car’s infotainment system, potentially including embedded malware.

  • On-Board Diagnostic (OBD) dongles are harder to get to (typically, you have to be in the car), but they provide access to the critical CAN bus that controls the car’s operating functions.

  • Key fobs that use a signal to open car doors are vulnerable to hacking, giving access to the vehicle.

To see some of these risks in action, check out this video where Consumer Reports and the National Highway Traffic & Safety Administration (NHTSA) team up in the test field.

There was also a famous example of jeep that was attacked by a hack that brought it to a standstill on the highway. This was a controlled experiment but it is pretty dramatic. The experiment had wide attention and led to a recall of 1/4 million vehicles.

So what can you do to prevent your car from being hacked?

If you drive an old beater with minimal technology, your risks are on the low side, but if you are an early adapter of new technologies and conveniences, you need to be alert and informed about the potential – that’s step one. Keyless car systems, for example, up the risk ante so be an informed consumer. Security firm AVG offers the following 6 steps to protect your car from hacks.

  • Keep in touch with your car’s manufacturer

  • Update your car’s software

  • Store your keyless remote in the fridge (or faraday bag)

  • Turn off your car’s Bluetooth and Wi-Fi when not in use

  • Hide your car’s Wi-Fi password

  • Scan USB drives before plugging them into your car

If storing your keyless remote in the fridge sounds wacky, check their tips in the linked article to learn more about each recommendation. They also offer steps you should take if you think your car has been hacked.

In addition to taking your own steps to increase security, the industry and security watchdogs are monitoring this issue and taking regulatory steps. Follow NHTSA – vehicle cybersecurity for ongoing reports and updates.

Keyless car owner alert: Carbon monoxide poisonings


keyless ignition photo

If you have a keyless car system, you may be at heightened risk of a potentially deadly problem: More than two dozen people have died and another several dozen others have debilitating illnesses such as brain injuries related to carbon monoxide poisoning, according to a new York Times report: Deadly Convenience: Keyless Cars and Their Carbon Monoxide Toll.

Keyless ignitions are very popular. Citing the auto information website Edmunds, the NYT says keyless systems are now standard in over half of the 17 million new vehicles sold annually in the United States. But because the cars are so easy to turn on and off with the flick of a button, it can be all too easy to become distracted and not turn the car off – or to think it has been turned off when it hasn’t. Consumer Reports describes the problem : “If the car is parked in a closed garage attached to a house, especially a basement-level garage, carbon monoxide fumes from the idling engine may seep into the living area, possibly harming anyone in the house.”

The problem can be even worse with silent hybrids:

“A subset of keyless-ignition cars, hybrids and plug-in hybrids, pose an even stealthier problem, because they are virtually silent when in electric mode, which they may well be when sitting still after parking. A driver doesn’t have to be absent-minded to assume that the car is shut down—after all, the engine isn’t running. But the car may not be truly off. The engine could restart itself, say to address a climate control need, potentially sending carbon monoxide into the residence.”

The risk was identified early by safety advocates. From the NYT article:

“The risk identified initially was theft, because drivers might leave the key fob in the vehicle by accident. (In conventional ignitions, under regulations adopted in the 1990s, the key cannot be removed unless the car is in park.) The National Highway Traffic Safety Administration’s general counsel warned automakers in 2002 that keyless ignitions would be prone to mishaps arising from human error. In 2006, the agency updated its regulations to state that with keyless ignitions, “a warning must be sufficient to catch a driver’s attention before he or she exits the vehicle without the keys.”

Many safety advocates such as Consumer Reports and the National Highway Traffic Safety Administration (NHTSA) are asking automakers to add safety features to prevent this, such as an audible alert or an automatic shutoff when a driver leaves the car. Some cars have safety features but most don’t – ” … a survey of 17 car companies by The New York Times found that while some automakers go beyond the features recommended by the standards group, others fall short.”

For now in many keyless cars, the burden of safety falls directly on the driver. Here are a few tips:

  • When purchasing a car with a keyless system, ask about safety features
  • Read your owner’s manual to understand how your system works
  • Be aware of the problem and take extra precautions to shut vehicles down
  • Have a working carbon monoxide detector in your home

NHTSA offers more safety tips in this short video:

Pet holiday safety & pet holiday fun


Everyone knows the real purpose of the Internet is for cute and funny cat and dog videos – and in the holiday season, pet videos abound. We’re posting a few of our favorites, but first, a serious reminder: In all the celebrations and gala, take particular precautions to avoid pet hazards and look after your pet’s safety – the average cost of surgery is a whopping $1,803 per pet. For tips, see: Pet dangers increase during holidays, insurance claims skyrocket.

Cats wreaking havoc with Christmas trees sure make for fun online videos. Some people go to great lengths to outsmart their cats and retailers are producing special trees for people with cats. See other contraptions and wacky methods people take to protect their trees from pesky pets. This video shows cats winning the annual battle.

Here’s a 10-minute compilation of pets, presents and the pet’s reactions

And 10 more minutes of kids reacting to getting a puppy as a present

The Ranua Wildlife Park is an Arctic Zoo in Lapland so it’s pretty wintry looking. They already gave their animals “little presents in their own style.”

This is last year’s cute video of animals opening gifts in the London Zoo.

Don’t fall for any fake Santas: the 12 scams of Christmas


caroon orf a fake Santa in a police lineup

Busy this season? You probably are – everyone gets caught up in the year-end holiday madness. But no matter how busy you may be, there’s one group of people that never rest: online thieves, crooks and scammers. With just a few weeks left in peak shopping season, scammers are pulling out all stops to try to separate you from your money. Don’t let any fake, scam Santas ruin your holidays. The Better Business Bureau keeps an eye on active swindle schemes and offers an updated list for this season: 12 Scams of Christmas: What to Look For and How to Avoid Them.

Here’s a brief summary – click through the link above to learn more and to find out ways to prevent being a con victim.

1. Look-Alike Websites – these usually come by email offers so buyer beware of what you click!
2. Social Media Gift Exchange – a new twist on the old pyramid scheme.
3. Grandparent Scams – emergency calls for cash help from crooks posing as relatives or friends. Hint: elderly are particularly vulnerable, but hardly the only victims.
4. Temporary Holiday Jobs – fake employers trying to get personal information from unwary applicants.
5. Free Gift Cards – a common phishing scam bait.
6. E-Cards – More people rely on electronic versus traditional cards. So do more phishers – be careful what you click in emails.
7. Fake Shipping Notifications – Phishers know that most people are ordering or getting holiday gifts and you might get tricked by a phony mail alert.
8. Phony Charities – Giving is great, but check with BBB or with sites like Charity Navigator.
9. Letters From Santa – great when they are legit but use a trusted source.
10. Unusual Forms of Payments – If the seller wants prepaid debit or gift cards, wire transfers or payments through third parties, that is a scam alert!
11. Travel Scams – Phony email offers and scam sites are common all year, but especially in this heavy travel season.
12. Puppy Scams – These play on your emotion, but at the heartstrings and wallet. Get your puppies from trusted sources!

We recommend this age-old advice: if it seems too good to be true, it probably is. Be suspicious of emails. Hover over links before you click, or better yet, go directly to the site by typing in the URL. Rely on trusted vendors and be wary of email or online offers from companies you don’t know. BBB says that if you come across any of these scams this holiday season help protect yourself and others by:

Here are some tips we’ve offered from prior years:

 

 

Experts say: “Put a freeze on winter fires”


Home fires can happen any time of the year, but there are special risks over the holidays. Two very common activities that are popular at the holidays are often the source of fires: Holiday decorating and holiday cooking. For example, the top three days of the year for home candle fires are Christmas, New Year’s Day and New Year’s Eve. The National Fire Protection Association and the United States Fire Administration urge people to Put a freeze on winter fires. In this post, we focus on holiday fore prevention. We’ve included a video and infographic from the “Put a freeze…” campaign, as well as holiday decorating tips that they suggest.

Decorating for the holidays

  • Only use decorations that are flame-retardant or not flammable.
  • Check holiday lights each year for frayed wires or excessive wear.
  • Don’t link more than three strands of holiday lights.
  • Never leave a burning candle unattended. Consider using battery-operated flameless candles.

Christmas tree safety

  • Choose a tree with fresh, green needles that do not fall off when touched.
  • Before placing the tree in the stand, cut 2” from the base of the trunk.
  • Make sure the tree is at least three feet away from any heat source, like fireplaces, radiators, candles, heat vents or lights.
  • Make sure the tree is not blocking an exit.
  • Add water to the tree stand. Be sure to add water daily.
  • Use lights that have the label of a recognized testing laboratory. Some lights are only for indoor or outdoor use.
  • Replace any string of lights with worn or broken cords or loose bulb connections. Read manufacturer’s instructions for number of light strands to connect.
  • Never use lit candles to decorate the tree.
  • Always turn off Christmas tree lights before leaving home or going
  • Get rid of the tree after Christmas or when it is dry.
  • Dried-out trees are a fire danger and should not be left in the home or garage, or placed outside against the home.
  • Check with your local community to find a recycling program.
  • Bring outdoor electrical lights inside after the holidays to prevent hazards and make them last longer