Wired.com: "At Last, a Firewall For Your Car’s Black Box"

This forum is for the open, public discussion of the Crash Data Retrieval Tool or Event Data Recorder technology. This is open to any registered user of the CrashForum.info site and not intended for direct CDR Tool User technical or analytical support.
Post Reply
User avatar
seanhaight
Site Admin
Posts: 192
Joined: Fri Apr 29, 2011 2:28 am
First Name: Sean
Last Name: Haight
Location: San Francisco Bay Area

Wired.com: "At Last, a Firewall For Your Car’s Black Box"

Post by seanhaight »

This is the same sort of story that we have seen posted before about this OBD lockout device but this portion is news to me:
Kowalick has already produced 4,000 AutoCybs in advance of his launch on Indiegogo and aims to raise $132,000 through the crowd-funding site by May 14. For $33, backers get an AutoCyb and Kowalick promises that all pledges will be fulfilled as soon as the Indiegogo campaign ends.

If his crowdfunding goes well, Kowalick hopes to make an NFC-compatible unit that will let drivers unlock the device with a smartphone.
If you would like to contribute to the "World's First Automotive Black Box Cyber Security Lock Project" :roll: visit this website:

http://www.indiegogo.com/projects/world ... ck-project



From: http://www.wired.com/autopia/2013/04/au ... -firewall/
You might not know it, but your car has the automotive equivalent of an airplane’s “black box.” It’s called an Event Data Recorder (EDR), and anyone with a handheld scanner and access to the port under your steering column can download a wealth of information about your car.

That worries Tom Kowalick, one of the engineers responsible for developing the EDR, so he’s crowd-funding a device that lets drivers lock up that data. It’s called the AutoCyb and it’s a deceptively simple solution: a mechanical dongle that plugs into a car’s diagnostic port, and locks in place with a key.

“In concept, it is as simple as locking your glove compartment or the front door of your house,” Kowalick tells Wired.

It may be low-tech, but the device is the first security hardware built to protect a glaring information security hole in your car: the Onboard Diagnostic Port (or OBDII), a small jack underneath the steering column found on every vehicle manufactured since 1996. The ODBII port is what your mechanic uses to determine why the “check engine” light is on in your car. But if you crash, the port also provides access to logs showing exactly what was going on with the car’s systems before, during and after the moment the air bag deployed — everything from speed to seat belt use.


Photo: Tom Kowalick
The animating principal of the AutoCyb is that the vehicle’s driver owns that data, and nobody should be able to get access to it with the driver’s permission.

“It is their data to begin with,” Kowalick says. “And they are merely securing it from others who possess the ability to alter, delete, modify or just plain zap it with an electronic tool. They went from point A to B. They created it. Why should others access it?”

It’s a reasonable question, and one that raises concerns about what happens to your car after a crash. Several Internet vendors sell products that can alter or completely erase crash data in an attempt to defraud insurance companies. Since vehicles are normally removed from a crash scene soon after the incident, neither the owner nor the insurer will be able to keep tabs on exactly where the vehicle is and who has access. That opens up a window for nefarious activity.

“The data belongs to the owner of the vehicle,” Bob Passmore, senior director of personal lines policy at the Property Casualty Insurers Association of America told Wired. “I see this … as a protection for the owner.”

According to Passmore, keeping this data out of the wrong hands is in the interest of both the vehicle owner (the policy holder) and the insurance company. “The only issue is if the policy holder blocks access,” says Passmore. But if it comes down to a court case, the insurer could petition the court for a subpoena.

Kowalick has already produced 4,000 AutoCybs in advance of his launch on Indiegogo and aims to raise $132,000 through the crowd-funding site by May 14. For $33, backers get an AutoCyb and Kowalick promises that all pledges will be fulfilled as soon as the Indiegogo campaign ends.

If his crowdfunding goes well, Kowalick hopes to make an NFC-compatible unit that will let drivers unlock the device with a smartphone.
Sean Haight, PhD

CrashForum.info
Site Administrator
Engineer, ACTAR #2769
Editor, Collision Publishing

jsuway
Posts: 39
Joined: Tue Feb 07, 2012 11:24 am
First Name: Jeff
Last Name: Suway
Contact:

Re: Wired.com: "At Last, a Firewall For Your Car’s Black Box"

Post by jsuway »

Several Internet vendors sell products that can alter or completely erase crash data in an attempt to defraud insurance companies.
Whats up with this?

I have never heard of any such devices and I have always been taught that once the data is locked, it is locked and cannot be overwritten. This is why the modules have to be replaced when the memory is full. Maybe they are talking about ND or unlocked data only?

User avatar
seanhaight
Site Admin
Posts: 192
Joined: Fri Apr 29, 2011 2:28 am
First Name: Sean
Last Name: Haight
Location: San Francisco Bay Area

Re: Wired.com: "At Last, a Firewall For Your Car’s Black Box"

Post by seanhaight »

I think there are some people online claiming they can reset devices. There is current research being conducted to see if they actually deliver on this promise... And how they do it.
Sean Haight, PhD

CrashForum.info
Site Administrator
Engineer, ACTAR #2769
Editor, Collision Publishing

Post Reply