“I just connected my phone to the car’s spinal cord, which runs through the interior rearview mirror. This automatic version is free software that can be downloaded from the Internet,” he explains. The demonstration is taking place in front of the public on the occasion of the Breizh CTF Hacking Championship, which welcomed about 500 participants on Friday 1Verse April 2022. “The only advantage I have is to convert this software designed for American versions of Toyotas, and adapt it to European vehicles,” he continues.
The goal is to test vehicles so that they can drive themselves “alone,” even remotely, and to detect security flaws to prevent intrusions by malicious people. One way to conduct these tests, according to him, is to find spare parts on Le bon Coin in order to “better understand how they work and convert”, such as small radio-connected valves attached to tires that inform the driver in real time of their pressure level.
Vehicles are increasingly porous
“If you have a tire failure, your car flashes a warning light telling you that you have, say, a tire that is not inflated. We hackers are drawing the attention of manufacturers and equipment manufacturers who have not yet encrypted the communications between this valve and the car’s computer,” confirms Gail Muskett. According to him, finding the communication frequency of the tire and obtaining an amateur radio antenna is enough to make someone think that his tires have deflated or caught fire.
The car key can also be hacked. “Someone just needs to get close to me, pick up the signal from my key, transcribe it with my ring antenna and pass my vehicle to start unlocking.” “We can even stop a convoy, and that’s endless because the vehicles will be more and more equipped with computers and sensors,” predicts the “ethical” hacker, who calls for the equivalent of “digital crash tests” for all previous factory vehicles. “Our role is to see problems before they happen and correct flaws before they are exploited,” he explains.