From mboxrd@z Thu Jan 1 00:00:00 1970 From: krewat@kilonet.net (Arthur Krewat) Date: Mon, 5 Feb 2018 18:20:58 -0500 Subject: [TUHS] Windows roots and Unix influence (was Re: Happy birthday, Ken Thompson!) In-Reply-To: <013001d39ecc$614dc500$23e94f00$@ronnatalie.com> References: <20180204091435.GA22841@indra.papnet.eu> <00d001d39ddc$a069a380$e13cea80$@ronnatalie.com> <0B2B7C84-12D8-49A6-BAA3-BD434823D41D@cheswick.com> <013001d39ecc$614dc500$23e94f00$@ronnatalie.com> Message-ID: <5a838d87-4acb-e2f4-f09e-458d6c5eae49@kilonet.net> The CAN network is bi-directional, and I don't think it has any security. So any node on the CAN can read-write whatever the heck it wants to. Plug in an OBD-II device, and using the right software (like Forscan) you can read/write all sorts of locations in the body-control module, flash new software into the PCM (powertrain control module), etc. I suspect that if you have the entertainment system that has the ability to read PIDs in the PCM, for example, road speed, that same interface could be used to write values as well. My 2013 Taurus SHO came with Sync 2 - which ran Windows CE. Thankfully, it wasn't a "server" and WiFi wasn't enabled. Now my 2016 Taurus SHO has Sync 3 running QNX. I am not amused ;) On 2/5/2018 4:57 PM, Ron Natalie wrote: > There's certainly been demonstrations of vehicles being taken over via the entertainment system; why the stereo needs to talk to the engine computer I'll never know... I know, wind up the volume the faster you go etc, but surely it ought to be one-way?