Comment by owenversteeg
1 year ago
>112 eCall is not a black box. It does not record constantly the position of the vehicle, it records only a few data to determine the position and direction of the vehicle just before the crash and these data are only transmitted to emergency call centers if there is a serious crash.
That statement is factually inconsistent. Either 112 eCall incorporates a time travel device or it must constantly record the position and direction of the vehicle and other data. In theory, that data is then deleted, but you have no way to verify that it is - and it would only require a trivial, unnoticeable software update to modify this.
Thankfully, we're safe. Car software is notoriously high quality and rarely hacked. All governments are fully trustworthy, especially around espionage and privacy, and have a perfect track record of never lying to the public.
Look, the European Commission stated that it cannot be hacked; "hackers cannot take control of it", from ec.europa.eu. They built an unhackable device. I am not sure what you could be worried about. If the government tells you something cannot be hacked, then it cannot be hacked. Furthermore, none of the EU member states have been found using other infrastructure to violate privacy laws.
> That statement is factually inconsistent.
It's not. It just stores the last speed/wheel position/brake state data that it receives when the "collision imminent" condition activates. In some cars this can be literally the same signal that deploys the airbags.
> Look, the European Commission stated that it cannot be hacked
Pretty much. It's just a normal LTE radio, that is normally inactive. It technically is hackable, but I'm not aware of any hacks of baseband firmware of this severity.
Sorry, that's incorrect. I have actually read the law and its relevant standards. The standard requires at least two pre-accident locations to increase accuracy and other fields with pre-crash data are encouraged.
And come on. Car manufacturers, which are notorious producers of insecure software, are legally mandated to make an inexpensive device which includes an LTE radio and a connection to the vehicle buses, and you think that is... unhackable? I can't tell if you're trolling me, but your average blackhat only needs 1 of (shitty car OEM software/LTE radio/vehicle bus connected device) to break into a system. This system is a trifecta of hackable crap. To call that, of all devices, "unhackable" is priceless.
The MSD (minimum set of data) is defined in: "CEN 15722 ESafety - ECall - Minimum Data Set".
The original standard version defined only one location datapoint, the more recent version defines two additional _optional_ points ("recentVehicleLocationN1", "recentVehicleLocationN2"). It also allows specifying the number of passengers.
The mandatory datapoints include the location and direction of the vehicle, but they can be acquired as needed.
> I can't tell if you're trolling me, but your average blackhat only needs 1 of (shitty car OEM software/LTE radio/vehicle bus connected device) to break into a system.
I'm not aware of black hats hacking into a modem that is passively tracking the mobile networks. It's theoretically possible, but I'm not aware of such feats.
3 replies →