Researchers Plan to Demonstrate a Wireless Car Hack This Summer

As reported by Wired: A note of caution to anyone who works on the security team of a major automobile manufacturer: Don’t plan your summer vacation just yet.

At the Black Hat and Defcon security conferences this August, security researchers Charlie Miller and Chris Valasek have announced they plan to wirelessly hack the digital network of a car or truck. That network, known as the CAN bus, is the connected system of computers that influences everything from the vehicle’s horn and seat belts to its steering and brakes. 

And their upcoming public demonstrations may be the most definitive proof yet of cars’ vulnerability to remote attacks, the result of more than two years of work since Miller and Valasek first received a DARPA grant to investigate cars’ security in 2013.  

“We will show the reality of car hacking by demonstrating exactly how a remote attack works against an unaltered, factory vehicle,” the hackers write in an abstract of their talk that appeared on the Black Hat website last week. “Starting with remote exploitation, we will show how to pivot through different pieces of the vehicle’s hardware in order to be able to send messages on the CAN bus to critical electronic control units. We will conclude by showing several CAN messages that affect physical systems of the vehicle.”

Miller and Valasek won’t yet name the vehicle they’re testing, and declined WIRED’s request to comment further on their research so far ahead of their talk.

Academic researchers at the University of Washington and the University of California at San Diego demonstrated in 2011 that they could wirelessly control a car’s brakes and steering via remote attacks. They exploited the car’s cellular communications, its Wi-Fi network, and even its bluetooth connection to an Android phone. But those researchers only identified their test vehicle as an “unnamed sedan.”

Miller and Valasek, by contrast, haven’t hesitated in the past to identify the exact make and model of their hacking experiments’ multi-ton guinea pigs. Before their presentation at the Defcon hacker conference in 2013, they put me behind the wheel of a Ford Escape and a Toyota Prius, then showed that they could hijack those two vehicles’ driving functions—including disabling and slamming on brakes or jerking the steering wheel—using only laptops plugged into the OBD2 port under the automobiles’ dashboards.

Some critics, including Toyota and Ford, argued at the time that a wired-in attack wasn’t exactly a full-blown hack. But Miller and Valasek have been working since then to prove that the same tricks can be pulled off wirelessly. In a talk at Black Hat last year, they published an analysis of 24 automobiles, rating which presented the most potential vulnerabilities to a hacker based on wireless attack points, network architecture and computerized control of key physical features. In that analysis, the Jeep Cherokee, Infiniti Q50 and Cadillac Escalade were rated as the most hackable vehicles they tested. The overall digital security of a car “depends on the architecture,” Valasek, director of vehicle security research at security firm IOActive told WIRED last year. “If you hack the radio, can you send messages to the brakes or the steering? And if you can, what can you do with them?”

Miller, who aside from his car hacking work holds a day job as a senior security engineer at Twitter, did offer what might be a hint of their target in a tweet last week:

Jeep, after all, received the worst security ratings by some measures in Miller and Valasek’s earlier analysis. It was the only vehicle to get the highest rating for “hackability” in all three categories of their rating system. Jeep-owner Chrysler wrote last year in a statement responding to that research that it would “endeavor to verify these claims and, if warranted, we will remediate them.”

Valasek and Miller’s work has already led to serious pressure on automakers to tighten their vehicles’ security. Congressman Ed Markey cited their research in a strongly-worded letter sent to 20 automakers following their 2013 presentation, demanding more information on their security measures. In the responses to that letter, all of the auto companies said their vehicles did have wireless points of access. Only seven of them said they used third parties auditors to test their vehicles’ security. And only two said they had active measures in place to counteract a potential digital attack on braking and steering systems.

It’s not clear exactly how much control Miller and Valasek have gained over their target automobile’s most sensitive systems. Their abstract hints that “the ambiguous nature of automotive security leads to narratives that are polar opposites: either we’re all going to die or our cars are perfectly safe,” and notes that they’ll “demonstrate the reality and limitations of remote car attacks.”

But in a tweet following the announcement of their upcoming talk last week, Valasek put it more simply:

“[Miller] and I will show you how to hack a car for remote control at [Defcon],” he wrote. “No wires. No mods. Straight off the showroom floor.”

Russian Cargo Ship Suffers Glitch After Launching Toward Space Station

As reported by Space.com: A robotic Russian cargo spaceship experienced a glitch shortly after launching toward the International Space Station Tuesday (April 28), delaying and potentially imperiling its arrival at the orbiting lab. 

Russia's unmanned Progress 59 spacecraft blasted off atop a Soyuz rocket at 3:09 a.m. EDT (0709 GMT; 1:09 p.m. local time) Tuesday from Baikonur Cosmodrome in the Central Asian nation of Kazakhstan. Everything went smoothly until the cargo vessel separated from the rocket. Progress 59's solar arrays deployed on schedule, but some of its navigational antennas apparently did not deploy, NASA launch commentators said.

Russian flight controllers have also been having trouble uplinking commands to the Progress 59, and there may be issues with the vehicle's propulsion system as well, commentators added.

Progress 59, which is loaded with about 6,000 lbs. (2,720 kilograms) of food, fuel and other supplies, was supposed to arrive at the orbiting lab just six hours after liftoff, at about 9 a.m. EDT (1300 GMT) Tuesday. But the antenna issue will push the docking attempt back by nearly 48 hours, to 5:03 a.m. EDT (0900 GMT) on Thursday (April 30). 

This switch from the fast track, four-orbit route to the International Space Station to a two-day journey that requires 34 orbits to complete is "part of the nominal backup plan for all Soyuz and Progress vehicles" and gives Russian flight controllers time to try to troubleshoot the problems, NASA commentators said.

It was not entirely clear shortly after liftoff just what those problems are, or if they are fixable. Initial telemetry readings suggested that the Progress 59's two Kurs "automated rendezvous antennas" failed to deploy, but later telemetry seemed to indicate that the Kurs antennas are behaving normally but other antennas did not deploy, NASA launch commentators said.

The Progress is one of four different robotic vessels that ferry cargo to the space station. The other three are Japan's H-II Transfer Vehicle and the Dragon and Cygnus spacecraft, which are built by American aerospace firms SpaceX and Orbital ATK, respectively. Dragon is the only one of these craft that can bring cargo back down to Earth (the others are designed to burn up in the planet's atmosphere).

Secretive X-37B Robot Space Plane Returns to Earth

As reported by NBC News: After seven months in space, the U.S. Air Force's secretive X-37B unmanned space plane returned to Earth on Friday to wrap up a debut flight shrouded in secrecy.

The robotic X-37B space plane landed at Vandenberg Air Force Base in California to end its maiden voyage. The space plane, also known as Orbital Test Vehicle 1, glided back to Earth over the Pacific Ocean before landing at the revamped Vandenberg runway at about 1:16 a.m. PT Dec. 3.

"Today's landing culminates a successful mission based on close teamwork between the 30th Space Wing, Boeing and the Air Force Rapid Capabilities Office," said Lt. Col. Troy Giese, X-37B program manager from the AFRCO, which oversaw the mission. "We are very pleased that the program completed all the on-orbit objectives for the first mission."

In all, the X-37B space plane spent more than 220 days in orbit. Air Force officials said earlier this week that the X-37B could land anytime between Friday and Monday.

The Air Force has kept the exact nature and cost of the X-37B's secretive mission a closely guarded secret, but some analysts and skywatchers have speculated that the spacecraft served as an unmanned orbital spy platform.

Robot space drone's long flight 
The Air Force launched the robot space plane atop an equally unmanned Atlas 5 rocket on April 22. Since then, the spacecraft has orbited Earth, at times tracked by meticulous skywatchers who first spotted the spacecraft in space using telescopes, then noticed its apparent manuevers to change orbits. [Video of the X-37B in space]

"This is a historical first, not only for Vandenberg Air Force Base, but for the Air Force and our nation to receive a recoverable spacecraft here and really take a step forward in advancing unmanned space flight," 30th Space Wing commander Col. Richard Boltz said in a statement issued before the landing.

The X-37B space drone is robotic winged spacecraft that looks in many ways like a miniature space shuttle. It was built by Boeing's Phantom Works Division in Seal Beach, Calif., and can fly long, extended missions because of its solar array power system, which allows it to stay in orbit for up to 270 days, Air Force officials have said.

Originally, NASA used the X-37B space plane as an experimental test bed until funding for the project ran out in 2004. The vehicle then passed to the Defense Advanced Research Projects Agency and was ultimately turned over to the Air Force in 2006.

X-37B's mystery mission 
Air Force officials have said the X-37B Orbital Test Vehicle 1 is being used to demonstrate and test guidance, navigation and control systems, as well as evaluate autonomous landing techniques for winged spacecraft. Details about any experimental payloads on the spacecraft are classified, Air Force officials have said.

Before the April launch of the Orbital Test Vehicle 1 flight, Gary Payton, Air Force deputy undersecretary of space programs, said that the X-37B is not a space weapon.

"I don't know how this could be called a weaponization of space," Payton told reporters at the time. "Fundamentally, it's just an updated version of the space shuttle kinds of activities in space."

But some facts about the X-37B spacecraft are well known.

For example, the spacecraft has two wings, a payload bay about the size of a pickup truck bed and black heat-resistant tiles to withstand the searing hot temperatures of atmospheric re-entry.

This SPACE.com graphic of the X-37B depicts the characteristics and capabilities of the unmanned space plane.

The X-37B is about 29 feet (9 meters) long and has a wingspan of just over 14 feet (4 meters) across. It stands just over 9.5 feet (3 meters) tall and weighs nearly 11,000 pounds (about 5,000 kg).

The X-37B launches like a rocket and glides back to Earth like NASA's space shuttles, but instead of a single tail fin at the rear, the X-37B has two stabilizers, called "ruddervators," sprouting up in a "V" shape.

The vehicle was also equipped with a destruct mechanism, so Air Force officials could destroy it by remote control if it veered off course while gliding over the Pacific Ocean toward the Vandenberg Air Force Base.

Robot space plane's return 
To prepare for the mini-shuttle's landing, a huge team of workers had to replace some 658 steel discs along the along the centerline of Vandenberg 15,000-foot runway because the older ones could have posed a hazard to the X-37B vehicle's tires, according to the Santa Maria Times newspaper.

The Air Force has already ordered a second X-37B, the Orbital Test Vehicle 2, which is slated to launch on another test flight sometime in the spring of 2011.

But for now, Air Force officials said they were ecstatic to see the successful return of the first X-37B spacecraft.

"With it being such a unique mission for the base, it is exciting to be a part of this historic landing," said Capt. Dariusz Wudarzewski, 2nd ROPS range operations commander. "For how long we have been working on it, I think everyone is really excited to see it culminate."

NASA May Have Accidentally Created a Warp Field

As reported by Mysterious Universe: “Star Trek” introduced the world outside of rocket science circles to the concept of warp drive – the propulsion system that allowed the starship Enterprise to travel faster than the speed of light. Warp speed is the holy grail that would let us explore the universe safely surrounded and protected by a space-distorting warp field. After watching the SpaceX rocket recently just try to land on a platform, you’d think this ability is years if not decades away. Yet the buzz on space websites is that NASA may have accidentally discovered a way to create a warp field. Wait, what?

To get around the theory of relativity, physicist Miguel Alcubierre came up with the concept of a bubble of spacetime which travels faster than the speed of light while the ship inside of it is stationary. The bubble contracts spacetime in front of the ship and expands it behind it. The warp drive would look like a football inside a flat ring. The tremendous amount of energy it would need made this idea prohibitive until Harold “Sonny” White of NASA’s Johnson Space Center calculated that making the ring into a donut shape would significant reduce the energy needs.

Meanwhile, in the lab, NASA and other space programs were working on prototypes of the EmDrive or RF resonant cavity thruster invented by British aerospace engineer Roger J. Shawyer. This propulsion device uses a magnetron to produce microwaves for thrust, has no moving parts and needs no reaction mass for fuel. In 2014, Johnson Space Center claimed to have developed its own low-power EmDrive.

Which brings us to today’s warp field buzz. Posts on NASASpaceFlight.com, a website devoted to the engineering side of space news, say that NASA has a tool to measure variances in the path-time of light. When lasers were fired through the EmDrive’s resonance chamber, it measured significant variances and, more importantly, found that some of the beams appeared to travel faster than the speed of light. If that’s true, it would mean that the EmDrive is producing a warp field or bubble. Here’s a comment from a space forum following the tests.

"That’s the big surprise. This signature (the interference pattern) on the EmDrive looks just like what a warp bubble looks like. And the math behind the warp bubble apparently matches the interference pattern found in the EmDrive."

Another surprise is that the discovery was accidental, as this comment attests:

"Seems to have been an accidental connection. They were wondering where this “thrust” might be coming from. One scientists proposed that maybe it’s a warp of the spacetime foam, which is causing the thrust."

What happens next? To prove that the warp effect was not caused by atmospheric heating, the test will be replicated in a vacuum. If the same results are achieved, it seems to mean that the EmDrive is producing a warp field, which could ultimately lead to the development of a warp drive.

What does that mean? I’ll let the physicists, propulsion experts and space scientists answer that. All I know is, it will cause a lot of wet seats at the next Star Trek convention.

Google Works To Improve Spam Detection Systems On Google Maps After Obscene Edits

As reported by TechCrunch: Google says it’s working to improve its spam-detection systems in its Google Maps platform after yet another prank allowed a user to upload an inappropriate image to Google Maps. This most recent image, which showed the Google Android mascot urinating on the Apple logo in the style of those unfortunate Calvin and Hobbes bootleg decals, was apparently uploaded by a Map Maker user “nitricboy” yesterday, according to his user profile page on Map Maker.

The user, apparently, enjoyed sneaking in bad edits to Google Maps – he also was able to get a Skype logo through, as well as a happy face, as contributors on Hacker News have since pointed out.

Map Maker, for those unfamiliar, is a years-old online tool that allows users worldwide the ability to upload new data to Google’s online mapping service – particularly in less-developed regions where detailed local maps had yet to become available. The idea is that users would be able to add details to maps that Google didn’t already have – like new roads or points of interest.

In the case of the recent “hack,” the user submitted the image as a “park,” for example, located on the outskirts of Rawalpindi, a Pakistani city 10 miles southwest of Islamabad.

The Map Maker platform, like many that rely on the power of crowdsourcing, lets anyone submit and edit. These edits are then approved by a community moderation process. However, it appears that it’s fairly simple for users to create additional accounts in order to “approve” their obscene edits. Or, in other cases, users approve the edits because they’re in on the joke or just want to be.

That’s led to some problems for Google Maps in recent days, it seems.

In addition to Map Maker, users have found other ways to hack their pranks onto Google Maps.

For instance, earlier this month, someone uploaded a new business listing located in the White House dubbed as “Edwards Snow Den.” (Get it?). That particular joke originated as a verified business listing on Google. The prankster realized that you could change the name and location of a business listing after its creation, and adjusted it to read “1600 Pennsylvania Avenue.”

The extensibility of Google Maps’ platform has been a longtime advantage for the company, whose maps are believed by many to be the best on the market. And Google notes today that contributed content from its user community as well as their edits are generally accurate and have positive and beneficial impact on their local community and businesses.

That being said, the company admits it needs to find ways to improve how it detects, prevents and handles bad edits. “Handling spam is a complex issue and we’re continuously working on ways to improve our systems, including new ways of preventing, detecting and taking down incorrect edits,” a spokesperson said regarding the new hack, which has now been broadly covered by major news outlets, some of whom even speculated it was a Google “Easter Egg.”

“We’re sorry for this inappropriate user-created content; we’re working to remove it quickly,” the Google spokesperson added.

Currently, the company relies on a combination of systems to detect and prevent map spam, including community flagging. (That’s where other users can flag content as being inappropriate or inaccurate.) But this is only one of many tools used to stop spam.

However, when bad edits fall through the cracks and actually make it onto the maps, Google then uses its understanding of what happened in order to integrate new reinforcements into its system.

But it’s unclear specifically what action Google will take to lock down Maps in the face of future pranksters. Especially because it seems like other users with a good history of edits helped “approve” these changes, which would have made the edit difficult for bots to catch. After all, the power of good content comes from the strength of the online community – and that will require more effort than an algorithm tweak to fix.

Progress Eagle Concept Imagines Zero-Emissions Air Travel for 800 Passengers

As reported by SlashGear: We’ve seen a number of vehicular concepts, but some have turned their sights to the sky and envisioned what the future of traveling amongst the clouds might look like. Previously a futuristic design for the AWWA Sky Whale concept was introduced, and now its designer — Oscar Vinals — has updated his own ambitions, creating a new concept called the AWWA-QG Progress Eagle. It’s a triple-decker zero-emissions plane, and were it to be made it would be able to carry around 800 passengers.

The designer imagines his concept could become a reality in 2030 or thereabouts, and rather than using traditional fuel, it would utilize half a dozen hydrogen engines. A rear engine would also serve as a wind turbine, and there would be solar panels integrated into the window for helping reclaim some energy. As with zero-emissions vehicles, it would also be nearly silent.

Because the plane is so large, the designer also envisions it having another class superseding first class, and it would be called “pilot class”. The pilot class would give the passengers there panoramic views of the sky around them, and could be complemented by train-like areas on the plane to buy food and drinks, and perhaps even private rooms.

According to the designer, in the present age we have 40-percent of the technology what would be required to build this plane, hence his 2030 figure. It would need, among other things, quantum solar cells, micro radio wave harvesters, nanowires, and more to become reality.

Tesla Wants to Power Wal-Mart

As reported by Bloomberg Business: Tesla Motors Inc. is signing up big customers like Wal-Mart and Cargill, accelerating efforts to become a leader in energy storage -- a new market that’s poised to boost sales and profit at the electric vehicle pioneer.

Next week, Tesla will make a deeper push beyond the car business when it unveils batteries for homes and utilities.

A review of California’s Self Generation Incentive Program, or SGIP, shows Tesla has ambitions to sell batteries for a range of commercial uses, from powering its factories to reducing electric bills at schools and wineries. Tesla is on track to reap as much as $65 million in SGIP rebates, which are designed to encourage investment in alternative energy.

“Tesla has been able to install more than 100 projects, really without anyone noticing,” said Andrea James, an analyst with Dougherty & Co. She said Tesla’s energy storage business could be worth as much as $70 to Tesla’s stock. The shares rose 5.3 percent to $220.45 at 2:44 p.m. New York time after climbing as much as 6 percent for the biggest intraday gain in more than two weeks.

As a builder of electric cars, the company has a vested interest in making the electric grid as clean as possible. Customers typically buy the batteries to store energy from solar panels, using them when electricity from the grid is most expensive or the sun isn’t shining. With Tesla’s gigafactory for battery production under construction in Nevada, storage products could serve as a secondary revenue stream for the company, which is looking to diversify its product lineup.

As part of a pilot program with sister company SolarCity, Tesla has installed batteries at about 300 California homes equipped with solar panels. Wal-Mart Stores Inc., which has a relationship with SolarCity, has Tesla batteries installed at 11 California stores; Cargill Inc. plans a one-megawatt system for its animal-processing plant in Fresno.

Home Battery
The SGIP database provides a snapshot of Tesla’s activities in its home state and is by no means a complete picture of the company’s storage ambitions.

But Chief Executive Officer Elon Musk has been dropping hints for weeks, and yesterday the company told investors and analysts in an e-mail that Tesla will announce the home battery and a “very large” utility-scale battery on April 30. In the e-mail, Jeffrey Evanson, Tesla’s chief of investor relations, said the company “will explain the advantages of our solutions and why past battery options were not compelling.”

Tesla spokeswoman Khobi Brooklyn said the company would share more information next week.

Thanks to state incentives and advances in battery chemistry, storage is a hot industry. By 2019, total U.S. sales will reach $1.5 billion, about 11 times as much as in 2014, according to a March report from GTM Research.

Renewable Grid
“Energy storage on the grid will grow rapidly in combination with renewables,” Tesla Chief Technology Officer JB Straubel said last month at the Vail Global Energy Forum. “Eventually you’re going to have a 100 percent battery electric vehicle fleet, working in tandem with an almost 100 percent renewable electric utility grid full of solar and wind.”

For companies looking to break into California’s storage market, the first stop is SGIP. Founded during an energy crisis in 2001 and funded by ratepayers, the program has a budget of $83 million and covers as much as 60 percent of a project’s costs. All proposals go through a technical review and are supposed to be connected to the grid within two years. Applicants collect rebates once projects are completed.

Wine Battery
While companies like Coda Energy, Green Charge Networks and Stem have also applied for SGIP funds, Tesla accounts for almost half of all storage applications, Bloomberg New Energy Finance said in an April 2 report published for clients. BNEF also said Tesla accounts for about 70 percent of SGIP storage projects connected to California’s grid.

Jackson Family Wines, based in Santa Rosa, has a new partnership with Tesla involving battery storage and several vehicle charging stations, according to the February issue of Wine Business Monthly. The winery declined to comment.

Mack Wycoff, Wal-Mart’s senior manager for renewable energy and emissions, said the company is intrigued by energy storage. “Instead of pulling electricity from the grid, you discharge it from the battery,” he said. “Ideally you know when your period of peak demand is, and you discharge it then.”

Mike Martin, Cargill’s director of communications, declined to provide details about how the company plans to use Tesla batteries at the Fresno plant. The 200,000-square-foot facility, one of the largest of its type in California, produces nearly 400 million pounds of beef each year.

Janet Dixon is director of facilities at the Temecula Valley Unified School District in southern California, which plans to install solar panels at 20 of its 28 schools this summer. Dixon said that SolarCity is the solar provider, and five of the facilities will have Tesla batteries.

“We spend roughly $3 million a year on electricity, and most of that is lighting and air conditioning,” said Dixon. “We are going solar to reduce our overall costs and the battery storage should help us manage our peak demand.”