Using Tire Pressure Sensors To Spy On Cars 203
AngryDad writes "Beginning last September, all vehicles sold in the US have been required to have Tire Pressure Monitoring System (TPMS) installed. An article up at HexView enumerates privacy issues introduced by TPMS, and some of them look pretty scary. Did you know that traffic sensors on highways can be adopted to read TPMS data and track individual vehicles? How about an explosive device that sets itself off when the right vehicle passes nearby? TPMS has been discussed in the past, but I haven't seen its privacy implications analyzed before. Fortunately the problem is easy to fix: encrypt TPMS data the way keyless entry systems do."
Choose your role models carefully (Score:2, Interesting)
Alternatively... (Score:1, Interesting)
Or get rid of the nanny state law requiring TPMS. They give drivers a false sense of security regarding their tires, help them to justify paying even less attention to the state of their cars and required maintenance, cost everyone money (even if they don't want one), add unsprung weight to the vehicle, and apparently cause security issues.
Good 'ole "Know what's best for its citizens - especially when reacting to a few tragic incidents that catch the media's eye" federal government.
Re:OnStar (Score:3, Interesting)
Bubbling up from the lower levels (Score:3, Interesting)
Re:Part of me feels paranoid now... (Score:5, Interesting)
Fast forward to now. One might scan the sensors on a target vehicle as it drives a common route, emplace IEDs on multiple routes, and break out the popcorn (or pita as the case may be) until the target drives by. This would be ideal for political hits where the target uses a specific armored vehicle.
http://www.german-way.com/aherrhsn.html [german-way.com]
"Maybe in the future we can all roll to work in giant hamster balls."
That would be quite a hamster.
Re:The "solution" is not so simple. (Score:3, Interesting)
I've recently seen reference to work discussing threat perception along these lines, but unfortunately quick searches aren't dredging it up right now. Handy references, anyone?
ABS Sensor (Score:3, Interesting)
Re:The "solution" is not so simple. (Score:5, Interesting)
In this case there's no reason for each tire pressure sensor to be broadcasting one. All they need to do is chirp back the pressure inside the tire. That's it. Give them enough power to hit a receiver located in the wheel (which might be 4-6" away in a very large tire, probably a lot closer than that, and it's all inside the steel-belted tire) and call it a day. Unless you are playing Ben Hur, you're not going to get close enough to another car's tires for it to become a problem -- use a high frequency and you're going to get a substantial bit of attenuation via the tire itself, and then you're decreasing as the square of the distance through free space. You're never going to have more than one valve-stem sensor per wheel-mounted receiver, so why bother with it?
If you really do need a weak form of identification, rather than hardcoding a UID, it would be pretty trivial to have each sensor randomly choose a number from a range such that the chance of collisions was low (deriving the randomness from resistor noise or by oversampling whatever analog sensor they use to determine pressure) and reset periodically or each time the car is started. That eliminates the problem of having to coordinate UIDs and prevent duplicates (cf. the cheap Bluetooth transceivers that caused problems because their MAC-ish addresses were all zeros). Every unit can be completely identical.
On further consideration, I can't really imagine why the designers of the TPMS would have given each sensor a UID (especially since it would probably cause confusion when you rotate tires, if the car's computer tracks them)
Re:President authorizes warrentless tire tapping.. (Score:1, Interesting)
The point of these growing searches is not because the government wants to be able to track the bad guys in this 'age' of increasing terrorism. It's because they want the public to be so afraid, and using terrorism as an excuse works well, that they can simply look through everyone's life at any time. Oh, and in case you haven't realized, everyone is now suspect of terrorism.
Sure they won't use the information to track you down to that little motel off route nine. Well, they might, but they might look the other way past that point. But they may use the information to see where you enter and exit the Interstate (or other monitored road) and correlate the data with nearby 'terrorist' suspects and 'hideouts.' You know, the bar where a government employee happens to stop off for a beer with a couple friends, who work at different places, after work, to have a beer and complain about their day. Jut your luck, that one guy was reported as expressing violent intent. He was quite vocal. Not the one who reported him no longer goes to that bar, and said that several other patrons agreed with him. Now they are all on a watch list. And the bar just so happens to be across from that motel with the women you mentioned. And Rte. 9 is not a monitored road.
It is an extreme example. But if we're in a society that can have an Air Force Captain charged with terroristic acts for buying her ten-year-old son a flight simulator program because the cashier at the local Circuit City is paranoid of terrorism thanks to media fear mongering, then anything is possible to some extent.
Re: Finally, an April Fools story!!! (Score:3, Interesting)
"Fortunately the problem is easy to fix: encrypt TPMS data the way keyless entry systems do."
Yeah, encryption would stop the little hacker down the street and keep them from setting up a road side explosive set just for you, but it wouldn't stop the government -- who would mandate a backdoor -- from doing it.
And personally, I'm not really worried about the hacker down the street...if cars start blowing up I would bet money it would be government doing it...and not a foreign government, but our government (but of course, it would be blamed on terrorist and the population at large would give up ever last bit of the tiny amount of "freedom" that we have left to get those darn terrorist).
Personally, I've never really been scared by any of the things our government keeps telling me I should be terrorized by, but what really scares me is the bleak future I see for my kids and their kids...caused by our own Orwellian, all-powerful government.
transporter_ii