Tuesday, April 19, 2016

Hacking cars for a ransom

Sometime earlier this year (2016), Eugene Kaspersky commented on the state of "connectedness" of the newer automobiles - on how this symbiosis of several digital components (talking over a CAN bus) is going to invite/foster hacking attacks. An accompanying demo disabled a Cherokee this way, to show what hackers can do to the cars of today.

In the meantime, I had another scenario playing in head. Automated driving is in its infancy (Google cars is demo-ing), but one thing we understand is that it will involve a lot of connected micro-devices inside the car talking over the cloud to a massive central controller (server). Where there's a technology, there exists a way to reverse engineer it. What if we have hackers taking over a fleet of Google Cars and asking for a ransom?

"We have taken control one thousand cars, and hence over a thousand lives. The cars are our slaves now. One command, and they would drive off the road. Somebody gets hurt real bad. The cost to mitigate this situation (ie have us relinquish control) is 100 billion dollars!"
To some extent this is the pulp fiction generator in my head at work. But sometimes reality comes overlapping.

Monday, April 11, 2016

ISRO Bhuvan: go eat it

The ISRO has a very cool portal called running, Bhuvan. I just got to find out. It was a digression from an urgent forest fire situation at hand, that I ended up at the Uttarakhand Forests Dept website, thereby led onto a Forest Fire Info page, which had a banner, saying "View Forest Fire Alert for Uttarakhand State on Bhuvan - collaborative effort between ITGC and NRSC").


The Uttarakhand forest portal homepage [on Bhvan] describes it as
Bhuvan Uttarakhnad Forest portal provides a platform for hosting of all GIS database of Uttarakhnad Forest. It is a satellite based technology to watch over the State's forests boundaries, gives detailed location and satellite images of any area or project under various forestry schemes in the State. 
It can keep an eye over activities like; Plantation, Forest Fire, Protected Areas, Asset Management, Eco-tourism, Forest rest Houses location, land Use cover, Wastelands, Map downloading facility etc. can be visualised. User can add layer over the map and take print out for planning purposes. 

While my original purpose of reporting a LIVE fire incident didn't find an end, I got busy checking out the portal, which is a lotta map data through a easy, working, live-loading form (forms are the horror of Indian govt portals, but this worked).

Though the implementation and the utility of the tool is great, live data part is lacking. I found no forest fire incidents around Nainital in the month (so far). It was the increasing incidents of these fires that got me there, to find that none go reported. I figured they do have a satellite system to monitor the forest cover and report any developing fires, but that doesn't seem likely. No such data exists. The data says, "all clean". It also reminded of other incidents of forged data, as part of some institutional laxity, and a creeping fear that we'll have an under-powered tool in the future is taking shape.