FBI issues safety warning to auto makers on vehicle software security
The FBI this week sent out a warning to car makers and owners, alerting them to potential security holes in automotive software, all while still pushing Apple to create a method to break into securely encrypted iPhones.
In a public service announcement published this week, the FBI and national Highway Traffic Safety Administration alerted both car manufacturers and the general public that they should be aware of cyber security threats to vehicle software.
The warning is largely in response to exploits publicized by Charlie Miller and Chris Valasek, who last year successfully hacked into a Jeep Cherokee from more than 10 miles away. Miller and Valasek were able to remotely disable the Jeep's accelerator while adjusting the air conditioning, radio and windshield wipers.
The whitepaper produced by Miller and Valasek was cited by the FBI in this week's warning, noting that almost 1.5 million vehicles were recalled as a result of the findings. As a result, the bureau has asked manufacturers of vehicles, components and aftermarket devices "to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles."
While the FBI pushes the auto industry to improve the security of its software, Apple has accused the law enforcement agency of attempting to forcefully weaken its own iOS platform for iPhone. In Apple's view, the U.S. government is attempting to force the company to create a new operating system, which it has dubbed "GovtOS," that would allow officials to crack into any securely locked iPhone.
Apple's concern is that the creation of a "GovtOS" would lead to dangerous security flaws on mobile devices, which could allow hackers to remotely control or extract information from a device. Of course, that's exactly the kind of exploits the FBI is also looking to stop with its warning to automakers this week.
Last month, a U.S. magistrate judge ordered Apple to comply with an FBI request to assist investigators in unlocking an iPhone 5c linked to last year's San Bernardino terrorist shooting. The government needs Apple engineers to create and sign a flawed operating system that would suppress the iPhone's passcode counter and passcode entry limited, allowing a brute-force attack to unlock the device.
Apple is resisting the court order, and will face off in court with the Department of Justice next Tuesday, one day after the company will hold a media presentation to announce a new 4-inch iPhone and 9.7-inch iPad.