Table of Contents
For Laurie, my wife and fellow author, without
whom there could be no book
INTRODUCTION
Why Gadgets Betray Us
In the seconds before the Pembroke-Swansea special came barreling down the railroad tracks to crush her car, Paula Ceely sensed something was wrong. Shortly after nightfall, the twenty-year-old college student had gotten out of her car in the pouring rain to open a gate blocking the road ahead. Ceely had used a borrowed TomTom mobile GPS unit to navigate the nearly 150 miles of rural road from Redditch, Worcestershire, in England, to her boyfriends parents house in Carmarthenshire, in Wales. It was her first visit. Judging by the illuminated GPS display on the dashboard gadget, Ceely was just a few miles shy of her final destination, and the road ahead should have been clear. When Ceely started opening what she thought was a farmers access gate, common in rural England, she did not realize there were railroad tracks underfoot until the train, blowing its whistle, slammed into the tiny Renault Clio behind her. I could feel the air just pass me, Ceely told the BBC shortly afterward, and then my car just did a 360 degree turn on the tracks and was knocked to the other side.
Ceely is not alone. In late 2006 and early 2007, a miniepidemic of mobile-GPS-related mishap stories was making headlines worldwide: A forty-three-year-old man in Bremen, Germany, turned left when instructed and drove his Audi right onto a tramway; another twenty-year-old woman in England followed her dashboard GPS and drove her Mercedes SL500 down a closed road outside the village of Sheepy Magna and into the swollen nearby river Sence,
Reading these accounts one might conclude that consumer-grade dashboard GPS systems are, collectively, at fault. Theyre not.
Something else was happening when these commercially available GPS-enabled gadgets started hitting the larger populationsomething more fundamental. Instead of lifting our heads, looking around, and thinking for ourselves, some of us no longer saw the world as human beings have for thousands of years and simply accepted whatever our gadgets showed us.
Our need to know where we are is primal, and mobile gadgets give us that means in a way never before possible in human history. For many of us, myself included, it is an understatement to say that people today cant live without their technology. Its addictive. But in order to reach the masses, technology vendors have taken shortcuts. Software wizards whisk us through otherwise complex configuration settings, interfaces today have fewer and fewer options for advanced settings, and consumer goods are produced to be magic boxes whose internal components dont involve the end user. Along the way, weve introduced some unintended consequences.
What if our dashboard GPS gadgets deliberately misled us? GPS gadgets in our cars dont just provide navigation; they also warn us of upcoming road closures or accidents. What if they lied?
In the spring of 2007, Andrea Barisani and Daniele Bianco showed a video at the 2007 CanSecWest security conference in Vancouver, British Columbia, in which Barisanis 2006 Honda Civic GPS displayed a text alert warning of a terrorist threat near his home in Trieste, Italy. This alert information doesnt come from satellites locked in geosynchronous orbit; rather, traffic alerts are sent locally via a ten-year-old radio protocol that satellite radio stations use to populate song names and details on dashboard entertainment screens. It didnt take long before someone figured out how to manipulate this protocol. The researchers experiment was performed with a very limited scope so as not to interfere with other vehicles on nearby roads. And not all of the project was quite so hair-raising or serious. For their first attempt at injecting rogue messages into consumer GPS gadgets, the two Italian researchers popped up innocuous notifications such as Bullfights Ahead.
Since roadside GPS alerts are not encrypted, anyone with the right equipment and knowledge of the signal used by the dashboard gadget could do this. The reverse is also true: Someone could block an emergency message in what is known as a denial-of-service attack. Thus, anyone with a low-power radio transmitter who knows the frequency used by a GPS unit can broadcast informationtrue or falseto passing travelers. While such ad hoc broadcasting is illegal in the United States, this is not the case in other countries.
Newer GPS gadgets use satellite-based alerts, which are much harder to spoof, although they also use unencrypted satellite signals. But older GPS units still relying on FM signals remain vulnerable to such an attack. Given that today we have a tendency to abdicate our common sense and simply trust these tiny wafers of silicon, if this book accomplishes only one goal, I hope it is that you will become much more skeptical about all the new gee-whiz gadgets coming our way.
1.
Not only can people send false information to our gadgets, they can also obtain personal data from us without our knowledge. The iPhone, for example, does not use GPS for its location services. Apple decided that tracing a phones Wi-Fi Internet connection to a physical location holds significant promise over GPS. Microsoft and Google have their own Wi-Fi location services. However, Wi-Fi is not necessarily superior to GPS for geolocation; its just more convenient.
In 2008, a team of researchers in Zurich, Switzerland, found ways in which the Apple Wi-Fi location network could be compromised. The iPad, iPhone, and iPod Touch gadgets query the nearest wireless access pointssay an Internet caf, a business, or a local residenceand transmit that information to a database, where it is correlated with a physical address (longitude and latitude). The Swiss researchers, however, fed this service incorrect information, telling the Apple service that the iPhone was in New York City when it was still in Zurich. But what if this vulnerability could be used with a more ominous intent?
Two years earlier, security researcher Terry Stenvold published similar findings in 2600, a popular and well-known hacker magazine. Here technology could be used surreptitiously to track, for example, an ex-girlfriends current location.
Already third parties can capture our location information and store it for an indefinite period. Have we considered the long-term consequences of this? How might a random trip to a seedy part of town look ten years later? What if it wasnt random? With enough data, what hidden patterns of obsessive behavior might emerge? Or, what if we could spoof our current location to make it appear that we are always at work when we are really not? Should we trust such location data? If this book accomplishes a second goal, I hope it will be to create an awareness of the various ways common gadgets can leak personal information.
2.
When Gadgets Betray Us, if you havent already guessed, is a book about breaking things and not necessarily putting them back together. It is about hardware hacking, a relatively new area of research and concern: how our cars are vulnerable to attack, how our mobile phone conversations can be intercepted, how our contactless credit cards, drivers licenses, and passports can all be copied at a distance. The addition of basic authentication and strong encryption to most hardware would significantly reduce the vulnerabilities described in this book; yet, hardware manufacturers have so far shown little interest in securing their gadgets. Only by being more aware of the risk can consumers choose wisely.
