CarTalk.com Best of Deals Car Reviews Repair Shops Cars A-Z Radio Show

Motor Magazine responds

I did recieve a response from Editor John Lypen at Motor magazine in response to my request that he visit our Forum and explain his reports on the TPMS monitoring story, and the water pump running backwards on the new Chrysler 3.6.(I reported the engine was a 3.7).



The TPMS story appeared in full in Tire Business magazine, Industry Week magazine, PC World. Some of you naysayers as to just how hard it would be to do would be very suprised. You may want to try and pick the article up. One of the more important demontrated capabilities was the ability to recieve the TPMS signal from a distance of 40m from a passing vehicle using just a “basic low noise amplifier”. The cost of the equipment to spoof the TPMS signal $1500.00. There is quite a bit of analysis done about feasibility, and the creators of the study came to the conclusion that the TPMS system should follow "basic reliable software design practices’. Simply using practices already in place with other wireless data transmission applications will prevent all of this and this was the main point I got out of the story. The manufactures are starting out on the wrong foot with their implementation of wireless technology (my conclusion not theirs).



The water pump belt incorrect routing was quoted from Chryslers online FSM and will cause the car to overheat.



I think it speaks quite alot for Motor Magazine to respond to my email and provide me this extra info.

Where does the low noise amplifier go? If it’s on the tracking vehicle, then I wish them luck. If it’s on my car, then they still have to install crap on my car, so they might as well just install a tracker.

I never said that this is not technically feasible. It is. But it’s so impractical that the same results can be obtained by much cheaper and easier means. It is also technically feasible to power a car with a nuclear reactor, but you don’t see a whole lot of that going on, despite there having been a documented prototype of one.

You are missing the point so I will spell it out. The creators of the study did not want to point out that there will be a new number one way to track, spoof and do people harm , they simply wanted to inform that when manufactures include wireless technology in their vehicles (that can as demonstrated be used for other than intended applications) they should also use industry accepted standards in encrypting and designing the software, and they used this study to backup their recommendations.

No, I get the point. My point is that you do not need to bother securing that which will not be attacked. This is why I don’t have a moat and cannon emplacements around my house, even though it is FAR more likely that my house will be burglarized than it is that someone is going to try and hack my TPMS.

Since automobiles will see more of the "going wireless’ way of data transmission and since the TPMS is the first in car wireless network to be integrated into new cars we should look at implementing security precautions that are not at all intrusive and are considered basic security practices, right from the beginning. The study concluded that their analysis of faults within the TPMS system could be applied towards designing more secure in-car wireless networks. The fixes are not hard to implement and just might be good to have in place now and close the holes in the in-car wireless system now, before the technology becomes the standard way of doing things with other systems. It does concern me that cars can be spoofed even from the hacker that does it just for the thrill of doing it, and we have seen where that has led. Leaving a wireless network open to attack simply because you view that right now there is no good reason to close the holes is shortsighted.

I agree that things which will be attacked should be secured, but I disagree about the “going wireless” part. TPMS is wireless because it would be impractical and failure-prone to run a wire from the car to the inside of the tire. I don’t, for instance, see throttles or shift levers going wireless. The main wireless feature in the car will be and is the phone / mp3 player link, but that’s going to require the device makers to use a secured standard. The car makers will (must) just follow whatever the devices are using.