Mechanics work on Prius at a newly completed Toyota's service center in Tajimi, central Japan, Monday, July 22, 2013. Toyota is opening a training facility for mechanics complete with a test course that simulates 13 driving conditions including cobblestones and bumpy roads as part of the automaker's efforts to avoid a repeat of its recall fiasco. (AP Photo/Yuri Kageyama)AP2013
Two well-known computer software hackers plan to publicly release this week a veritable how-to guide for driving two widely owned automobiles haywire.
According to Reuters, Charlie Miller and Chris Valasek will release the findings -- as well as related software -- at the Def Con hacking convention in Las Vegas, showing how to manipulate a Toyota Prius and Ford Escape.
The research, conducted with the aid of a grant from the U.S. government, can alternately force a Prius to brake at 80 mph, veer quickly and dramatically, or accelerate, all without the driver’s prompting.
The two hackers have also reportedly figured out a way to disable a Ford Escape’s brakes while the vehicle is traveling at “very low speeds,” no matter how hard the driver attempts to stop.
In both cases, the would-be hacker would have to be inside the car in order to tamper with its computer, according to Reuters.
“Imagine what would happen if you were near a crowd,” said Valasek, a software consultant who claims his – and Miller’s – research exposes weaknesses in automobile security systems so patches can be applied and criminals thwarted.
Miller and Valasek told Reuters they hope their 100-page white paper will encourage other hackers to uncover additional automobile security flaws before they can be potentially exposed by malicious parties.
“I trust the eyes of 100 security researchers more than the eyes that are in Ford and Toyota,” Miller, a Twitter security engineer, told Reuters.
A Toyota Motor Corp. spokesman said the company was reviewing Miller and Valasek’s work.
“It’s entirely possible to do,” John Hanson reportedly said of the potentials hacks. “Absolutely, we take it seriously.”
Meanwhile, Craig Daitch, a Ford Motor Corp. spokesman, added, “This particular attack was not performed remotely over the air, but as a highly aggressive direct physical manipulation of one vehicle over an elongated period of time, which would not be a risk to customers and any mass level.”