/ Cory Doctorow / 5 am Mon, Mar 14 2016
  • Submit
  • About Us
  • Contact Us
  • Advertise here
  • Forums
  • The Car Hacker's Handbook: a Guide for Penetration Testers

    The Car Hacker's Handbook: a Guide for Penetration Testers

    The 2016 Car Hacker's Handbook expands on the hugely successful 2014 edition, in which the Open Garages movement boiled down all they'd learned running makerspaces for people interested in understanding, improving, penetration testing and security-hardening modern cars, which are computers encrusted in tons of metal that you strap your body into.


    No Starch Press has taken on the task of turning The Car Hacker's Handbook into a beautifully produced, professional book, in a new edition that builds on the original, vastly expanding the material while simultaneously improving the organization and updating it to encompass the otherwise-bewildering array of new developments in car automation and hacking.

    Author Craig Smith founded Open Garages and now has years of experience with community development of tools and practices for investigating how manufacturers are adding computers to cars, the mistakes they're making, and the opportunities they're creating.

    The Handbook is an excellent mix of general background on how to do threat-modelling, penetration testing, reverse engineering, etc, and highly specific code examples, model numbers, recipes and advice on how to put a car up on a bench, figure out how it works, figure out how to make it do cool things the manufacturer never intended, and figure out how to understand the risks you face from people doing the same thing without your best interests at heart.

    A lot of the advice is theoretical, but there are a bunch of highly practical projects, from improving and customizing your in-car satnav and entertainment system to tuning your engine performance. Smith includes sourcecode and model-numbers for hardware you can use to practice your car-hacking skills without bricking your car.

    The end of the book asks readers to contemplate the ways that attackers could abuse systems -- for example, cars can be fingerprinted by data from their (often always-on) tire-pressure sensors and persistently identified. Who needs Stingrays?

    An appendix directs the reader to resources for starting your own Open Garage chapter and building a community of practice for automotive tinkering and research.

    By turns funny, scary, and intriguing, the Car Hacker's Handbook is a practical guide for tinkerers and a fantastic overview for people who want to know what's going on when they strap themselves into a multi-ton, high-speed computer.

    The 2016 Car Hacker's Handbook [Craig Smith/No Starch Press]

    / / 8 COMMENTS

    / / / / / / / / / / / /

    Loading...