Ridiculous Crime. It's a production of iHeartRadio.
Zaren Burnette. We meet again, Elizabeth Dunton. How you doing good? So good to see you.
Interns told me you're going to be early, and I was like, well, I'm going to be late.
You're looking sharp today in your little stress mariner's shirt.
I'm like a French mariner over here.
I love it. It's cute. I'm gonna get you a can of sardine. Make your day quick question. Sure you know what's ridiculous?
I do.
So.
Hearkening back to when I was telling you about the Buddhist monks, I mentioned about Stevie Wonder going around at the Shaolin temple and it's like, oh, he must have been enjoying listening to the temple. If you ever heard the theory that Stevie Wonder actually can see, I have right, there's a lot of celebrities have talked about it.
Yeah.
So I have one here that I think is just absolutely not proof positive.
But there's some interesting video proof.
It's interesting. Yeah. So Elton John has this evidence that Stevie Wonder may be able to see. That I thought was very convincing because the two of them happened to be Colorado at the same time, and they, you know, kind of bumped into each other. That's not the evidence they were Basically they did a snowmobile tour. But I'll let out and John tell the story. Quote musicians passing through Denver or Boulder would drop by to visit. Stevie Wonder turned up one day and took out a snowmobile,
insisting on driving it himself. Now, to preempt your question, no, I have no idea how Stevie Wonder successfully piloted a snowmobile through the rocky mountains of Colorado without killing himself or indeed anyone else in the process. But he did.
And it's not like it's a Stevie's house, No, he just.
Like he doesn't know this track. He is not like, oh, I've got this worked out. He took. Yeah, he went out there and drove a snowmobile. Like, I don't think I could do that that well and not run the risk of bumping into something apparently flawless Stevie Rascal. So I'm just saying, is there's an interesting one can.
Be like you can be like technically blind.
Right, you know, I guess varying degrees of Yeah, there's.
Different levels of blind, so it might not be completely you know.
Yeah, so much like UFOs and UAPs. I'm keeping an open mind about Stevie wonder whether or not.
Wow, there you go, very ridiculous, right, that is ridiculous.
John always got the.
Tea, always always. Do you want to know what else is ridiculous?
Please?
Hacking a car? Bro This is Ridiculous Crime, A podcast about absurd and outrageous capers. Heis and cons It's always ninety nine percent murder free and one hundred percent ridiculous.
I know you done heard that.
I done heard it so many times. Hi, Elizabeth, Hey, my name is Werner Brandis my voice? Is my passport? Verify me?
Excuse me?
Do you know what that's from?
No, that's right, Zaren.
You're correct. It's one of my all time favorite movies. Sneakers. Oh Hi, my name is Werner Brandis my voice? Is my passport? Verify me?
Is it like a security check?
Yeah? So if you haven't seen have you seen Sneakers?
Yeah? But way back in the day, watch it again.
Because I love it so much. Yeah, it's like a voice cod werner brandeis He's like a He's a tech guy, uh an executive at this tech company, and so it's a voice recognition, and so they needed to make a recording of his voice to sneak in without him the protagonists in this film, and anyway, they so they record him, but they get like a honey trap. This woman has to go and like get him to say these words so they can piece it together on a blind date.
And so she's like, oh, you know what word, I love? Passport And he's like, passport. So when it gets played back, my voice is my passport. Anyway, I love that movie. It's the story of some former and like side gig hackers who do what's called penetration testing for tech security at companies. White hat hackers. They use their powers for good, although I believe they'd be gray hat hackers in some sense.
What's the distinction there?
A gray hat hacker is someone who engages in hacking activities without permission, but their intentions are not always malicious, and they may include reporting vulnerabilities you know, that they find in these targeted organizations or even like to the public.
So if they break into to the Department of Defense and then leave a note I found exactly and I can tell you how I did.
Precisely, and they can exploit vulnerabilities for like personal gain or demonstrate a point, you know, either way. In Sneakers, the team which is led by Robert Redford, they go up against Redford's old altruist college hacking buddy turned power hungry tech villain, and there's some great hack in along the way.
They hack it up, side it up. Oh, he's so good.
In that, Yeah, dan Ackroyd, that's right, hacking, hacking, so much hacking, River Phoenix Hacking. I was thinking about that movie, as I do sometimes when, and it got me thinking about white hat hackers, those who used to hack illegally for profit and or power, and then they go straight and they help the authorities bust back the Yeah. I like that idea. One of the most annoying characters on television,
Penelope on Criminal Minds, was a bad hacker. Yeah, and then she was recruited by the FBI to hack the world in pursuit of horrible violent criminals. And then they also needed her to like teeter around the office in clown costumes, Yeah, spouting out like stale slang while holding something from the Archie McFee cap her. Oh I can't. Like she's just running around with a rubber chicken pen with a feather puff at the end.
What a rubber chicken?
Doesn't that sound like something she'd hash.
That's some real clan behavior.
Yeah it is. Anyway, I was poking around with the hackers, basically hacking my way through Google's lousy search model, and I found something. I caught a case there. I caught a couple of cases. I think you're gonna like them. Please, I should warn you that, just like the last time I told you about hacking.
Crime, you got hacked.
No, I'm going to use a lot of technical language. Much of it is going to go over your pretty little head. Probably don't be intimidated, like some of us are just more tech savvy and smarter.
No, it's very to true.
So I'm going to use terms like hacking and mainframe and motherboard.
Are these terms like DJ's used like a motherboard? I'm on my motherboard?
The ones and two, database and network? Have you heard those before?
No? None of the all new to me keyboard keyboard? Oh like oh yeah, like with the with the piano correct correct USB drive?
Nope, Like I said, I don't want you to be intimidated. The truth is that I has but a tenuous grasp on all of those concepts and the items myself. So we're on this digital journey together.
You do know, I have a bunch of friends who are like hardcore, and then they talk to me about stuff and I'm like, I use yellow legal pads. I don't know what you're talking about.
No, I'm just like, you know, I'm like, why isn't everything opening? Oh, I'm not connected to the internet. Cars, I'm not talking about the Pixar movies there and back up, I was like, you're going to I'm talking about the things we drive down the street. Cars are full of micro chips totally. And wasn't that part of the supply chain issue during the early days of COVID, Remember there was like the chip shortage for new cars and that's like the cost of new cars.
And then cars they have all the screens.
Now they got like a forty inch television screen smack in the middle of the dash.
Video games.
Yeah, you can't text and drive. That's good, but you can have a small TV like in your lap drive.
You're making.
In some cars that'll remain nameless. It's on those screens. We have to do stuff like adjust the AC or like put on the turn signal.
I've heard about this, Yes, that's the wild one.
To screen.
You have to tell the car not to run over kids. Run over fewer kids, you know, like we don't. We don't have buttons anymore. I love buttons there, I like.
I even like knobs.
The best car I ever owned was in nineteen eighty nine Ford Bronco. Yes, you're not a chip in sight.
No, I don't think so.
You could fix it with like a ball, peen hammer, a butter knife and some electrical tape. Could It was perfect. So now now I have this Subaru, right, I love it.
Yes, I've heard you talk about.
It has all sorts of not just chips and electronics, but like online stuff. Oh really, I can lock and unlock it with an app.
Do you use any of this? You know?
If I if I am already gone to bed and I can't remember if I lock the car. Sometimes I just.
Check lock it.
I could start it remotely if I wanted from an app. You can look on the app and see where it is. It's like, oh it's in my driveway still, But like if someone stole it, I can see where it was and turn off the engine on them.
That's kind of fine like that, and then did would they crash the car if you?
Yeah, Well, what do I care? I'm not in it?
Curious kind of like a good idea until you realize what you've readen No.
I think it just boo powers down, no help, Okay, I stole the wrong flashing lights come on and let's drive.
Other drivers know exactly.
It texts me when there's an.
Issue, used like a snarky tone.
I ran out of wiper fluid, and it kept reaching out to me via text like a democratic fundraiser, totally to let me know, like, hey, don't forget about me.
But is it like the duo lingo. It's kind of snarky, like have you forgotten that?
It's very sincere and I just text back, wow, needy, just keep going keyless entry peep peep. There was a time recently here in Oakland where ladies were getting carjacked, like up and down this very busy street near me, and it seems to have calmed down, but it was happening almost regularly for a while, like summer carjackings. Others like guys would just run up, break the passenger window and steal a purse on the seat.
Us like a spark plug break the window.
Yeah, and so for the carjacking. That's why I keep my keys in my pocket when I'm driving instead of like in my bag or like the cup holder, because if I have my keys on me and they forced me out, they aren't going to get very far because you has to be close to the car to run, Sarah, and you have to stay on the ball, keep your head on a swivel. I don't think Subaru foresters are like the hot Cardiff steal, but you never know.
So.
And that's another peril of the keiless entry fob is that people can buy devices that clone keys to use.
For stealing the RFD.
Yeah, they walk by houses at night with a thing and they can, you know, the hackens and they pick up a signal from the keyfob and then they can use that to start the car out.
They're buddy holding up like a wire and they're like trying to get I would have thought it was a.
Total urban legend, but I've seen home like break camera stuff of it, and it happened not a couple of times, not too far from me. So you know what I do. I put my keys in a Faraday box by the door.
I love it.
I probably overreacting, but whatever, it's a cute box.
I'm anyway, Yes, plants on it. You can override a garden seed box.
Yes, no, it's very it's tasteful. It's brown and leathery. There anyway. You can override the key with sentry. Other ways. One involves a USB stick how so, but not in the way you think, Zaren, I'm thinking nothing. It's physical hacking. I'm sure you've heard of the Kia challenge.
Oh yes, okay, yes, this was a hacking.
I know, I totally did. It's a viral trend on TikTok. In twenty twenty two is when it started. So people, okay, teens, They learned how to steal certain Kia.
And Hyundai vehicle using only a.
USB cable and it started as this form of car theft, but it quickly became a social media challenge, and like vehicle thefts just surged across the US.
They just joy ride these cars, they don't write.
So they targeted Kias and Hyundais made between twenty ten and twenty twenty one.
So that's a.
Pretty broad stretch. That's because they had traditional metal keys not pushed to start, and the cars also didn't have immobilizers, so those are like basic anti theft devices that keep the engine from starting without the correct key. And apparently the car alarm wouldn't go off if you broke the back window.
Oh okay to know.
Yeah, what all that means is that it was possible to get into the car without the alarm going off, remove the steering column cover, use a USB cable or anything shaped like it to turn the ignition switch, and then start the car and drive away.
Oh you didn't have to like drop it down and pull the wires out.
Oh no key. No hacking tools required. A group calling themselves the Kia Boys posted videos anytime you put boys in it, it's just you just took the wind out of yourself. You know what I mean?
Kia Boys.
Yeah, I guess that is, but like proud Boys, No, that's scary. They posted videos on TikTok and YouTube showing how to steal the cars, like tutorials youtubes like keep it Up Yeah Kia Boys tutorials. Other people copied them. They turned it into this challenge. Some filmed themselves stealing the cars and joy writing, and then they posted the videos online.
Not only did they take the evidence that they made it publicly avail.
Yes, we're talking about like, oh, don't write down your plans for these guys are like watch it in four.
Kas and they were in like the shasty mass you can't really see who they are.
Probably, so there was this huge spike in the thefts, like I said, Milwaukee, La, Saint Louis Mania, all of them, like some of these places that the car thefts increased by like more than one hundred percent, and like I said, big with the teens, a lot of the thieves were miners. Law enforcement and community leaders went into like overdrive trying
to respond to this. My neighbor a couple of doors up, had her Kia stolen three times, what yeah, three times, so the cops would recover it in like an industrial area uptown and she'd get the ignition repaired to how it was before and then we could stolen again.
So they weren't really wrecking the car enjoy right now.
No, They're just scooted it around running and got trashed. But for the most part they were just like pushing it to Yeah, so there was a fix that the dealership could do, but there were so many that the parts were on back order for ages. Oh wow, So then she got a club. But then one night some ding dong broke into the car and tried to break the club off with a rock. What. Yeah, he wasn't successful, but he did get away. A cop came told him
to freeze, drew his weapon. Yeah, and the guy hopped into another car and drove away around the cop.
What was the cop doing standing there.
With his weapon on it?
Like, why didn't pull a weapon fingers?
I think that the guy realized that the cop was he's flying solo. He didn't have a partner with them. The CoP's not going to open fire at two in the morning with the possibility of hitting the houses behind her in the air. I don't know. I watched the whole thing from my front window and it was pretty That was That's why I was telling you this part. It was a ridiculous crime. It was one of the
most ridiculous things I've ever seen. And yeah, he just swerved around and the cop put his hands down and was just like the physical representation of dejections, Like he just looked like now, he's got to go tell all his pals. Yeah, so wow. There were class action lawsuits filed against Hyundai and Kia. In twenty twenty three, the carmakers offered free software updates to add anti theft features
like the immobilizer a longer alarm sound. They also gave out steering wheel locks through police departments, so I guess you could go to the cops and be like, I need to club and they eventually settled the lawsuits for around two hundred million dollars. Still going on though earlier this year. In February of twenty twenty five, members of Texas's Laredo Police Department Auto Theft Task Force. They detained four boys ranging in age from thirteen to fifteen. There
was like the string of thefts. Two Kias and three Hundays were actually stolen, but there were eleven other cases where these fools tried to steal the cars and weren't successful. They didn't watch the video all.
The way through their junior high kids.
Most of the cars that they hit were already unlocked, which like, come on, I don't want a victim blame. But they had the steering columns broken, the ignition switch broken, off. All four of these boys were involved in all sixteen of the cases, both the five successful in the eleven. So I mean they caught counts like criminal attempt so that's a misdemeanor, but like engaging in organized criminal activity that's a felony left the state felonies, so they get you know, all of these adam Yeah.
Right.
Criminal conspiracy cases like this can be found all over the country, plus Australia and Canada, even the cool places like that. The Canada ones are interesting because Canadian law requires immobilizers in all new vehicles sold in Canada since two thousand and seven, so that means that the ones that were targeted were imported from the US.
How did they do I guess they just recognized.
Listen, let's pause for some ads. Brace yourself for savings. When we come back, we're going to boost some more rides, but this time was software, not hardware. Saren. I want to introduce you to two dudes, two hack attackers, two gray hat hackers who technically broke the law in an effort to work for the greater good. So the first guy is Charles Alfred Miller, Charlie Miller.
He got a handle a hacker handle, No, Charlie.
He's an American. He got a bachelor's in mass magna cum loud from Northeast Misery State just now Truman State University. Got a PhD in math from Notre Dame. He's basically and that was in two thousand and he got his PhD. He was like early on the learned to code train it seems like it. Yeah, So he started his professional career at the NSA and he worked as a cryptographer slash codebreaker there for five years.
That's got to be fun and challenging.
I guess, well, sometimes when I do my cryptogram puzzles, I wonder if the NSA is watching me through the camera on my iPhone, and then I wonder if they'll see how good I am at these puzzles. And then my phone will ring. It'll be them asking me to join the NSA team to be a hacker.
We put out the puzzles and we look for some of the best.
We'll tell me about insurance and benefits and is the position remote, and then they'll hang up on me because they're looking for true patriots who aren't focused on their own comfort.
Yeah, that's true.
I wonder about this sometimes, I.
Bet you do.
I do so.
Do you do these, by the way, on your phone? No?
I do them on paper. I can't have the government seeing how good I am at cryptograms.
They would draft you in automatically.
I need my privacy. When he was in the NSA, Miller conducted offensive computer security research. Offensive like on the offense, not like oh god, gross, yeah, but his specific operations confidential, of course, from my eyes only. He left the NSA and then he served as a lead analyst at Independent Security Evaluators.
Love those times, those companies and names like that, You're like, okay, what yeah?
And then he later he worked for like he worked for Twitter for while contributing to the information security team.
Like for like the NSA. Background. Who knows he's like my former age.
Listen to this. He's a four time winner of the pone to Own security competition. It's p wn numeral two.
O w N.
Do you know what I had to do?
You know what I had to do?
I went on Google. I hacked in to the Google mainframe and I typed in, how do you pronounce p wn? I was like, I want to say it right.
I appreciate your.
Thorough phone to own. Okay, that's known as hacking super Bowl. So for that, he hacked a MacBook Air in under two minutes. In two thousand and eight, he was the first to remotely exploit an iPhone and that's like break in hacking style, not like exploit it, like publish pictures of it that should be published via malicious SMS message in two thousand and.
Seven, so he sent a text message to the phone and then gave him.
Yeah, he was the first to hack an Android device on its launch day, and he exped He exploited the vulnerabilities there via web kit.
What that is?
Yeah, I know that they use often things like oh, we'll use your calendar or like this phone is like you don't think about right.
That's and that's basically what he does. So he has published the iOS Hackers Handbook, the Mac Hackers Handbook, Fuzzing for Software Security Testing and Quality Assurance. Like basically is there. This guy's a real pan.
He wrote the books on these things.
He literally wrote the books. Foreign Policy described him as quote one of the most technically proficient hackers on Earth.
Foreign Policy given him.
The Star Buddy.
Okay, so then we have Chris.
Thallasek Okay, so not like the pile.
It's Vallisek. That's another one.
He was born in eighty.
Two in Pennsylvania. He got a BS in computer science from University of Pittsburgh coding.
So another early com era guy.
Yeah. He built his reputation through research into Microsoft Windows. Heap exploitation.
Sure sounds such a simple term.
And I know you know what I'm talking about Windows. I got a window in my room. Heap exploitation. Hap.
There.
Think of a heap as a chunk of memory your computer uses to keep track of things a program creates while it's running. Okay, Like when a program goes like, hey man, I need more memory to store this new the heap. The heap gives it space. The heap is not alive. The heap cannot hurt you. The heap absorbs. The heap enjoys a good cheese steak. The heap vacations in Daytona beach. All right. So, heap exploitation is when a hacker takes advantage of mistakes in how memory is
managed in it. So they do that in order to corrupt data, crash program take control of a computer. Do you understand what I just said?
Some of it, like taking control of a computer.
Man, Do I understand what I just said? Absolutely not.
I had a friend who used to you be on your computer, and he would get on your computer from his computer like at his house, start moving the cursor around. Yeah. I was like, I hate this, I hate all of this.
I guys do that and it's like, what do I have open right now?
Exactly? And he was like, oh, I got in through this exploit. And I'm like, I swear to God, I'm gonna come over to your house and beat you up.
They're like, you're really good at spider solitary.
Can you hack my fists? How about that?
So Valasek he became an expert in both the exploitation of heaps and the protection of heaps. And remember, the heap cannot hurt you.
You know, I don't want to tear It.
Can hear your thoughts, and it knows your darkest intentions, but it cannot hurt you.
Saren, Okay, I have to trust the heap.
So this guy, he had a two thousand and nine Black Hat presentation titled Practical Windows XP two thousand and three Heap Exploitation, and then he did a paper in twenty ten on Windows low fragmentation heap, good stuff. I find myself going back to my well worn copies and just like reading them over and over.
There low frag heap. I love that.
Each time I read them, I discover something new.
I bet you do, a little, Colonel, you'd overlooked before.
Huh.
Basically, Vallisek is like a super hacker.
He sounds like sound chair right.
He shared Summer Con.
Huh.
This is one of the US's longest running hacker conferences, and he's been their chairman Emeritis since two thousand and three.
Do you think they have good music at the Summer Con? Oh?
You know it like hot jams. They hack into all the music mainframes and the motherboard, Sarah. When you look online for videos about him so you can get a sense of how to pronounce his name, you'll find yourself waist deep in Ted talks, like this guy is like sixty percent Ted talk. His body is six and in all the videos he doesn't introduce himself, I imagine because someone has already done it before.
The recording starts.
Right.
So I watched a lot of clips of him walking onto a stage like polite applause and one of those nude colored mics attached to his face, like lifts up a clicker to introduce the first slide of a PowerPoint.
And you're hoping he says his name, and he doesn't.
Yep, And I'm gonna tell you I noped out of those so fast. I just can't. I love myself too much to do that to myself.
Yeah, don't pone yourself like that.
I will give George Santos sixty bucks to entertain listeners, but I won't subject myself to ted talks, especially when they're not even six minutes, especially when they're about computers. So Valasek, He's on video a lot. He's a recognized speaker at all these INFOSEC conferences, Black at USA, def Con, def Comedy.
Jam, I'm just about ask Warp Tour.
He's also widely cited in media coverage for like all these pioneering contributions that he has to automotive cybersecurity research. Here's a quote. Quote please, when I secure cars, now, the first thing I look at is things that communicate with the outside world.
So he said, I just buy old cars so people can't do any of this stuff exactly. Pretty soon, I'm just gonna be riding around on a penny farthing wearing clothing.
So like cars, you say, Chris and Charlie they pioneered research together into vehicle cybersecurity. So they first demonstrated that they got physical access to both a Ford Escape and at Toyota Prius and were able to control their systems. So like, once they got in physically, they could get in through the can bus c an bus, which is the controller area network bus. Sure, but not like a real bus, like wheels on the bus go round and round.
Take the thing that like routes traffic for the computer.
Yeah, it's an internal communication network that lets all the systems talk to each other. Do you have any idea how long it took me to like condense it down into that sentence, because I would start reading things like I think I'm having a stroke.
Look on face gives me a hint.
Yeah, can bus, which then I'm just like, now I sound crazy.
Can bus, the bus, cannabus, canna bus.
By twenty fifteen automakers, they're just like putting more and more stuff with internet connectivity and like what they call infotainment systems. Oh yes, into the car. Yeah, they want to improve the user convenience, but then it also just opens it up to attack.
Plenty of exploits, so many.
Weak spots for the hackers and all the hackens.
It's like a smog was just Swiss cheese belly. It's just all these spots. You just one spot. Now he's got tough.
All the Pokey's Fiat Chrysler Automobiles, it was one of a bunch of manufacturers integrating you Connect, which was a proprietary infotainment system into the cars. It had like navigation, a Wi Fi hotspot, remote start, voice command capabilities. I think that's basically what I got down.
That's what sounds like.
Some models also had Sprint cellular connectivity that would allow remote access and updates.
So you like play from your phone whatever your yeah to actually connected with the OX.
Yeah. Super futuristic and great, but also making the car super vulnerable. It's not properly secured totally. So Miller and vallisec right. Yeah.
I had a quick question, do they make essentially like a Faraday skin for a car? They got into that level.
That's a really good idea. Guy's got a lead line carduse, you know, like when they do the ad wraps on the car. But it's just like with like a with a guy making a mean face, like don't you dare waving his face, buddy.
The graph the crime dog on the hood of your car.
So our guys. They made it their goal to find a remote attack vector that wouldn't require physical access to the vehicle like they need to before. So over the course of twenty fourteen and twenty fifteen, they set the sites on Fiat Chrysler's U Connect system, particularly the twenty fourteen Jeep Cherokee. So they figured, like, okay, we can
get into you connect through that Sprint cellular connection. So they reverse engineered the firmware, discovered open ports on the vehicle's Internet facing IP address, and found a way to rewrite firmware on the infotainment chip like sarahen, I sound like I work for geek Squad.
I know you're over here. I'm like, can you fix my laptop?
Right? And like totally, I just step on it. Are done. Using a showdowan, which is a search engine for Internet connected devices, Sure whatever, buddy, they identified thousands of vehicles that could be exposed through their cellular modems and they found this chain of exploits they I mean, they could get into all these crazy things critical vehicle systems, and they were eventually able to bridge the gap between the infotainment system and the.
Can bus boom.
They got in, like I want in on that can. This means that once they were inside, they can send commands to like key vehicle functions like the gas, pedal, air conditioning, and radio. They could put fake images on a dashboard. They can control the windshield wipers, they could disable.
The brakes, disable the brakes.
The steering, misnipulate steering. And they set out to do a very dangerous and most likely illegal demonstration of this.
Yeah, I would imagine.
Zerin close your eyes. I want you to picture it. It's July of twenty fifteen. You are sitting in a twenty fourteen jeep Cherokee driving down the highway in Saint Louis.
There.
You are cruising along. It's seventy miles an hour. Then suddenly the air conditioner roars to life, blasting the car with arctic air. Haven't touched a thing. Immediately after that, the radio comes on. What had been a silent ride is now one with booming hip hop at top volume. The speakers in the back rumble. You turn the volume knob to silence the stereo system, but nothing happens. The song is still blaring the knob. She needs nothing. Suddenly,
the windshield wipers come on. You didn't touch those either. Wiper fluid sprays.
The windshield while you speed down the highway. You can't get them to stop.
Just then, an image appears on the car's digital display. It's a photo of two guys in matching tracksuits. You take a deep breath and try to stay calm. The radio cuts out. That's relief, but then so does the accelerator. The transmission is dead. You pump on the gas pedal, but nothing. The jeep quickly loses speed, moving slower and slower. You'd pull over onto the shoulder, but you can't because you just got to an overpass. There's no shoulder, and
you're starting to go uphill. The cars behind you slam on their brakes and lean on the lawrence is a swerve around you. You look in the rear view mirror and you see a semi truck approaching. The radio comes.
Alive again with more hip hop.
Please please please let me survive this.
You think you fubble for your phone and you make a call.
You aren't calling the highway patrol or the cops, or state troopers or even Triple A. You are calling Charlie Miller and Chris Vallasek. See you are Andy Greenberg, award winning journalist and writer for Wired magazine, and you've agreed to be their guinea pigs. They set out to prove just how easy it is to do bad with cars in this current system. You beg them to stop, to
give you back control of the car. You manage to roll the jeep to an exit ramp, turn the car off and then on again, basically rebooting it, and then you get to an empty lot where your experiment can continue.
Now, why did they get on the road. Why didn't he to go to like a Walmart parking lot to do this?
No, I got so nervous, and they told him before he got the like, don't whatever happens, don't panic. Now here's the thing, So Greenberg he gets the jeep to safety and they all continue their work. The guys were at Miller's house ten miles away, so they don't have eyes on him. From Greenberg's Wired article quote Miller and Vallisex full arsenal includes functions that at lower speeds fully kill the engine, abruptly engage the brakes, or disable them altogether.
The most disturbing maneuver came when they cut the jeep's brakes, leaving me frantically pumping the pedal as the two ton suv slid uncontrollably into a ditch. The researchers say they're working on perfecting their steering control. For now, they can only hijack the wheel when the jeep is in reverse. Their hack enables surveillance too. They can track a targeted jeep's GPS coordinates, measure its speed, and even drop pins
on a map to trace its route. Unbelievable, So, of course, the whole thing was done with Greenberg's consent, sure as a way to publicize the danger of you connect and get the Endo street to respond, let's take a break. When we get back from this ad venture, I'll tell you just how they responded.
Zarin, Oh, Elizabeth, we're back.
We're back in the twenty fourteen cheap.
I had to shake that one off.
I know that was a nightmare, as a total daymare.
I thought it was bad and if someone took over my computer but being in the car they're taking over and then like I gotta trust them. Oh yeah, I don't worry. I'll art it all back.
Very maximum overdrive. And I don't like it one bit.
And there's not enough of Meia the West of US in that for me I feel safe.
Yeah, there needs a whole lot more so. After that Wired article, Fiat Chrysler, they took swift action. July twenty fourth, twenty fifteen, they issued a voluntary safety recall for one point four million vehicles in the US in order to fix those software vulnerabilities. And so that was models from twenty thirteen to twenty fifteen that had eight point four
inch touchscreen. So twenty fourteen, twenty fifteen Jeep, Cherokee, twenty fifteen Dodge Challenger, which like, I don't want one of those self possessed rubbing down the road, twenty fifteen, Chrysler two hundred and others. Chrysler dodged Jeep and Ram lines. Fiat Chrysler sent out a USB drive by mail to affected owners with the patch like diy, I guess steal a Kia drive that around instead the owners They could also go to a dealership for installation if they weren't hackers,
you know. In addition, Sprint closed the open cellular ports that the hackers had used, which like, why didn't you do that originally?
Yeah? Did they cost a penny to do?
Now, the National Highway Traffic Safety Administration they opened an investigation and then they find Fiat Chrysler one hundred and five million dollars.
Why did they find them for just being.
A production They're flying too close to the sun, Like you thought you were so special, arrogance. Well, it wasn't just for the Jeep vulnerability, but there were like a series of recalls that were kind of mishandled leading up to me. So like, you guys are bungling everything one hundred and five million, but the Jeep incident was like yeah, yeah, so the hack that had lasting implications far beyond Fiat Chrysler.
Senators Edward Markey of Massachusetts and Richard Blumenthal of Connecticut they introduced the Security and Privacy in Your Car Act, the Spy.
Car Act right.
The bill would require cybersecurity standards for vehicles, isolation of critical software systems, real time hacking detection systems, and then transparency on how car companies collect and share driver data. It's a great bill.
Sounds like didn't pass, Oh my goodness.
Of course, not my feeling. I'm thinking the sticking point was the transparency on how car companies collect and share driver data, probably because that's like, you know, that's a commodity and.
They generally avoid that for either that's our data.
Yeah, the customer like spending and travel, and then also like how you connect to like insurance companies.
Yeah, that they didn't want like a trade secrets, like we're selling everything.
Was just like this driver like yeah, they speed all the time, increase their rates. Oh, they wouldn't know otherwise. I don't know, that's my guess.
I was thinking that they were already doing that. They're killing the insurance company for a price.
They already do. But I'm just saying like that was that's I think that, like this is something that car companies would kill because it's going to cost him money beyond just like changing the tech.
It's something valuable to them. Yeah, data that is.
That's just me guessing.
I'm speculating to the BUIL didn't.
Pass, but it like spurred all these discussions about automotive cybersecurity standards. In twenty sixteen, the Automotive Information Sharing an Analysis Center, they released their best practices for cybersecurity, and you know, most of the major manufacturers of automobiles they picked that up. The gpack made it super clear infotainment systems have to be segregated out from like the critical
vehicle control stuff. You can't have it all just riding us together, exactly, And so Miller and Vallisek they later got hired by Uber's Advanced Technology Center to work on their self driving car security, and then they both worked as principal autonomous vehicle security architects at Cruse Automation, which was GM's self driving cars. The latest and more visible victim of hackings is, of course Tesla.
Yeah.
Well, I should note that Tesla has a bug bounty program. So if you can hack them and then show them how, they'll give you cars or money or something. Of the cyber trucks. It doesn't they can't sell you know, here have one, you have five? Yeah, and I'm just like, I hacked you guys. They're like, you no need to have proof. Take a cyber's your problem now. Some of
that bacon from the diner. The whole thing, though, the Tesla is like one big computer and the cars are all about like connectivity and such and like you know, things like watching YouTube while you pretend to drive while autopilot's on and you're facetiming your buddy.
Sure important thing, yeah exactly.
In twenty sixteen, researchers from Keen Security Lab they found multiple vulnerabilities in the Tesla model S that allowed remote control of the car from up to twelve miles away via the Wi Fi or cellular connection. So that's okay, one year after this jeep thing, you know, someone's on
like an Atari sixty four driving your Tesla around. So they found vulnerabilities in the infotainment system once again that darned can bus access to the browser autopilot braking functions, so they were able to like open the sun roof, move the seats, control side mirrors, turn on the turn signal, and then like slam on the brakes remotely while the car was.
In so still operating like the car itself, not just the.
Features, yeah, but then like oh and the break ps the brakes. Tesla saw this and then pushed an over the air software update within ten days of the disclosure, and then they also improved isolation between the systems like we you know, infotatement and critical components.
Separated firewall that stuff.
Yes, talk, I love that, that's firewall.
That's good, thank you.
I just learned that one myself. In twenty twenty, fluoro Acetate struck.
That's a hacker.
It's a well known security research team. So they share a call sign Richard Zoo and amacamma. They were at pone to own once again Vancouver hacking. Remember, yeah, the super Bowl hack exactly, And that's where they exploited a vulnerability in the Tesla Model threes infotainment system using a JavaScript jit just in time jure in the WebKit engine.
We're back with webkits. The exploit allowed them to gain control of the system when the driver visited a specially crafted web page, so like if you're browsing around, you have to put the web page into the giant screen inside the car. And it gave them access to display messages. They could control infotainment features like I'm going to put on a different channel, interact with subsystems connected via the can, but they couldn't directly control the driving, so.
They can make you watch criminal minds against your will.
Hundred percent, and so that was like purely infotainment. They couldn't direct the actual car. But this was part of a challenge at the competition, not a rogue mission to embarrass Tesla. So Tesla awarded the hackers a Tesla Model three and forty thousand dollars in prize money.
So it was like a sponsored hackophone.
Sponsored hackaphone. And then they patched that.
Vulnerability quickly they should.
You know, be via a software update.
So this is like their version of beta testing, is like, hey, we're going to put the car out, then you find the flaws and we'll fix those exactly.
Yeah, it's sort of like self check out. Suddenly I work for the supermarket. Yeah, suddenly you work for Tesla. So like, hold on, do you have Bluetooth in your carp Yeah? See I do.
Yeah, I wasn't kidding about I buy older cars.
One time I let someone, someone who's a co host of a murder free true crime podcast, connect his bluetooth in my car. Yes, and now I know this fellow connected. If I'm near you and your phone, you connect to my car. So like you'll be in the parking lot at headquarters on a phone call. I'm parked near you. I go to start my car and suddenly your call is in.
My bluetoth You're talking to my mother.
And I've got someone saying hello, Hello, or I'm suddenly listening to the serious XM Radio Classics episode that you've got playing on the radio Classic.
Oh yeah, you like Jack Benny. I hope you do.
What I'm saying is that I think my car likes you better, which doesn't seem fair.
So your your phone doesn't connect to the bluetooth, it.
Gets kicked off by yours. Like you've basically hacked me. You're a hacker, now hack Yeah, anyway, This dude, Leonard Wooters is a security research at ku Leuvin University in Belgium. June twenty twenty two, he exploited vulnerabilities in Tesla's Bluetooth low energy keyless entry system. So we've gone through all these other ways in now we got Bluetooth. So he
had like what's called a relay attack. He could unlock and start a Tesla both model three and Model y by relaying signals from the owner's phone or key card. And he could do this even if it was inside a nearby building. Obviously not in a fair date box. So the bl systems there intercepted using cheap off the shelf hard where like the Oakland car thieves use. And it's basically the same thing. You get there, you pick up the signal, you clone it. So he's unlocking doors,
you start in the car driving away. Tesla, though, didn't consider it a flaw in its system, because the ble relay attacks are a known risk with passive entry systems. They're like, it's not just us all through the Oakland Hills. So he was like, this guy, this hacker recommended that people turn off passive entry or use in a Tesla pin to drive like a personal identification number, requiring a code to be able to drive.
I need like two factor authentication to get into my car.
Is such a hassle to get in the car. Nobody listened to this guy. Everyone's like, whatever, I.
Will leave websites if I have to get on my iPad. I'm like, Daily Beast, why are you making me go to my iPad?
No, big, nope, how about do.
I want to read this story to own? They're back the super Bowl of hacks.
They went after Tesla again in twenty twenty five. The Sinactive team, that's Thomas Imbert, Vincent Dehores, David Barrard. They targeted Tesla's vehicle control system Electronic controller VC secure. It's a critical module in the Tesla Model three that's responsible for security functions like immobilization, door locking and then handling data from the tire pressure monitoring system.
So they turned the security specialist into the vulnerability. Yes, interesting, And.
They did that at pone to Own Automotive twenty twenty five in Tokyo.
Twenty twenty five.
This is recent, this is earlier this year. So just like in the other cases, they used Bluetooth, they got into the can.
But got that can bus.
Get all on the bus. Maybe if they'd had some heap exploitation going on, we wouldn't be in this situation.
Yeah, that's what I'm thinking.
If you can access the ratchet router with the VPN card and so on, case closed. So now there was also a time that Tesla itself, not the cars, got ACKed. Two former Tesla employees who were unnamed in public filings. They leaked over one hundred gigabytes of internal data to a German media outlet, and that all came to light in August of twenty twenty three, but the breach had occurred earlier that year.
Did they use a car to hack Tesla?
They hacked Tesla with a Tesla?
Wow?
No, I don't know. Anyway, they got into the Tesla servers. They leaked autopilot system secrets. Oh, good for them, customer secrets, customer personally identifiable information. That's bad, employee records that's not good. And then some of the leaked documents allegedly detailed quote Tesla crash reports, I'm happier with that internal discussions on auto pilot related accident. No, the internal discussions about them. So they're like whatever, They could look like a loser anyway,
you know what I mean, Like I'm guessing. I don't know. So Tesla immediately took legal action. They four the ex employees to surrender devices and data, and they notified affected individuals of the breach. I mean, this isn't like a traditional software hack, but it exposed highly sensitive vehicle systems and customer data, major insider cybersecurity threat Sounds like it's like our cars are now rolling cybersecurity threats, Like we basically drive around in big computers.
Yours are. Yeah, I'm over here in a seventy eight catalyg I know.
It's You're so lucky. It's not just the physical actions of the car that's vulnerable. Like we have all this personal information. Look at me, I'm getting text messages.
Text with your car.
I think that's wild to me. Yeah, I think that's where the Democratic Party keeps getting my information to text mealy anytime anything happens. So cars they collect GPS, location history, call logs, contacts. You know, you can load your contacts from your phone into your car, so your car can call I guess voice recordings.
They can log your behavior and give.
It to insurance companies.
Wow.
The biggest thread of this, I think is having your information sold to marketers and corporations.
Sure, that too.
Ripe for criminal tinkering, of course, but it could go beyond street crime because think about it, like nation state actors could target infrastructure like fleet vehicles.
Oh yeah, I're also like the partner of somebody who works for the government, and then they can just be in the car talking on their phone making safe and all of a sudden, other cars.
Listening to Oh yeah, terrorists could hijack cars for sabotage. What I'm trying to say is that we need to go back to an agrarian society and all ride bikes.
I love that.
Make it stop, everyone on a bike. I don't want to do this anymore. That's what I'm trying to say. And with that, I'm going to go get into my car, listen to satellite radio, call my mom via bluetooth on the stereosystem unless you hijacket, and then I'm going to use my GPS to go do crimes in the woods. So just take the edge off, Zarin. What's your ridiculous takeaway?
You know, as I've complained about it often exact to deal with them. Both of my parents are Luddites, right. They neither one has an iPhone or any Android. They both have flip phones. They won't do email. My mother still has an Aol account, like you know, their total bloods with the fact that they have computers is like a major step and unfortunately I think they're right well kills me right. Yeah, she pays like whatever, fifty dollars a month to do like four things or whatever. I'm like,
what is wrong with you? What is your ridiculous take away? Elizabeth?
Where did this takeaway? Is that computers bad that I need them. We all do, so, Dave, can I please have a talk back?
Oh yeah, oh.
My god, I love get.
Hi Elizabeth Saron and producer d This is Ali from South Carolina. I have loved the show for years now and I just listened to the wig jacking episode and then about a day later, happy to come across an image of the painting a Sundae on lagrange jat or however you pronounce it. Who knows who cares? And as I'm sure you know, in the bottom corner of that painting, there is a little monkey on a leash and a
small dog staring out. And all I could think about from that little monkey and little dog is that they were scoping out the scene looking for their next heist because they'd had to move on from.
Their wig work.
So maybe they were on hat stealing or just there to cause general ruckus. I don't know, but I support them either way. Anyways, Love you guys, love your show. Thanks so much for all you do, and see you again next crime.
I love that.
This is this is what the power of good art right that tells you this story And I love this. I love your your so perceptive picking up all the little bits and bobs and the sool. That's it for today. You can find us online at ridiculous Crime dot com.
This just in.
The website won the Hollywood Foreign Press Hackproof Award. They have declared our website hackproof. Nice I know, good job team. We're also at Ridiculous Crime on both Blue Sky Instagram. We're on YouTube at Ridiculous Crime Pod. You can email us at ridiculous Crime at gmail dot com, leave a talkback on the iHeart app reach out. Ridiculous Crime is hosted by Elizabeth Dutton and Zaren Burnett, produced and edited by HackMaster Dave Cousten, starring Analys Rutger. This Judith research
is by aftermarket Penny Farthing Bluetooth installer Marissa Brown. The theme song is by hacking duo The Bongo Boys aka Thomas Lee and Travis Dutton. Post wardrobe is provided by Botany five hundred guest here and makeup by Sparkleshot and Mister Audrey. Executive producers are Exhausted Tesla Legal Team, Ben Bowen.
That's Old Brad, Ridicous Crime, Say it one more Timequeous Crime.
Ridiculous Crime is a production of iHeartRadio four more podcasts from my heart Radio. Visit the iHeartRadio app, Apple Podcasts, or wherever you listen to your favorite shows.