Sign & Help to Improve Automotive Security

A group of security professionals have formed “The Cavalry“: dedicated to improving collaboration between the cyber security and automotive industries.

Because what if things like adaptive cruise control, electronic braking and stolen vehicle recovery technology could be used nefariously? What if all Toyotas in Canada were instructed to go left next Tuesday at 1pm? Like that.

Specifically, they’re proposing a Five Star Automotive Cyber Safety Program:

1 – Safety by Design
2 – Third-Party Collaboration
3 – Evidence Capture
4 – Security Updates
5 – Segmentation & Isolation

Why I signed: 

Sign it too, here.

Non-security nerds: I know this stuff can seem shadowy and strange, with a name like “The Cavalry” and a blank profile pic, but in this particular case it’s okay, I know one of the guys in real life; I signed with my real name, not Blog.



Access a Car’s Computer via the OBDII Port

OBDII port – On-board Diagnostics. The II is pronounced “two”.

Each of the 16 pins outputs something specific:

(photo via Wikipedia)

Found within 2 feet of all steering wheels, OBDII ports became mandatory in 1996.

That’s my ’99 VW Jetta.

When you read about car hacking and it says,
“requires physical access to the vehicle”,
that usually means through this port.

Connect an OBD II scanner to see what’s up.

It gives back readouts that look like this.

How to read the codes:

1st character – indicates which system is having the problem.

B = Body C = Chassis P = Powertrain U = Undefined

2nd digit – identifies if the code is generic, or specific to a manufacturer

0 = Generic
1 = Manufacturer specific

3rd digit – indicates which sub-system is having the problem

1 = Emission Management (Fuel or Air)
2 = Injector Circuit (Fuel or Air)
3 = Ignition or Misfire
4 = Emission Control
5 = Vehicle Speed & Idle Control
6 = Computer & Output Circuit
7 = Transmission
8 = Transmission
9 = SAE Reserved
0 = SAE Reserved

4th and 5th digits – variable, and indicate a particular problem

My Jetta output a _lot_ of codes.

Which is why it failed its E-test, so hard, and is no longer on the road.

Couple this OBDII port to the internet,
and a whole new vertical in the auto industry is starting.

ExampleMojio is a (Canadian!) company that is soon launching a cellular-&-GPS device that plugs into this port. It will provide real-time engine analytics, share your car’s location with your contacts, analyze your driving style, and much more, because apps can be written for the device.

I predict insurance companies will use these, “pay only for insurance when you’re actually driving on the road! Imagine the savings!”… like that.



It’s Far Tougher to Get Licensed in Germany

It’s like, over there they’re taught to drive, here we’re taught to pass a test.

Read it online at Autonet.

Favourite line:

There has to be something to Germany’s methods if its drivers are travelling at twice the speed, but with a lower accident rate.

I also like how it’s more expensive, because people tend to take things more seriously when they have to pony up big bucks.


All ‘Keri on Driving’ columns are here.



Canada’s Most Exclusive Porsche

So exclusive that a party was thrown in its honour (same place as the Macan launch, the Magna Golf Club.)

It’s a 2015 Pfaff 50th Anniversary Turbo S Exclusive Edition

560 hp
553 lbs-ft of torque
0 – 100 km/h in 3.1 seconds

Only 5 were built, by hand.

Why? Porsche and Pfaff Automotive have been in partnership for 50 years now, and to celebrate they produced this car. It’s Canada’s first Exclusive edition, the interior is a nod to our country’s colours, and the hood’s red pin stripe is a nod to Pfaff.

New blog header.

The sun goes down so quickly these days eh, had to switch to an HDR filter to better show you the garden party covered in 911s.

I’d track this colour, but never buy it.

Congratulations on 50 years to you both!