Category Archives: Security

Instruction for hacking an electric car

Reading Time: 3 minutes
What Happens When Hackers Hijack Your Car ... While You're in It ·  TeskaLabs Blog

Our cars are getting smarter from generation to generation, however, unfortunately, this also applies to thieves who intend to steal them. Hackers have already found vulnerabilities in electric vehicles, and their attacks can have serious consequences. As electric vehicles become more sophisticated and connected to the Internet, it is expected that the risk of hacking and cyber attacks will only increase.

One of the main problems with electric vehicles is that they are equipped with numerous sensors and controllers connected to the Internet, which makes them vulnerable to cyber attacks. Hackers could potentially gain remote access to these systems and manipulate them in a way that could cause serious harm, such as disabling brakes or changing steering. In some cases, hackers could even take control of the entire car, putting the driver and passengers at risk.

Another problem is that hackers can attack charging stations for electric vehicles. These stations are also connected to the Internet and often use wireless connectivity to connect to electric vehicles. Hackers can potentially gain access to these systems and manipulate them.

Recently, a security expert discovered a way that allows two attackers to unlock, start and drive away a Tesla Model Y electric car in a matter of seconds.

Hackers specializing in hacking Tesla electric vehicles have identified a vulnerability that allows them to hack NFC relays. However, not everything is so simple: in order to hack the system, thieves need to work in pairs and get close to the NFC chip or smartphone. Josep Pi Rodriguez of the Seattle-based computer security firm IOActive found that attackers could use Tesla’s key technology called NFC (Near field Communication) to gain control of a vehicle, designed to give car owners the ability to access them by touching an NFC card to the middle rack. Rodriguez found that if one thief approaches a critically small distance to the driver when he gets out of the car, for example, to a store or bar, and the other is standing by the car, it will be possible to open the door and start the car.

  • Here’s how it works: a thief standing at the car uses a special device to convince the car to send a “call” to the driver’s NFC card, but then transmits this call via Wi-Fi or Bluetooth to a mobile phone belonging to a second thief, who is watching the driver at this time. The second thief keeps this phone near the driver’s pocket or bag where the NFC card is stored, and when this NFC card responds, its signal is transmitted to the thief standing by the car via a mobile phone.

Tesla previously required drivers using an NFC card (not a keychain) to unlock their cars to place the card between the front seats in order to turn on the transmission. But after a recent software update, this requirement has been lifted. Tesla also offers the option of using a PIN code, which means that car owners must enter a four-digit code before starting the car, however, a fairly small number of owners activate it. In the end, even if this additional protection prevents thieves from leaving by car, they will still be able to use the hacking method described above to open the doors and steal any valuables inside the cabin.

To solve these problems, automakers and cybersecurity experts are working to develop stricter security measures for electric vehicles. This includes the introduction of more advanced encryption technologies, the development of secure firmware and software, as well as regular updates and patching of systems to eliminate any vulnerabilities found.

Electric car owners can also take measures to protect their cars from cyber attacks. This includes regularly updating software and firmware, using strong passwords and two-factor authentication, and not using public Wi-Fi networks when accessing the Internet from their cars.

Thus, as electric vehicles become more popular and widely used, the risk of cyber attacks and hacking is expected to increase.

This is a serious problem that could have serious consequences for electric vehicle owners, automakers and the general public. It is important that automakers and cybersecurity experts work together to develop stricter security measures for electric vehicles, as well as educate owners on the steps they can take to protect their cars from cyber attacks.

Sources: https://www.aljazeera.com/amp/economy/2022/1/12/teenager-says-he-remotely-hacked-into-more-than-25-teslas

https://www.indiatimes.com/amp/technology/news/tesla-cars-may-be-unlocked-and-hacked-using-bluetooth-devices-researchers-find-569861.html

https://www.entrepreneur.com/business-news/this-hacker-exposed-a-new-way-to-steal-a-model-y-tesla/435323

Tagged , ,

Chinese surveillance systems

Reading Time: 2 minutes

China is known for their most sophisticated surveillance systems in the world. Government uses a combination of facial recognition, biometrics, AI in order to monitor all the citizens and control them. 

Face recognition software is already present in our lives, and is mainly used to unlock phones, authenticate users in mobile apps, or locate people in videos or photos. 

Chinese companies are the world leaders in exporting face recognition systems. They already have 201 export deals of these biometric systems. China is also a leader in exporting AI technology in general, with 250 AI deals. These solutions can be used for various purposes: security, surveillance, identity verification.

China has huge investments in AI and biometric technologies. The government is spending billions of dollars on AI research and development. It focuses on creating new, innovative face recognition software. 

The country’s advantage is also that it has a huge amount of data available for the analysis. With over 1.4 billion people, with vast access to the internet, and huge surveillance system, China has a great source to train and test their solutions. This allowed them to make very reliable face recognition algorithms, making them a leader in this field. 

Here you can watch how the system works:

With that big dominance comes also a number of challenges when trying to expand to other markets. There is a huge concern about privacy, ethics, and protection of using biometrics for control and surveillance. The government actively promotes the use of biometrics as it improves national security and public safety, but also provides more efficient services to citizens.

Chinese surveillance system is a powerful tool with potential to enhance public safety. However, we should be mindful about the potential risks of using such systems, and we have to make sure that  it is really used to protect human rights. Chinese government has to take steps to increase transparency of their solutions and ensure people that they use it responsibly.

Resources:

https://www.wired.com/story/china-is-the-worlds-biggest-face-recognition-dealer/

Artificial Intelligence to detect methane leakage

Reading Time: 3 minutes

Methane is a chemical compound with the molecular formula CH4. It is the primary component of a natural gas. It is also the simplest alkane possible. This colourless and odourless gas is combustible and has a very unusual boiling point, because it is only -162°C. You can find methane in many natural sources like termites, wetlands or marshes. It can also be found in human activities such as extracting fossil fuels and raising livestock. You can also call it a potent greenhouse gas which has a 28 times greater global warming potential than carbon dioxide. 

Methane leakage, can have a diversity of negative impacts on the environment as well as on human health. The impact of methane leaks on climate change is substantial as it is a potent greenhouse. When it leaks into the atmosphere, it traps heat and contributes to rising temperatures. This can cause many consequences, for instance, rising sea levels or extreme weather happening more often. Methane leakage can also pose a danger of explosions and fires considering the fact that methane is highly flammable. Accumulation of this gas in an enclosed space can easily lead to an explosion or fire which then can lead to property damage or injury to people. Therefore detecting and repairing methane leaks as soon as possible is crucial to minimising its devastating results. 

Detecting methane leaks has always been a challenging task. Methane is difficult to detect because it is odourless, colourless and tasteless. Thus, traditional methane leaks detecting methods rely on visual inspections and sniffer dogs, which can be pricey and time consuming. Nevertheless AI has been making a great progress in development lately and with the advancements in the technology there are some new methods for detecting methane leaks becoming available. 

GCI (Gas Cloud Imaging) systems are advanced tools for detecting and monitoring methane leakage in the oil and gas industry. They are able to detect and identify over 50 gases using infrared cameras. The cameras detect the leak and show it as a visual cloud, a contrast against the background. They take a picture and send an alert by text or email. The operator can then use the information and approve if the system detected a leak or made a mistake. All alarms and cameras footage ale saved and stored, so the scientists group can analyse it and establish the cause of the leak later. The biggest GCI’s benefit is that the system is able to detect leaks very quickly and it is surprisingly accurate in what it does. Those attributes significantly reduce the amount of the gas released into the atmosphere. Also the key benefit is that the system covers/scans very big areas in a short period of time, what makes the system even more efficient and effective. Additionally you those cameras could be used in multiple cases. They not only detect methane leaks but they also have fire and intrusion detection built in. 

In conclusion methane leaks can have intense impact on the environment and human health. It is vital that we take decisive steps towards reducing and minimising the amount of methane emitted by repairing its leaks as soon as we detect it. We need advanced tools to detect it in there first place and AI has a great potential in becoming a very important tool to help us do that. GCI systems can be an essential tool for monitoring and detecting methane leaks. Thanks to them, we’re given quick and reliable results that we’ll need in order to protect and help the environment, whilst reducing the impacts of greenhouse gas emissions. 

sources:

https://www.nationalgeographic.com/environment/article/methane

https://frontiergroup.org/resources/methane-gas-leaks/

https://www.detect-measure.com/images/documents/Honeywell-Rebellion–GCI-Brochure.pdf

Żabka Nano- the innovative future of convenience stores

Reading Time: 4 minutes

Many of you are definitely familiar with a Polish chain of convenience stores called “Żabka”. The owner, has opened up their first 7 stores in 1998, and has quite literally spread around the whole map of Poland (and even slightly outside of it! You can find a few “Žabka” stores in Chech Republic! as well) . It is easily one of the most popular stores in Poland today, and recently, in 2021 a brand-new concept of Żabka has been introduced- Żabka Nano.

Żabka Nano - Pierwsze zakupy gratis!

Żabka Nano is not only the most innovative store in Poland but also the largest autonomous chain store in Europe. The overall idea of autonomous stores already exists in Australia, Japan or South Korea (and probably somewhere in the US), but Poland’s Żabka still overtook all other potential European competitors.

Nano - Żabka Group

The main difference between the two stores (the original and the autonomous one) are the employees. More precisely, the lack of them. The idea of Żabka Nano is that it can be open 24/7 and accessed using a credit card or żappka- the stores app that allows you to collect points for your purchases. However, if you wish to enter with the app, you need to make sure you have funds in your account. Moving on, once you’ve put your credit card near the reader at the entrance of the store, the doors to Żabka Nano open. The easy accessibility to enter by card has been implemented by the Żabka’s collaboration with AiFi, in all of the Nano stores.

Żappka” – nowa aplikacja rabatowa sieci sklepów Żabka - mobiRANK.pl

It is a great way of saving your time since you don’t have to stand in a queue to buy your necessities. The store itself is usually a lot smaller than the normal Żabka stores (to no one’s surprise), mostly because it offers less goods than the basic stores. For instance, you will find yourself not being able to purchase alcohol or cigarettes, but you can buy 0% beer (what’s the point in that though). You will also find basic products, such as; water, snacks, juices and refreshments, ice cream and frozen food.

Pierwsza Żabka Nano już działa w akademiku

For the Żabka customers, you all probably know about the famous Żabka hot-dogs. In case that’s you and the nearest Żabka near you happens to be Nano, fear not. You can still get your hot-dogs. The store offers an interesting service for the hot-dog lovers, where you have a robot that grills and assembles the whole hot-dog right in front of you. Keep in mind though that it may not always succeed as it’s assembled by a robot and not a person, so it has its failures at times. The robot is called Robbie and its software has over 15000 lines of code. The order of your snack takes less than a minute (unless you’re indecisive) and the display next to the hot-dog stand shows you the ordering options where you choose the size, type of the sausage and the sauces you wish to have in your hot-dog. After that, you just wait and watch Robbie prepare your meal.

Żabka inwestuje w roboty w sklepach autonomicznych, w jednym z nich działa  robot przygotowujący hot dogi | Donald.pl

Onto the security stuff, how does the store know what you take, and how does it not charge you extra? The store doesn’t actually use any shelf-sensors. It does have cameras inside the store, just like all the other stores, but this time, they’re used for camera-vision technology provided by AiFi. To respect the customer’s privacy, customers are identified by the system without the use of biometrics or facial recognition. The cameras only track the movement of the client’s, while the product recognition is performed by AI computer vision. Using key point tracking technology, the system creates a stickman from each customer who enters the store, to which the system supports three sessions running simultaneously, each with a small number of participants.

All in all, Żabka Nano is a great innovation and it does help those who crave a snack anytime after 11PM- after all the normal Żabka stores close. It’s interesting to see how the technology improves everyday and how the world easily adapts to it. Do you think Żabka Nano is a good innovation? Or maybe a beginning to something bigger in the future?

Pierwsza Żabka Nano otwarta w Decathlonie

Is metaverse your next workplace?

Reading Time: 3 minutes

Since the Metaverse concept was announced to the public many small communities tried to develop their own “metaverses” and experiment with them, but they were only private versions. Engineers are still looking for the most suitable solutions to create a platform, which would be available for everyone, and safe to operate in. Many companies are currently working on developing different forms of metaverse using such technologies as virtual reality (VR) or augmented reality (AR). There are still many concerns and technical challenges that they need to overcome to fully present the final product to the public. The release date is not easy to predict, it could take years if not longer, but when it will take the form of a flawless platform that is safe to work in, it could have an enormous impact on jobs and the whole communication industry. It may even mean that some of us, would not have to perform our jobs in a traditional way, but in the virtual world. The same tasks or projects could be done virtually, using the skills and knowledge from the time before the release of the Metaverse.

Science Fiction or Reality: Taking offices into metaverse, HR News,  ETHRWorld
https://hr.economictimes.indiatimes.com/news/workplace-4-0/science-fiction-or-reality-taking-offices-into-metaverse/90530930?redirect=1

In the past few years, remote working became very popular, and more and more people was choosing to perform their job from home. The main reason for such decisions was the pandemic and the lockdown, which prohibited going outside and promoted staying at home lifestyle. The use of such platforms as Microsoft Teams, Zoom, and other communication channels significantly increased, and people were taught how to work and operate on those platforms. It could be called as some kind of demo version of metaverse workplace because it has similar features. However, it was designed to perform mostly office-related jobs or studying, but not other professions, which, as it is said, are going to be possible to perform in Metaverse.

What is interesting to highlight here, after the lockdown, when it was no longer forbidden to leave houses and work traditionally, some people found out that their work does not have to be done in their workplace or office and it could be done more conveniently from home with the use of technology. It is said it even became a trend when office workers decided to perform their work remotely from their homes and visit the office or workplace more rarely.

Remote working is one of the greatest innovations of 21 century and had a significant influence on the job market. The Metaverse concept would be a huge step forward when it comes to working. In Metaverse users are going to be connected to it differently than usual
way of working using a keyboard and screen.
“Not only will the internet likely no longer exist behind a screen, but it is probable that we will interact with it differently.
We’ll manipulate objects using augmented reality (AR), explore virtual-reality (VR) worlds, and meld the real and the digital in ways we can currently not imagine.” (Jane Wakefield, BBC, 2022)

Why The Future Of Work Could Take Place In The Metaverse
https://www.forbes.com/sites/forbestechcouncil/2022/09/08/why-the-future-of-work-could-take-place-in-the-metaverse/?sh=1138abda3bcf

In metaverse, a workplace or the office could differ from the real world one and take the most user-friendly and convenient form. “Why would we want an office in the metaverse that looks like our real office?” he says. “The whole point of creative spaces in new realities is to expand our experiences, not to simply replicate what we’ve already had in the real world.” (Herman Narula, BBC, 2022)
One of the main benefits of metaverse usage is that it can connect people, from different locations and time zones, in real-time meetings with built in environment to make it more convenient and actually experience it as if it was real. That solution has a great advantage over current remote meetings on Teams, Zoom etc. Such platforms have communication limitations and “researchers found that reduced mobility and lack of access to body language and other non-verbal cues are both major contributory factors.” (Workplace, Meta, 2022)

Meta states that metaverse is going to differ and eliminate all limitations of meetings.
“In the metaverse, all that can change. We’ll be able to create highly realistic 3D avatars – that is, virtual representations of ourselves – that mirror our body language as we speak, and we’ll enter VR and AR environments using those avatars.” (Workplace, Meta, 2022)

In my opinion, Metaverse would be a revolutionary technology, but it also will be very difficult to moderate and keep the virtual world safe. Feel free to share your opinions in the comment section. Thank you for reading.


References

https://www.bbc.com/news/business-64173594

https://www.workplace.com/blog/how-we-work-in-the-metaverse

https://www.workplace.com/future-of-work

https://chat.openai.com/chat

https://venturebeat.com/virtual/metaverse-heading-workplace/

https://news.stanford.edu/2021/02/23/four-causes-zoom-fatigue-solutions/

https://hr.economictimes.indiatimes.com/news/workplace-4-0/science-fiction-or-reality-taking-offices-into-metaverse/90530930?redirect=1

https://www.forbes.com/sites/forbestechcouncil/2022/09/08/why-the-future-of-work-could-take-place-in-the-metaverse/?sh=1138abda3bcf

DMA or how Apple can lose its power on a digital market

Reading Time: 2 minutes
EU Parliament's key committee adopts Digital Markets Act – EURACTIV.com

In 2023, European Union will be facing big changes. One of those is a new legislation proposed by European Commission back in 2020, which would change the flow of competition on the digital market. DMA or Digital Market Act was signed in late 2022 and is aimed to create fairer competition and containment of the possible domination on the market with tech giants.

This regulation is especially interesting when it comes to Apple Inc.

The company has been facing criticisms all the time through their existence. It was usually related to the gadgets itself, operating systems, as well as the criticism from app developers.

The last one, is the crucial when it comes to the discussion about DMA. App developers are dissatisfied with the fact that Apple controls everything when it comes to downloading apps and third-party softwares’. In addition, the company has set 30% fee for them, which gradually decreases and threatens revenues.

In terms of the implementation of DMA, it was the biggest change of the governing laws’ in more than 2 decades, and it creates a huge threat for Apple’s control of its closed and secure operating system (IOS).

The DMA not only requires opening up the possibility to download app from different external sources, but also to allow the developers to install third-party payment systems. Nowadays, if the app provides its customers with so-called IAP (in-app purchase), Apple takes 15-30% as the commission, and as it was said by chief execute of the company Tim Cook, such system does not suit in terms of DMA, however, coming up with a new idea would create a mess.

It is more interesting to consider what will Apple do, what they will have to create and/or change to fit the regulation.

The company is widely known as lawyers seekers, so it is expected that they will not only challenge DMA by trying to interpret what seeping laws entails, but also through direct confrontation between the European Commission and Apple over the implementation of the rules.

What else can Apple do?

Firstly, apps that provide banking or pick-up services, that currently does now pay any fees can be forced to do this, as well as the c0mpany can cut their inside fees to become even attractive to the developers. 

This move would lead big companies that left Apple Store, for instance, Spotify, to come back, not offering their current way of paying for the subscription via the website. As this can result to high traffic without any significant impact on the revenue.

This is going to be spectacular to see how companies will be changing aiming to fit in the new legislations, as those are considered to be huge changes not only for European Union as a whole, but also the companies that would like to compete even with such tech giants as Apple.

To read more about DMA: https://www.euronews.com/next/2022/11/02/eus-digital-markets-act-comes-into-force-what-is-it-and-what-does-it-mean-for-big-tech

Tagged , ,

How can a VPN hide you?

Reading Time: 2 minutes
https://i.iplsc.com/sieci-vpn-umozliwiaja-zdalnym-klientom-laczenie-sie-z-prywat/000AGCCWMXS9TFMV-C122-F4.jpg

A virtual private network (VPN) is a type of technology that allows you to create a secure connection over a less-secure network between your computer and the internet. When you use a VPN, all of your internet traffic is routed through an encrypted tunnel to a server controlled by the VPN provider. This makes it much more difficult for anyone on the same network as you, or for any external observers, to see what you are doing online or to track your online activity.

One of the main benefits of using a VPN is that it can help to protect your online privacy and anonymity. When you use a VPN, your internet traffic is encrypted, which means that it is scrambled and unreadable to anyone who might intercept it. This makes it much more difficult for anyone to track your online activity or to determine your location.

Additionally, when you use a VPN, your internet traffic is routed through the VPN server, which means that your IP address is hidden. Your IP address is a unique numerical label that is assigned to your device when you connect to the internet, and it can be used to identify your device and location. By hiding your IP address, a VPN helps to further protect your online privacy and anonymity but there have some country which is not allowed to use VPN because of national security such as China., North Korea, Belarus, Oman, Iraq, and Turkmenistan It can indicate a VPN ability to remain anonymous very well.

Overall, a VPN can help to hide you by encrypting your internet traffic, hiding your IP address, and routing your traffic through a secure server, making it much more difficult for anyone to track your online activity or determine your location.

Resource:

https://www.le-vpn.com/are-vpns-legal/

https://www.webhostingsecretrevealed.net/blog/security/are-vpns-legal/

https://www.kaspersky.com/resource-center/definitions/how-does-vpn-keep-me-safe-online

Why do you need a trusted device?

Reading Time: 2 minutes

To secure devices and the data they generate, store, and transmit from the chip all the way to data reaching the cloud, security must begin even before establishing the root of trust. By 2035, there are expected to be one trillion linked devices, yet security is still a major concern for many businesses and consumers that are considering IoT deployment. It is such a significant issue that some industry experts believe it could hinder IoT’s projected development and related economic benefits. According to study released by Bain & Company in October 2018, 45% of executives from surveyed organizations said that protecting IoT was their top concern.

A significant finding of the study was that customers would be ready to spend 22% more for secure devices and purchase 70% more of them. It also recognized device security as a critical component in protecting the data that these devices generate, store, and transfer. According to Bain, this would cause the market for IoT cybersecurity to increase from US$9 billion in 2018 to US$11 billion in 2020. In a September story regarding IoT security in The Economist, it was noted that Arm and Intel had taken steps to strengthen devices by incorporating security into their chips.

Clearly, the development of SIM technology, particularly the embedded SIM (eSIM) standard from the GSMA and the integrated SIM from Arm, will be crucial in assisting with the security of cellular IoT devices (iSIM). However, a poll of 650 executives revealed there is significant opposition to and a lack of awareness of them, as Vincent Korstanje, the vice president and general manager, Emerging Businesses at Arm, emphasized in August.

According to the poll, the three biggest barriers to major commercial eSIM deployments are resistance from established stakeholders (69% of respondents), the perception that eSIM deployment is difficult to deliver (40%), and worries about getting trapped into a contract (40%).

In addition, whereas 90% of respondents were familiar with eSIM, just 43% were familiar with iSIM technology. Mobile carriers, semiconductor and module producers, original equipment manufacturers (OEMs), IoT service providers, businesses, consultants, and SIM suppliers were among the responders.

The benefits of this strategy include increased security—partially due to the reduction of the attack surface to a single component—a lesser environmental impact and lower power requirements enabling cellular IoT device operation in off-grid settings at an affordable price.

Hackers who correctly predicted that the default usernames and passwords of the devices were unlikely to have been changed when they went into use and used them to carry out an organized attack on Dyn, the domain name server that maps browsers to websites, infected millions of IP surveillance cameras, printers, baby monitors, and other ostensibly innocent devices with the Mirai virus.
This is exactly why a trusted gadget produces trustworthy data.

Sources:

1)https://www.information-age.com/really-trust-trusted-devices-8664/

2)https://duo.com/blog/reducing-risk-to-the-enterprise-with-trusted-devices

3)https://patents.google.com/patent/JP4732508B2/en

Tagged

Fraudsters vs New Technologies

Reading Time: 2 minutes

Taiwan’s citizens and tourists are the main victims of calls and messages from fraudsters. The fact that Taiwan is a small island makes it better place as a base for fraudsters’ gangs and overall, as a rehearsal for organized crimes. What is more, Taiwan is the leading country in the field of technology and, especially, within the cybersecurity movements. This means that the scammers have better base for developing their skills and improving software and hardware they use.

The biggest increase of fraudsters’ work was noticed during the lockdown due to COVID-19 pandemic, when people where the most exposed to the stress and at the same time using their gadgets almost all the time. According to Whoscall’s report the growth of scam calls was with an alarming 488 precents. During 12 month period almost 14 million mobile phishing attacks were observed

Whocall is one of the most popular spam blocking apps, owned by Gogolook. It is used not only in Taiwan, but also across East Asia, moreover during their work with CIB’s (Taiwan Criminal Investigation Bureau) more than 52.3 million scam messages and 13.1 million scam calls were blocked in Taiwan alone.

Whoscall-The best caller ID App

Moreover, more than 1.6 billion of phone numbers were blocked by the artificial intelligence used in the Whocall systems.

As we can see that is the huge problem that can be spread not only through Asia, but all over the world, that is why it is important to stop fraudsters on such small ground comparing to the worldwide scale.

However, is it possible to completely win the war against fraud, especially such widely spread and massive one? The answer will not be positive or promising, it is – no. The more ways to fight against this are discovered by cyber police or companies like Gogolook, the more inventive fraudsters become. 

This is the battle that will be continuing for a long time until current technologies will modify to the level when it becomes possible to overtake the innovations of fraudsters.

To read more about the front-line battle between Taiwan and fraud: https://www.bbc.com/news/business-63075729

Tagged

Blinding Autonomous Vehicles with Lasers

Reading Time: 3 minutes
Source: Sara Rampazzi/University of Florida

Autonomous vehicles, a medium of transport that many believe will become the standard in the future. In recent years, the progress in the development of this type of technology has risen exponentially. Self-driving cars are already superior to humans in certain abilities that affect the safety of transportation. Primarily their faster reaction time. They also do not suffer from hindered focus due to tiredness, distractions or use of alcohol like we do.

However, autonomous vehicles are still inferior to human drivers when it comes to recognizing the situation on the road. There are three main sensor systems through which self-driving cars collect the information regarding the space around them: camera, radar, and LiDAR systems.

LiDAR stands for Light Detection and Ranging. It works by sending a laser light, capturing the reflected light from objects around it and then, calculating the distance to said objects thanks to the recorded time of flight of the laser light. Its widely believed to be crucial in making cars fully autonomous in the future.

Thanks to researchers from the University of Florida, the University of Michigan and the University of Electro-Communications in Japan this sensor can be improved through their discovery of an alarming error that can be maliciously caused by third parties.

Source: Sara Rampazzi/University of Florida

They were first to discover that a laser light aimed at a LiDAR system can imitate the systems own reflected LiDAR laser creating a blind spot in its virtual map of objects. The created blind spot can erase obstacles, crossing pedestrians or even other vehicles from its view. It is not hard to imagine how that could lead to tragic consequences on the road.

In their experiment they setup the third-party laser 4.5 meters from the theoretical road aimed at a stationary LiDAR sensor on top of a vehicle. A person walked in front of the vehicle providing data for the system. After analyzing the LiDARs map of objects data, they were able to find that the sensor had no problem with detecting the pedestrian at the start. But, as soon as he walked into the 8 ° range of the attack region he was immediately removed from the systems view. Upon leaving the range of the blind spot the sensor was again able to detect the pedestrian in its view.

The attack can be recreated by others without much difficulty with the tracking of the LiDAR system on top the car being the hardest part. The choice of a laser that can emulate the sensors reflected lights is not much trouble as LiDAR sensor producers publish their sensors technicalities publicly.

As troubling as this discovery may seem. I am personally grateful that this type of vulnerability has been exposed that early into the development of self-driving cars. Giving us plenty of time for improvement before they freely roam our streets. A future where movie villains could just aim a laser at a car approaching their target is not something that any of us would want to be a part of.


Bibliography:

Yuen, Desmond. “Can You React Faster than a Self-Driving Car on 5G Networks?” MEDIUM. Published January 30, 2021. https://medium.com/predict/making-roads-safer-with-self-driving-cars-and-5g-c1e28526362c

University of Florida. “Laser attack blinds autonomous vehicles, deleting pedestrians and confusing cars” TechXplore. Published October 31, 2022. https://techxplore.com/news/2022-10-laser-autonomous-vehicles-deleting-pedestrians.html

Cao, Yulong. Bhupathiraju, S. Hrushikesh. Naghavi, Pirouz. Sugawara, Takeshi. Mao, Z. Morley. Rampazzi, Sara. „You Can’t See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks.” arXiv. Last revised October 27, 2022. https://arxiv.org/abs/2210.09482

Synopsys. “LiDAR.” Synopsys. Accessed December 9, 2022. https://www.synopsys.com/glossary/what-is-lidar.html