After hearing about this news I was really excited and worried about the technology. I knew that if they didn’t do it correctly there would be all sorts of issues. I was able to ask several interview type questions and post them here on my blog. I’ve included some links for more information at the bottom of the page.

What steps has Ford done to prevent drive by hackers to prevent further uploading of software on the road?

There are multiple measures in place to prevent any type of hacking:

1. Only Ford approved (signed through encryption) software can be installed at any point using this process.
2. This functionality is disabled once the vehicle leaves the factory.
3. A physical controller area network (CAN) connection or user initiated button press starts the process in the factory.  It cannot be initiated remotely and no WiFi connection is formed until the process is started locally.
4. Standard Wireless security mechanisms are in use (e.g. WPA2) even in the factory.
5. A network firewall is in place to prevent outside connections.

 

Here are the protections when the vehicle is out on the road:

1. There are two firewalls present on SYNC.
2. A network firewall similar to your home WiFi router that limits inbound network connection attempts from public networks.
3. A separate vehicle CPU that prevents unauthorized messages from being sent to other modules within the vehicle.
4. All software on SYNC requires a Ford digital signature to be installed

 

Specific controls around the WiFi "Hot Spot" Feature (where we share out a USB Broadband or other connection)

• WPA2 WiFi security mode
• a unique SSID
• secure passphrase of 10-15 characters
• Consumer can override and degrade these settings, but can never completely disable security.
• Uses the network firewall mentioned above to limit connections inbound

How does Ford install the SYNC software for the vehicles? Is it through PXE?

• We have a basic http download of signed installation components.  The components are very similar to what the consumer or dealer would install via USB today. We don’t use PXE.

If they used a technology like PXE to install software and Ford were to disable PXE before the car gets sold to the consumer, could a mechanic turn it on without a driver’s knowledge? If so, is there something a person could do to check to see if they susceptible to this kind of attack? If not, are there any plans to allow security conscious consumers to check for this kind of thing?

• See answer above. The ability to modify the car’s software  is disabled once it leaves the factory .  But, just as we have on the current generation of SYNC, we have the ability to add new features through USB download.

Are there any plans for making SYNC a SaS (Software as a Service) type model? For example, if SYNC gets updates would it be possible to upgrade to the newest version of the software to older vehicles because they have been paying the service fee?

• No. The software between SYNC generation 1 and generation 2 (MyFord Touch) are not compatible.

Does each car have a static IP address? Could this be ever traced by a rouge Ford employee. For example, if each car has a static IP address, could that IP address be tied to car/person and then tied to their personal information?

• No,

Any plans for SYNC to have a wirelessly capability to have an onboard internet connection or to use a tether cell phone to get a data line?

• Connectivity, MyFord Touch provides in-vehicle Internet access through wireless data providers, using broadband modem via the media hub, which turns the vehicle into a mobile hot spot for passengers while the vehicle is in motion.

If they used a technology like PXE to install software and Ford were to disable PXE before the car gets sold to the consumer, could a mechanic turn it on without a driver’s knowledge? If so, is there something a person could do to check to see if they susceptible to this kind of attack? If not, are there any plans to allow security conscious consumers to check for this kind of thing?

• The dealer does not have access to re-enter the factory provisioning mode once it has been exited.
• While in this factory mode, the normal 4-corners screen is not shown and a simplified GUI is shown (that makes it pretty obvious that it is in a special mode).

Does SYNC update itself? Is there any way of updating SYNC wirelessly after a person buys car to enable more features?

• No, SYNC does not update automatically. Yes, it is possible due to the factory-installed WiFi capability, but we’ve not implemented the infrastructure or process to do so yet.

Does SYNC ever “call home”?

• Today the Vehicle Health Report feature does call home, but only when requested by the user. ( In the US only- we don’t have this feature available in Canada)
• In general Ford is committed to protecting consumer privacy and generally would inform consumers if any data is transferred from Sync back to Ford.
• We also work to protect private information via the Master Reset feature which will purge all consumer-level data.

Are there any plans for making SYNC a SaS (Software as a Service) type model? For example, if SYNC gets updates would it be possible to upgrade to the newest version of the software to older vehicles because they have been paying the service fee?

• That is not currently supported, but we wouldn’t rule anything out on the consumer side.

I noticed the IP address on the screen in the car is blurred. While I am assuming Ford just doesn’t want people to know their internal IP address scheme, I was wondering if the IP addresses given to the cars are static or dynamic.

• The IP addresses are dynamically assigned (via DHCP within the plant).

What kind of steps has Ford taken to ensure a person’s identity remains their own? When I say identity, I mean personal information like home address, phone number, etc. SYNC has the ability to get information on the driver like cell phones for hands free calling.

• Ford takes security issues very seriously as we add and improve connectivity features. As customers expect to be connected, but secure, when home or in the office, there should be no difference when in the car. SYNC does not require access to personal information for functionality. There are several precautions that we take to protect information, as well as advise owners on several steps to take of their own. Please see the press release for more information:http://media.ford.com/article_display.cfm?article_id=32181

Any plans for SYNC to have a wirelessly capability to have an onboard internet connection or to use a tether cell phone to get a data line?

• Our strategy from the beginning with SYNC has been about “bringing your own device” and making it work seamlessly in the car, thus extending the capability of those devices when inside the car. With MyFord Touch, with the factory WiFi chip, you can create a mobile hotspot using an owner-supplied USB broadband modem, turning a single access point into a broadcast that up to 5 people can access. Tethering a phone is possible with MyFord Touch, but will be a future capability.

If so, the next most logical question to me would be is there any thoughts of being able to tie SYNC to say Microsoft Live services?

• It’s possible, but not in the plans currently.

Since Microsoft allows you to save files like MP3’s to the cloud, any word/thought on if we’ll be able stream MP3’s that way we don’t even then need to plug in an MP3 device in our cars?

• Sure, that’s another possibility. We already have Bluetooth streaming capability, so internet radio can be played in the car, such as Pandora

Well there you have it. As promised I am going to include some other really good info about relating to these subjects:

• WJS Article
• http://media.ford.com/article_display.cfm?article_id=31640