The probability of a journalist investigating a big story in the atmosphere of recent scandals is significant. The probability of having a car crash, even a weird one is also quite significant. I won't comment on the (alleged) history of DUI offenses of hastings.
But if you really want to go off the conspiracy deep end, here's my take: Hastings was driving a modern Mercedes. These come with everything like ABS, EPS, Servo steering, Electronic throttle control, automatic transmission and so forth. And as you might know, cars these days are basically computers on wheels intrepreting the users input to the devices output. So if you really wanted to "produce" a freak accident, like say, remote controlling the car into a palm tree. All you'd need to do was hack the onboard control computer, you probably wouldn't even need an RC receiver as you could probably reuse the builtin wifi/radio to input commands to the computer. So unless you perform forensic examination of the onboard computer (which is usually locked down with DRM so you aren't able to repair your own car anymore) there'd be zero evidence.
The computer doesn't control the steering and breaks are mechanical. There's no remote control.
Unless you sabotage the car, what you're saying is impossible. But if you sabotage the car, you don't need all the electronics. Just wear off the breaks or whatever else.
I think you're overestimating the importance of Mr. Hastings. Maybe you'd like to add some folklore or magic to what is a tragic, but trivial death.
Brakes in most modern cars are under computer control. They are in mine. I know that because I can disable that control if I want to drive more aggressively.
Before you say something's impossible, you might want to do some research.
Cars can be controlled via their onboard computers.
> I think you're overestimating the importance of Mr. Hastings.
Wikipedia:
"His Rolling Stone profile of General Stanley McChrystal, commander of NATO's International Security Assistance Force in the Afghanistan war, documented the widespread contempt of him and his staff for civilian officials in the US government and resulted in the general's resignation."
On the journalistic threat scale of 1-10 I'd say Hastings was an 11.
If you re-read my comment carefully, you will see I say it's probably easier to sabotage something else than try to do something overly technical.
I'm pretty certain the Class C hasn't got the features you are talking about and it's a legal requirement that any mechanical action overrides any kind of computer control.
The brakes control you are talking about is probably the emergency brake control that makes the car brake more if it detects you attempt to make an emergency stop.
It can also be an ABS that prevents the wheels from blocking should you break too hard.
I'm confident that the computer will NOT brake while you are driving unless you do an action. It will also not steer unless you ask it to. There are many safeguards to prevent that (otherwise your car will not be allowed to drive).
However, I admit that even if the car cannot be remote controlled by default, one can imagine that with today's technology it's possible to turn any car into a remote controlled one.
I nevertheless think it's overkill and there are probably much simpler and straightforward ways to provoke an accident.
Last but not least, I don't think reporting that a General is highly critical of the Whitehouse would make him an "enemy" of the government, quite the opposite.
Don't fantasize about what's going on, I realize reality is trivial and uninteresting but that's not a reason.
"maliciously bridging between
our car’s two internal subnets"
"we
demonstrate the ability to adversarially control a wide range
of automotive functions and completely ignore driver input"
"We also present composite
attacks that leverage individual weaknesses, including an attack
that embeds malicious code in a car’s telematics unit and
that will completely erase any evidence of its presence after a
crash."
I'm under the impression that computer controlled brakes, like power steering, default to mechanical control. So if the engine starts revving without his consent the driver should still be able to apply the brakes enough to disable or slow down the car.
I don't think that's always entirely true- look at the deaths that occurred with the Toyotas where the accelerator became stuck depressed, obviously shifting into neutral would have been a better choice, but they were clearly unable to provide adequate breaking to stop.
Like I said, it's improbable somebody would go trough the trouble. But that doesn't mean it'd be impossible.
Regarding oldskool sabotage, those aren't quite reliable to produce freak accidents. Too much chance and user behavior involved.
Regarding breaking: Anti-blocking systems can release the breaks all by themselves. They do this by computer input issued after evaluating the sensors for each wheel when they're working. If hacked, they could do this on pretty much any condition.
Regarding steering: assisted steering uses an acctuator to amplify your input. This can be circumvented to steer by itself. Self parking systems make use of this, there's no separate system to make the steering wheel turn for self parking, it reuses the mechanics of assisted steering to do the job.
Exactly, and consider if you had one wheel brake while the other did not for a short moment, it might be like grabbing the steering wheel and cranking the car right into a line of palm trees.
I don't think it is available on a c250 sedan like hastings was apparently driving, but Mercedes (and other manufacturers) have systems that do control steering that could conceivably be remotely hijacked. All of the self-parking systems leave the accelerator to the driver but let the computer handle the steering. Here is a review of 4 different manufacturers' self-parking systems:
I have a Mercedes that self-parks if enabled. It steers the wheel (so the computer can fully steer the car 1000%) but it doesn't apply brakes or the accelerator. Which are also capable of being fully-controlled by the computer. Mercedes has an option (Distronic) where the car can accelerate and brake to a full stop based on the road conditions ahead.
So basically, the on-board computer can fully steer, brake and accelerate/decelerate the vehicle.
I'm not sure about the C class, but there was a huge recall of E class w212 models over the ABS pump / braking system, basically the pump could fail catastrophically and render the car with NO brakes. If they haven't abandoned the silly/unsafe electric over hydraulic full authority control methodology for the braking system then you can't rule out remote controlled brakes.
Without regard to whether Hastings' car had the flawed ABS system (probably not). The very definition of an ABS system is that braking control is taken from the driver and given to a computer, so no the brakes are not immune to hacking, no matter how unlikely you think that scenario is.
I could go with it being an accident if it wasn't for the fire and the transmission so far away. That can only be explained by an explosion and while fuel is combustible a fuel tank won't catch fire, Mythbusters shut one with tracer bullets and it still didn't blow up.
That's a video of a car on the NJ Turnpike trying to blow through an EZ-Pass toll, and failing miserably.
Notice: the damn thing explodes in a fiery ball.
I guess you'll try and argue that the Toll Booths are designed to explode when cars run into them as a way to discourage such behavior.
Who would even begin to think that shooting a tracer bullet into a gas tank even remotely recreates any of what is going on during a high-speed car accident?
There is a massive difference between shooting tracers at a fuel tank and the tank being in a car crash. In the Mythbusters test, all of the bullets enter at roughly the same speed, roughly the same angle, have the same size, the same heat, and the environment is "clean"; the only objects that need to be considered are the bullets and the tank. In a car crash, the number of factors is massively increased. The fact that a fuel tank did not explode when it had tracer bullets fired at it does not imply that fuel tanks don't catch fire.
Here's the fatal (no pun intended) problem with that theory: the groups capable of carrying that out are also smart enough to not go with such an unreliable plan.
He was a reporter. Reporters are easy to lure to secretive meetings with anonymous strangers. You want to kill one? Shoot him at an anonymous meeting, using a non-traceable gun. Or better, use a gun that has been tied to organized crime. Simple and reliable.
Wait...what...? Did you just imply I'm a recognized authority on arranging reliable assassinations?
I've had people make some weird inferences about my skills before (judging from the mystifying endorsements people have given me on LinkedIn), but assassination planning is still at the "I'm interested, but waiting for Coursera to offer a course before I actually get into it" stage.
I'll write this from the viewpoint of those who want to kill him, as that makes for more straightforware writing.
Here's what we need to do to carry out this killing using the car plan. We need to hack the car to accept some kind of remote control. This will require hacking at least the steering, the engine, and the brakes. We need all three because to ensure killing. If he can control one of them, he has a good chance of making the accident non-fatal.
After we've got the car hacked and can remotely control it, we need to actually cause the accident. There are a couple of approaches here. One is to follow him around in our control vehicle into an opportunity arises. The other is to wait at some place that we know he is likely to go and that is a good place to make a fatal accident happen.
After we've cause an accident, our problem with him is not yet solved. We still have to worry that someone will decide his death was not an accident, examine the car, find that it was tampered with, and maybe tie that to us. Even if it only leads to people we hired and we were competent enough to leave nothing that links them to us, we lose those contractors for future work.
So, what can go wrong with this plan?
First, we've got to do the car hacking. Even if steering, engine, and braking are all "fly by wire" on his car, they are likely to be separate systems. We are going to have to rig all three of them for remote control. We'll probably need to install some hardware for the remote control.
Any suspicious contact with the target before killing him is risky, and right off the bat this plan involves complicated fucking around inside his car.
If we do get his car rigged, then we have to actually take over and cause the accident. The "follow him around hoping for an opportunity" approach is not good. He could go weeks where he only drives in high traffic areas, where we won't get an opportunity to get him up to a speed that ensures a high chance of fatality. The longer we follow him, the more chance we'll be spotted, or that he'll take his car in for service and someone will find our remote control rig.
Our chances are better if we know some place he regularly drives where conditions are better for an accident. Let's assume that is what actually happened--they were waiting for him at the place the "accident" actually happened, and consider how risky that was.
Accelerating up to high speed and nailing a tree seems pretty straightforward. However, it's not as easy is it seems. If you check the photos of the crash scene, on some it looks like the trees are tightly packed, so it would be easy to nail one. However, those photos are looking down the street and mae the trees look more densly packed then they actually are. Find a photo looking from the side, and you can see the trees are much farther apart.
If there is any noticeable lag in the remote control, it will actually be pretty hard to aim at a particular tree. Best you'll be able to do is veer toward the trees, and hope that when the car crosses the curb that doesn't turn it enough to send it between the trees.
Even if you do hit a tree, it will be hard to ensure it is a good solid fatal hit, as opposed to some kind of off center hit that doesn't stop the car but just sends it spinning.
But suppose we get lucky, and actually get a good fatal hit. We've arranged the accident in a place where it will be immediately noticied. We'll have civilians on the scene quickly--before the fire has died down enough to let us get in and make sure any evidence that we want destroyed was actually destroyed. Police and fire and ambulance services will arrive quickly.
This is a Wile E. Coyote plan.
In general, the more steps a plan has that must succeed for the plan to succeed, the lower the reliability of the plan.
Shooting him at an anonymous meeting has two steps that must succeed. (1) Call him from a burner phone with a fake anonymous whistleblower story and arrange a meeting. (2) Shoot him when he shows up for the meeting. This either works, or it fails at step 1 leaving nothing behind to tie it to us and nothing to raise suspicion.
I asked because it seems to me that the only way to know how reliable particular assassination means are is to have tried them out, with the full resources of a wealthy country's intelligence organization at one's disposal.
There are no doubt trade-offs with either approach. A car accident produces a strong explanatory narrative that can be used to squelch "conspiracy theories". Merely disappearing (as the persistence of POW/MIA organizations proves) provides no such benefit.
So, from a consequences perspective, a successful "apparent accident" hit is better than an obviously foul-play one, or even a disappearance.
The trade-off, as you have thoughtfully articulated, is one of practicalities. It's not particularly difficult to imagine that a wealthy espionage org would have developed reliable methods for making hits that look like accidents (for narrative squelching reasons). We know, now, from the declassified histories of these organizations how elaborate and sophisticated their techniques and tools can be. Might they have some "turn-key", field-refined method of taking remote control of a vehicle? If you were running such an organization, would you want such a capability? Given what we already know about the attack surface of vehicle control systems, if you had a large budget and a team of smart and motivated engineers, do you think you could develop this capability in a way that would work well enough for most modern cars?
In the Hastings case, even serious injury might have been an adequate outcome (perhaps this was an time-sensitive situation?).
I agree: certainly, for a one-off offing, the practicalities would be a major execution obstacle, making the scenario highly implausible. But killing people is one of the things these organizations do for a living -- the practicalities might well have been dealt with years ago. If they have done so (as they should if they're half-competent) then the highest expected value method changes considerably.
There is also a black box (electronic data recorder) on that Mercedes. If something manipulated the system, you'd assume the EDR would record it.
Not to mention it'd be a terrible place to try to kill someone, with cameras everywhere. And there's a ton of disinterested parties, from Mercedes, to the LAPD to voracious friends/fans to investigate the story.
Other commenter on the thread pointed to a paper demonstrating how pretty every car control function can be hacked and overriden. It can even be rigged to self-erase after crash. And I'm guessing, if you can do that, you can just rewrite the EDR on crash too with fake data and erase any trace of the hack.
The argument of "this would've been a bad place" is pretty much null, for two reasons. First, if you assume the car was hacked, there wasn't anything to film or observe for anybody in the vincinity other than a driver going fast and then crashing, doesn't get much more perfect than that. And secondly, there'd have been friends/fans/police to investigate no matter where the guy died. That place is as good as any.
But if you really want to go off the conspiracy deep end, here's my take: Hastings was driving a modern Mercedes. These come with everything like ABS, EPS, Servo steering, Electronic throttle control, automatic transmission and so forth. And as you might know, cars these days are basically computers on wheels intrepreting the users input to the devices output. So if you really wanted to "produce" a freak accident, like say, remote controlling the car into a palm tree. All you'd need to do was hack the onboard control computer, you probably wouldn't even need an RC receiver as you could probably reuse the builtin wifi/radio to input commands to the computer. So unless you perform forensic examination of the onboard computer (which is usually locked down with DRM so you aren't able to repair your own car anymore) there'd be zero evidence.