The News Wheel
No Comments

Book Spotlight: ‘The Car Hacker’s Handbook’ by Craig Smith

Decrease Font Size Increase Font Size Text Size Print This Page

The Car Hacker's Handbook by Craig Smith book review cover

As vehicles continue to become increasingly integrated with internal computers, especially with the advent of connected and autonomous tech, on-board electronics are becoming more and more influential. Because of that, they’re becoming bigger and bigger targets for hackers looking to jeopardize the safety and security of cars.

Just last year, hackers were able to take control of a Jeep, wrestling steering and acceleration away from the driver and sending it into a ditch. Other automakers have had their issues, many of them stemming from the increased used of mobile phone apps to access a car’s basic functions. New threats pop up quickly, and security experts scramble to squash them.

As a precaution to guard against digital attacks and protect the security of your car’s system, security auditing expert Craig Smith of Theia Labs has written a book to help users identify and safeguard from potential threats. The Car Hacker’s Handbook offers information on IT infrastructure auditing along with common tricks users should know about.

The Car Hacker’s Handbook:
A Guide for the Penetration Tester 
by Craig Smith

car hackers handbook craig smith book coverProduct Details: Softcover, 304 pages, 7.0 x 9.2 inches
Price: $49.95 or $39.95 as eBook
Publication Date: March 2016
ISBN: 978-1-59327-703-1
Publisher: No Starch Press

Dangerous Security Threats: See how hackers took control of this Jeep

The Car Hacker's Handbook by Craig Smith book review synopsis

Product Information

Craig Smith’s A Car Hacker’s Handbook is a detailed computer security guide to inform tech-savvy users on how a vehicle’s communication network works and how it can be hacked. The book contains much of the information–plus much, much more–from the 2014 publication from the Open Garages research project. It covers a wide range of topics, from building threat models to reverse engineering to overriding factory settings.

The handbook contains 13 chapters sorted by system aspects and tasks:

Chapter 1: Understanding Threat Models
Chapter 2: Bus Protocols
Chapter 3: Vehicle Communication with SocketCAN
Chapter 4: Diagnostics and Logging
Chapter 5: Reverse Engineering the CAN Bus
Chapter 6: ECU Hacking
Chapter 7: Building and Using ECU Test Benches
Chapter 8: Attacking ECUs and Other Embedded Systems
Chapter 9: In-Vehicle Infotainment Systems
Chapter 10: Vehicle-to-Vehicle Communication
Chapter 11: Weaponizing CAN Findings
Chapter 12: Attacking Wireless Systems with SDR
Chapter 13: Performance Tuning

Appendix A: Tools of the Trade
Appendix B: Diagnostic Code Modes and PIDs
Appendix C: Creating Your Own Open Garage

The Car Hacker’s Handbook print version comes in a soft but durable cover with lay-flat binding that keeps the book from closing when you lay it down. It’s a solid book that will withstand wear and tear, whether in your garage or computer lab. Inside, the book contains detailed Table of Contents and Index pages, plus numerous headers and screenshots throughout the text that make identification easy.

The Car Hacker's Handbook by Craig Smith book review pages

Is Your Car Secure? This Corvette was hacked with a simple tracking device

Our Thoughts

When I first received The Car Hacker’s Handbook by Craig Smith in the mail, I’ll admit to being a bit leery. Is this the equivalent of having a copy of a bomb-making guide delivered to your house? The word “hacker” has such a negative connotation in our world today, with everyone worrying that there is someone lurking in the shadows of every website, waiting to steal your personal information. Even when I carried it home to look it over, I kept it hidden in its shipping envelope, as if to tell the world that I only have a book about hacking; I am not a hacker myself.

We might rush to label all hackers as bad, but you have to remember that many of the most famous car hackers turned in their research to manufacturers to make our cars safer. That’s why The Car Hacker’s Handbook was published.

The Car Hacker's Handbook by Craig Smith book review code

When you first look at The Car Hacker’s Handbook, the title will throw you off. After I cracked the cover, I began to see it less as a guide to malicious behavior and more as a way to teach drivers how to investigate their own cars to find security flaws. OEMs build what they know, which are cars. Complex computers and new levels of connectivity expose cars to threats they have never had to worry about before. Craig Smith’s guide allows the more tech-savvy among us to learn how these systems work and then use it to their advantage, modifying code for better performance. It also teaches them what to do to protect their cars.

I’ll admit to not being technical enough to run any of the codes and tests in this book, but my mechanical engineer brother understood it all when I let him take a look at it. So, this certainly isn’t a book for beginners, but instead is a detailed, valuable guide for those with code experience. If you are a serious car nut who regularly tinkers around, love problem-solving codes, or are concerned about security, pick up this guide and give the tricks inside a try. It could have a significant impact on your security in the long run.

The Car Hacker’s Handbook is available through the publisher’s website (get 30% off with the code CARHACKERS), as well as AmazonBarnes and Noble, Book Depository, Google Play, and other online retailers.

Product provided for review by publisher.

The News Wheel Product Review Submission banner