[nwmcsween]

Hey that's interesting, most of these devices IIRC work via the OBD port with an additional cutoff wiring. I haven't looked but I'm assuming the OBD port is somewhat restricted?

[quake]

Really depends on the vehicle. Some will have broadcast traffic that is easier to spoof, and ride on CAN addresses that aren't reserved for OBD. OBD quite often rides on the main CAN network, and without a gateway any ECU can be queried. The secondary CAN network (if the vehicle has one) is also on the OBD plug but on different pins.

[cdtwoaway]

Yip. And if you can query any ECU, and know what you are doing/have more information on the system, you can get higher level security access (and that information, is again, not THAT hard to find). This allows you to call functions that modify the parameters and probably restart it as well..

[quake]

Precisely. It's also interesting to see what you can do with vehicles where the broadcast traffic 'leaks' out the OBD port. A lot of makes use the same ECU across models for common parts.

[fenwick67]

It would be simple to have hardware that can only use the K-line (which is diagnostic only) or even only uses power from the OBD2 connector.

But you could also design your hardware to be able to write messages on the CAN bus and/or be able to take the bus down.

[cdtwoaway]

Literally: I have successfully sent CAN messages that were understandable to ECUs with an Arduino while waiting for a delivery of real hardware. There are Arduino-GSM shields that are super easy to use and would be remote-accessible.

Such a device would be dead easy to build even for someone who has almost no experience in electronics.

[gh02t]

You can also buy plenty of development boards with an ESP32 and a CAN transceiver. Small, fully programmable, with Wifi and BLE, for less than $50.