http://www.autoblog.com/2016/09/20/c...12-miles-away/
Is it just me or the fact that you can affect drive units via any kind of network connectivity is a design flaw?
http://www.autoblog.com/2016/09/20/c...12-miles-away/
Is it just me or the fact that you can affect drive units via any kind of network connectivity is a design flaw?
It was fixed in 10 days. But yes, the ability from the browser to traverse the network to drive functionality is an odd design choice.
Originally posted by SEANBANERJEE
I have gone above and beyond what I should rightfully have to do to protect my good name
Pretty much all public WIFI hotpots can be malicious or misused.The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot.
Still waiting for details, but I don't believe it's accurate that they have to be on the same network or physically near the car. It sounds like Tesla misunderstood the issue, and assumed that something done for the demo was a requirement to make the attack work, when it isn't.
Sounds like the injection is done via browser and compromise wifi hotspot (common since everybody is connecting to free wifi and login page without 2nd thoughts anyway). Once in, they install something to remote pwn the car over LTE/3G.Originally posted by googe
Still waiting for details, but I don't believe it's accurate that they have to be on the same network or physically near the car. It sounds like Tesla misunderstood the issue, and assumed that something done for the demo was a requirement to make the attack work, when it isn't.
Last edited by Xtrema; 09-21-2016 at 09:02 AM.
But there is no technical reason why it would have to come via a hotspot vs any random site sitting on the internet. You just have a few more options to force a visit if you're on the same network, but it's not strictly needed. The browser is totally unconcerned with that layer of the network stack. And the OS upon which the browser is running has access to the CAN bus, which is wide open once you can talk to it.Originally posted by Xtrema
Sounds like the injection is done via browser and compromise wifi hotspot (common since everybody is connecting to free wifi and login page without 2nd thoughts anyway). Once in, they install something to remote pwn the car over LTE/3G.
Also, I don't believe Tesla fixed it properly either. I think they just patched the browser bug. They didn't fix the fundamental bad design that a browser bug can allow one to pivot through the OS. This is a problem because there are always more browser bugs. Some people will find them and submit them to Tesla and get their name out there, others will find them and quietly sit on them.
One might think "oh as long as I don't open strange links in my car, I'll be fine." Not the case. First of all, we know from the recent leaks that it's the NSA and GCHQ's modus operandi to compromise routers around the internet and have those insert/redirect traffic to sites to identical copies of those sites with the malicious payload snuck in (LinkedIn was one of their favorites). If they can do it, so can less friendly nations. The other issue is forums and ad networks being compromised with exploit kits, so that users visiting a legit site get served the attack without their or the site owners knowledge. Imagine getting ransomware on your car! Tesla's advantage here is that they can push out upgrades fairly quickly, so the window might be so small as to not be worth it for attackers.
Compare to airplanes, which are in no way allowed to have the entertainment functions on the same physical network or circuit as the plane's controls. Planes are designed so that if some passenger compromises the OS in their seatback unit or runs loose on the wifi network, nothing they could possibly do can physically reach any input to the flight controls or safety systems. That's what Tesla needs to do.
Totally agree. So far if anyone should understand that it's Tesla. It's bad enough that FCA is screwing up with their U-Connect.Originally posted by googe
Compare to airplanes, which are in no way allowed to have the entertainment functions on the same physical network or circuit as the plane's controls. Planes are designed so that if some passenger compromises the OS in their seatback unit or runs loose on the wifi network, nothing they could possibly do can physically reach any input to the flight controls or safety systems. That's what Tesla needs to do.
I believe there was an airline hack where someone was able to go from the entertainment network as the plane's data or controls network. I'll have to look it up again.Originally posted by googe
Compare to airplanes, which are in no way allowed to have the entertainment functions on the same physical network or circuit as the plane's controls. Planes are designed so that if some passenger compromises the OS in their seatback unit or runs loose on the wifi network, nothing they could possibly do can physically reach any input to the flight controls or safety systems. That's what Tesla needs to do.
Realistically though, segregation is what ALL car makers need to do. It's insane how much control CAN has with all the automation coming into play. Of course with segregation comes functional limitations. How else can you remotely move your car in and out of the parking spot simply with your phone?
Originally posted by SEANBANERJEE
I have gone above and beyond what I should rightfully have to do to protect my good name
I think I posted that - that particular even was proven false apparently, however some questions still came up as to certain IFE systems in older aircraft are linked to through the same data bus.Originally posted by rage2
I believe there was an airline hack where someone was able to go from the entertainment network as the plane's data or controls network. I'll have to look it up again.
Canbus is designed to lock users out of the ability to make changes or repair their car.Originally posted by rage2
It's insane how much control CAN has with all the automation coming into play. Of course with segregation comes functional limitations. How else can you remotely move your car in and out of the parking spot simply with your phone?
There is no reason for Canbus to exist as there are plenty of durable, proper industrial communications protocols/systems that could be used in a car.
I especially like how (for instance) the electric power steering module has to have the proper VIN flashed to it for it to work when installed in a new car. F*&king ridiculous.
You don't need browser software for the functionality to work. The browser should be completely separate, thats the dumb part.
Well it's not just the browser, that's just the entry point. Tesla's designs have that screen controlling everything in the car from HVAC to drive settings, so you do need it to communicate somewhat with driving systems. It's just that the browser sits on the same screen.
Why the hell a car needs a web browser is beyond me though. The last used Tesla that I test drove, the guy had the browser open with a fireplace video playing.
Originally posted by SEANBANERJEE
I have gone above and beyond what I should rightfully have to do to protect my good name
Beyond on the Go.Originally posted by rage2
Why the hell a car needs a web browser is beyond me though.
That was never actually confirmed. It was a guy who said he could do it, in the wild and in practice it hasn't been demonstrated to be done yet.Originally posted by rage2
I believe there was an airline hack where someone was able to go from the entertainment network as the plane's data or controls network. I'll have to look it up again.
Realistically though, segregation is what ALL car makers need to do. It's insane how much control CAN has with all the automation coming into play. Of course with segregation comes functional limitations. How else can you remotely move your car in and out of the parking spot simply with your phone?
My BMW has a browser. What a waste of development dollars...
Originally posted by Thales of Miletus
If you think I have been trying to present myself as intellectually superior, then you truly are a dimwit.
Originally posted by Toma
fact.This quote is hidden because you are ignoring this member. Show Quote