News: Brand new Jeep Cherokee wirelessly hacked.

Jelly_Belly said:
And thats why you buy a manual. Hackers take control of your accelerator? Pop it into neutral and slowly pull the E-brake.
Click to expand...
I imagine that they can disable the hydrolic pump that operates the clutch and you e-brake if your car has electronic e-brake like most recent cars

Sent from my Nexus 5 using Tapatalk
 
TheDamned said:
Je crois pas que c'est ça qui s'est passé.
Je crois vraiment qui ont abusé d'une faille dans uconnect pour faire un classic buffer overflow et ainsi acceder à l'espace mémoire réservé au data du CAN BUS, à partir de là y crisse ce qui veulent dans mémoire.
Click to expand...

c'est ce que les hackers ont dit avoir fait
 
En!vy said:
Are the vehicles being assigned static IPs by the carrier? Can't they just put the onus on the carrier and get them to not be retarded and employ a modicum of encryption?
Click to expand...

The Uconnect cars are on the Sprint network, which apparently is only accessible to Sprint devices. So the security researchers simply piggy backed onto the connection of a Sprint phone to access the network. They wrote a scanner that can identify Uconnect cars on the network. According to the info they disclosed at this point, they're not able to easily target a specific car yet. Static or dynamic IP address is irrelevant. Chrysler (and other car manufacturers) decided to connect their cars through a publicly accessible network. It's their responsibility to ensure their design is secure, not the carrier... Transport layer encryption isn't the issue here!
 
Porntricio said:
I imagine that they can disable the hydrolic pump that operates the clutch and you e-brake if your car has electronic e-brake like most recent cars

Sent from my Nexus 5 using Tapatalk
Click to expand...

GAAAAA I HATE NEW CARS!!!!!!!!! Like srs, who ever thought having all these electronics in a car was a good idea?
If ever this becomes a real issue, Im only buying cars with mechanical throttles. Mechanical everything > Electrical everything.
 
Jelly_Belly said:
GAAAAA I HATE NEW CARS!!!!!!!!! Like srs, who ever thought having all these electronics in a car was a good idea?
If ever this becomes a real issue, Im only buying cars with mechanical throttles. Mechanical everything > Electrical everything.
Click to expand...

It doesn't get any more real than this! Looking forward to their talk at Black Hats!
 
Jelly_Belly said:
GAAAAA I HATE NEW CARS!!!!!!!!! Like srs, who ever thought having all these electronics in a car was a good idea?
If ever this becomes a real issue, Im only buying cars with mechanical throttles. Mechanical everything > Electrical everything.
Click to expand...
Dude we are in 2015.

Its about time we get more electronics and Internet in our car.

When I was a kid I tough that cars would fly in 2000. We're still far from that.

I love cars and electronics. You can always disable almost anything anyway.

Sent from my SM-N900W8 using Tapatalk
 
TheDamned said:
Dude we are in 2015.

Its about time we get more electronics and Internet in our car.

When I was a kid I tough that cars would fly in 2000. We're still far from that.

I love cars and electronics. You can always disable almost anything anyway.

Sent from my SM-N900W8 using Tapatalk
Click to expand...


I MOSTLY agree with the damned comments. But what pisses me off talking about this stuff with friends that are engineers, is that the prority(ies) for (insert: car/computer/phone/internet of things ) companies is:

1. profit
2. ease of use
3. security.

The sad thing is they don't realize that by making security and user friendliness top prorities is path towards profit and avoiding bad press !.
For me the nightmare scenario is that some hacker idiot gets acess to the GM ONSTAR server farm, gets all the private encryption keys
to the satellites and sat kill/ disable 20 million vehicles all at once.
 
student13 said:
I MOSTLY agree with the damned comments. But what pisses me off talking about this stuff with friends that are engineers, is that the prority(ies) for (insert: car/computer/phone/internet of things ) companies is:

1. profit
2. ease of use
3. security.

The sad thing is they don't realize that by making security and user friendliness top prorities is path towards profit and avoiding bad press !.
For me the nightmare scenario is that some hacker idiot gets acess to the GM ONSTAR server farm, gets all the private encryption keys
to the satellites and sat kill/ disable 20 million vehicles all at once.
Click to expand...

well you can't blame the engineers. The engineers works with a time frame , budget and technologies available to them. If GM/Jeep gave the software engineers not enough time and limited budget , do you really think they have time to test the bugs ? Like how much is a jeep cherokee? Its not THAT much profit which means LIMITED ressources. GM coulnt wait to release their new cherokee as well. So... yea ...
 
You must log in or register to reply here.
Back
Top