HackDig : Dig high-quality web security articles for hackers

Bug bounties and automotive firewalls: Dealing with the car hacker threat

As we have seen in the past couple of years, car hacking is becoming an ever-greater threat. Many of the systems in our vehicles—and the standards to which they were designed—predate the connected car era. And so computerized vehicle systems lack some of the basic kinds of security that we would otherwise expect as default given the ramifications of a hack.
Publish At:2016-07-14 15:25 | Read:5816 | Comments:0 | Tags:Cars Technica Risk Assessment car hacking

Tech firms want to save the auto industry—and the connected car—from itself

As we've noted before, Ars readers are extremely skeptical about the whole "connected car" thing. That's not because Ars is a technology site for luddites—the sad truth is that the car industry's approach to security lags far behind its desire to expose the inner thoughts of our cars to us via the cloud.Further ReadingFiat Chrysler recalls 1.4 million cars o
Publish At:2016-06-09 15:05 | Read:4624 | Comments:0 | Tags:Cars Technica Risk Assessment connected car

Nissan’s connected car app offline after shocking vulnerability revealed

Want another reason to be skeptical about the idea of connected cars? Here's one: when Nissan put together the companion app for its Leaf electric vehicle—the app will turn the climate control on or off—it decided not to bother requiring any kind of authentication. When a Leaf owner connects to their car via a smartphone, the only information that Nissan's A
Publish At:2016-02-25 11:45 | Read:3914 | Comments:0 | Tags:Cars Technica Risk Assessment NissanConnect Vulnerability

Opsec fail: Baltimore teen car thieves paired phones with Jeep UConnect

On November 22, 2015, a group of teenagers broke into the house of a Baltimore man, stealing his bicycle and finding a spare key to his Jeep Renegade. They then took off, stealing the Jeep and taking it for a multiday joyride before abandoning it with an empty gas tank and some minor damage.In Baltimore (as I can sadly say from personal experience), the stor
Publish At:2016-02-11 22:10 | Read:4825 | Comments:0 | Tags:Cars Technica Risk Assessment Technology Lab

US regulators grant DMCA exemption legalizing vehicle software tinkering

Every three years, the Librarian of Congress issues new rules on Digital Millennium Copyright Act exemptions. Acting Librarian David Mao, in an order (PDF) released Tuesday, authorized the public to tinker with software in vehicles for "good faith security research" and for "lawful modification."The decision comes in the wake of the Volkswagen scandal, in wh
Publish At:2015-10-28 00:25 | Read:3842 | Comments:0 | Tags:Cars Technica Law & Disorder Risk Assessment code DMCA dmca

Uber hires researchers who hacked Chrysler Uconnect

Less than a month after their command performances at the Black Hat and Def Con security conferences in Las Vegas, security researchers Charlie Miller (late of Twitter) and Chris Valasek (formerly of the security firm IOActive) have been poached by Uber—which ironically had security flaws in its own in-car technology exposed by University of California-S
Publish At:2015-08-29 10:15 | Read:3685 | Comments:0 | Tags:Cars Technica Risk Assessment auto hacking

Highway to hack: why we’re just at the beginning of the auto-hacking era

Imagine it’s 1995, and you’re about to put your company’s office on the Internet. Your security has been solid in the past—you’ve banned people from bringing floppies to work with games, you’ve installed virus scanners, and you run file server backups every night. So, you set up the Internet router and give everyone TCP/IP addresses. It’s not like you’re
Publish At:2015-08-23 13:30 | Read:5082 | Comments:0 | Tags:Cars Technica Features Risk Assessment

OwnStar Wi-Fi attack now grabs BMW, Mercedes, and Chrysler cars’ virtual keys

Remember OwnStar? Earlier this month, security researcher and NSA Playset contributor Samy Kamkar demonstrated a Wi-Fi based attack that allowed his device to intercept OnStar credentials from the RemoteLink mobile application—giving an attacker the ability to clone them and use them to track, unlock, and even remote start the vehicle. Kamkar discussed t
Publish At:2015-08-14 18:05 | Read:3712 | Comments:0 | Tags:Cars Technica Risk Assessment

Researchers reveal electronic car lock hack after 2-year injunction by Volkswagen

In 2012, researchers at Radboud University in the Netherlands discovered a security flaw in a common automotive security chip used in theft prevention by Volkswagen, Audi, Fiat, Honda, and Volvo vehicles. But after they disclosed their results to the auto manufacturers—a full nine months before they planned to publish them—the automakers sued to keep the
Publish At:2015-08-12 13:20 | Read:3860 | Comments:0 | Tags:Cars Technica Risk Assessment cryptography rfid

OwnStar: Researcher hijacks remote access to OnStar

Samy Kamkar, a Los Angeles-based security researcher and hardware hacker, has created a device called OwnStar that can find, unlock, and remote start General Motors cars equipped with OnStar. The hack, which is based on an exploit of OnStar's mobile software communications channel, exposes the credentials of a car's owner when it intercepts communications wi
Publish At:2015-07-31 04:25 | Read:4679 | Comments:0 | Tags:Cars Technica Risk Assessment

Fiat Chrysler recalls 1.4 million cars over remote hack vulnerability

In the wake of the demonstration of a vulnerability in the "connected car" software used in a large number of Chrysler and Dodge vehicles in the United States, Fiat Chrysler NV announced today that it was recalling approximately 1.4 million vehicles for emergency security patches.The company has already issued a patch on its website for drivers, and on T
Publish At:2015-07-24 14:15 | Read:2837 | Comments:0 | Tags:Cars Technica Risk Assessment Vulnerability

Fiat Chrysler “connected car” bug lets hackers take over Jeep remotely

A pair of computer security researchers based in St. Louis demonstrated weaknesses in an automobile system with cellular connectivity installed in as many as 471,000 vehicles in the US. Charlie Miller and Chris Valasek highlighted the vulnerability of the system by attacking a Jeep Cherokee equipped with the Uconnect system remotely while Wired's Andy Gr
Publish At:2015-07-21 16:00 | Read:4231 | Comments:0 | Tags:Cars Technica Risk Assessment

Airplanes grounded in Poland after hackers allegedly attack flight plan computer

Around 1400 passengers at Warsaw's Chopin (Okecie) airport in Poland were grounded on Sunday after hackers allegedly attacked the computer system used to issue flight plans to the airplanes. The source of the attack isn't yet known.The alleged hack targeted LOT, the state-owned flag-carrying Polish airline. Reuters is reporting that the attack took place
Publish At:2015-06-22 23:15 | Read:4000 | Comments:0 | Tags:Cars Technica Risk Assessment Technology Lab air travel hack

Senator: Car hacks that control steering or steal driver data way too easy

Recently manufactured cars expose drivers to hacking attacks that could cause collisions and steal sensitive personal information, according to a report released Monday by a US Senator.The majority of model-year 2014 cars offer network-connected features that provide driving directions, messaging, hands-free phone calls, safety monitoring, and entertainm
Publish At:2015-02-10 05:45 | Read:4003 | Comments:0 | Tags:Cars Technica Law & Disorder Risk Assessment Technology Lab

Tesla Model S hack reportedly controls locks, horn, headlights while in motion

Tesla Motors officials vowed to investigate reports that its Model S sedan is susceptible to hacks that can remotely control the car’s locks, horn, headlights, and skylight while the car is in motion, according to a published report. The hacks were carried out at the Syscan 360 security conference in Beijing, an article published by Bloomberg News reported.
Publish At:2014-08-11 21:16 | Read:4733 | Comments:0 | Tags:Cars Technica Risk Assessment Technology Lab security tesla

Tools

Tag Cloud