Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsTransport (cars, bikes and boats)Hackers Remotely Kill Jeep on the Highway
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 
benokobi
927 posts

Ultimate Geek
+1 received by user: 127

ID Verified

  #1351762 25-Jul-2015 22:55
Send private message

gzt: Jeep responds. Software update available:

http://www.forbes.com/sites/thomasbrewster/2015/07/21/jeep-vulnerability-fixed/

The researchers believe the issue affects any Chrysler Fiat with Uconnect manufactured late 2013 thru 2014 to early 2015.


How is the update actually delivered?



gzt

gzt
17344 posts

Uber Geek
+1 received by user: 6349

Lifetime subscriber

  #1351771 25-Jul-2015 23:59
Send private message

Benokobi: How is the update actually delivered?

Official recall issued today:

http://www.media.chrysler.com/newsrelease.do?id=16849&mid=

The firmware update will be provided to customers on USB stick.

gzt

gzt
17344 posts

Uber Geek
+1 received by user: 6349

Lifetime subscriber

  #1351778 26-Jul-2015 00:41
Send private message

BBC is reporting a UK security firm have demonstrated a hack via the entertainment system radio using a 'fake' commercial radio station.

http://www.bbc.com/news/technology-33622298



DeepBlueSky

547 posts

Ultimate Geek
+1 received by user: 65


  #1352470 27-Jul-2015 12:23
Send private message

gzt: BBC is reporting a UK security firm have demonstrated a hack via the entertainment system radio using a 'fake' commercial radio station.

http://www.bbc.com/news/technology-33622298


I read the article WOW that's a new and disturbing twist, heightens the need to get security sorted sooner than later. As we in NZ I don't believe use DAB we maybe safe that said are the tuners in new cars DAB enabled, if so the question would be could a fake station be setup that could compromise vehicles in bulk.  Could the DAB broadcast run silent with no music just data ?.

I know it could be seen as a tin foil hat kind of paranoia but we live in strange times, it would be good if a light is put on the possibilities here I think.

wasabi2k
2101 posts

Uber Geek
+1 received by user: 856


  #1352519 27-Jul-2015 13:15
Send private message

So in summary:

The Car entertainment system has full control over the car's computer and all systems and will execute tasks received from a DAB broadcast unathenticated.

Wow.

Why not just provide a publicly accessible web interface to engine systems on the internet for each car you sell?

richms
28343 posts

Uber Geek
+1 received by user: 9325

Trusted
Lifetime subscriber

  #1352642 27-Jul-2015 15:30
Send private message

The car radio is on at least one of the CAN busses so it can get stearing wheel controls, and sometimes more so it can also deal with seat occupancy and if the headlights are on for dimming, for the nav system in it to get speed and direction etc.

Once the radio is compromised, it can then have full access to those can busses and screw with devices on them. Most things on the bus will have modes to relay commands to other busses on them, that is how you can get to all the systems thru the OBDC2 port, which typically only connects to a couple of them. So yes, the general purpose PC in the entertainment system in those cars can get pretty much to anything in the car.




Richard rich.ms

gzt

gzt
17344 posts

Uber Geek
+1 received by user: 6349

Lifetime subscriber

#1352857 27-Jul-2015 19:59
Send private message

wasabi2k: Why not just provide a publicly accessible web interface to engine systems on the internet for each car you sell?

Have I got a deal for you!! uConnect!

http://www.driveuconnect.com/features/uconnect_access/

 
 
 
 

Trade NZ and US shares and funds with Sharesies (affiliate link).

JWR

JWR
821 posts

Ultimate Geek
+1 received by user: 272


  #1352871 27-Jul-2015 20:15

gzt:
Benokobi: How is the update actually delivered?

Official recall issued today:

http://www.media.chrysler.com/newsrelease.do?id=16849&mid=

The firmware update will be provided to customers on USB stick.


Thanks God for that. (and I don't mean God)

A totally secure medium.

Next hack.. days away?

Of course the real insecurity is the hardware design.

No amount of patching can fix that.

Batman
Mad Scientist
29827 posts

Uber Geek
+1 received by user: 6089

Trusted
Lifetime subscriber

  #1352915 27-Jul-2015 21:19
Send private message

one question. does huawei supply any of the parts?

JWR

JWR
821 posts

Ultimate Geek
+1 received by user: 272


  #1352949 27-Jul-2015 22:48

joker97: one question. does huawei supply any of the parts?


Why would that matter?

1 | 2 | 3 
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright