With Black Hat and DEFCON upon us, we revisit a 2015 interview with Chris Valasek about his wireless, software based hack of a Chrysler Jeep Cherokee.
CAN bus
Podcast – Smart Vehicle Security: A Report from the Lab
In-brief: In this Security Ledger podcast, Paul speaks with Sameer Dixit of Spirent Security Labs, a leading tester of connected (“smart”) vehicles. Truly secure, connected vehicles may be years away, he says. In the meantime, security flaws and poorly implemented features are a major issue, Dixit says, with many car companies still preferring bolt on security fixes over secure design.
Car Infotainment Vulnerability Raises Supply Chain Concerns
In-brief: Researchers from George Mason University and New York University are warning that the software used to link smart phones to in-vehicle “infotainment” (IVI) systems could make cars vulnerable to remote attack.
One in Five Vehicle Vulnerabilities are ‘Hair on Fire’ Critical
In-brief: One of every five software vulnerabilities discovered in vehicles in the last three years are rated “critical” and are unlikely to be resolved through after the fact security fixes, according to an analysis by the firm IOActive.
CERT: Aftermarket Add-On Opens Cars To Life Threatening Hacks
In-brief: Carnegie Mellon CERT warned drivers that a popular aftermarket product for vehicles could leave them open to potentially “life threatening” wireless attacks. Update: added info on recommended remediation. PFR 4/8/2016