CAN bus

connected vehicles

Podcast – Smart Vehicle Security: A Report from the Lab

In-brief: In this Security Ledger podcast, Paul speaks with Sameer Dixit of Spirent Security Labs, a leading tester of connected (“smart”) vehicles. Truly secure, connected vehicles may be years away, he says. In the meantime, security flaws and poorly implemented features are a major issue, Dixit says, with many car companies still preferring bolt on security fixes over secure design. 

Car Infotainment Vulnerability Raises Supply Chain Concerns

In-brief: Researchers from George Mason University and New York University are warning that the software used to link smart phones to in-vehicle “infotainment” (IVI) systems could make cars vulnerable to remote attack. 

One in Five Vehicle Vulnerabilities are ‘Hair on Fire’ Critical

In-brief: One of every five software vulnerabilities discovered in vehicles in the last three years are rated “critical” and are unlikely to be resolved through after the fact security fixes, according to an analysis by the firm IOActive. 

CERT: Aftermarket Add-On Opens Cars To Life Threatening Hacks

In-brief: Carnegie Mellon CERT warned drivers that a popular aftermarket product for vehicles could leave them open to potentially “life threatening” wireless attacks. Update: added info on recommended remediation. PFR 4/8/2016

Podcast: Interview with Car Hacker Chris Valasek of IOActive

Podcast: Play in new window | Download (31.6MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIn-brief: Security Ledger Editor in Chief Paul Roberts speaks with Chris Valasek, the Director of Vehicle Research at IOActive about the work he and Charlie Miller did to develop wireless based attacks that control the braking, steering and acceleration of late model Chrysler vehicles.