• Sc chevron_right

    Sirius XM Software Vulnerability / Schneier · Thursday, 1 December - 15:10

This is new :

Newly revealed research shows that a number of major car brands, including Honda, Nissan, Infiniti, and Acura, were affected by a previously undisclosed security bug that would have allowed a savvy hacker to hijack vehicles and steal user data. According to researchers, the bug was in the car’s Sirius XM telematics infrastructure and would have allowed a hacker to remotely locate a vehicle, unlock and start it, flash the lights, honk the horn, pop the trunk, and access sensitive customer info like the owner’s name, phone number, address, and vehicle details.

Cars are just computers with four wheels and an engine. It’s no surprise that the software is vulnerable, and that everything is connected.

  • Sc chevron_right

    Digital License Plates / Schneier · Wednesday, 12 October - 19:52 · 1 minute

California just legalized digital license plates, which seems like a solution without a problem.

The Rplate can reportedly function in extreme temperatures, has some customization features, and is managed via Bluetooth using a smartphone app. Rplates are also equipped with an LTE antenna, which can be used to push updates, change the plate if the vehicle is reported stolen or lost, and notify vehicle owners if their car may have been stolen.

Perhaps most importantly to the average car owner, Reviver said Rplate owners can renew their registration online through the Reviver mobile app.

That’s it?

Right now, an Rplate for a personal vehicle (the battery version) runs to $19.95 a month for 48 months, which will total $975.60 if kept for the full term. If opting to pay a year at a time, the price is $215.40 a year for the same four-year period, totaling $861.60. Wired plates for commercial vehicles run $24.95 for 48 months, and $275.40 if paid yearly.

That’s a lot to pay for the luxury of not having to find an envelope and stamp.

Plus, the privacy risks:

Privacy risks are an obvious concern when thinking about strapping an always-connected digital device to a car, but the California law has taken steps that may address some of those concerns.

“The bill would generally prohibit an alternative device [i.e. digital plate] from being equipped with GPS or other vehicle location tracking capability,” California’s legislative digest said of the new law. Commercial fleets are exempt from the rule, unsurprisingly.

More important are the security risks. Do we think for a minute that your digital license plate is secure from denial-of-service attacks, or number swapping attacks, or whatever new attacks will be dreamt up? Seems like a piece of stamped metal is the most secure option.

  • Sc chevron_right

    Relay Attack against Teslas / Schneier · Thursday, 15 September - 15:28 · 1 minute

Nice work :

Radio relay attacks are technically complicated to execute, but conceptually easy to understand: attackers simply extend the range of your existing key using what is essentially a high-tech walkie-talkie. One thief stands near you while you’re in the grocery store, intercepting your key’s transmitted signal with a radio transceiver. Another stands near your car, with another transceiver, taking the signal from their friend and passing it on to the car. Since the car and the key can now talk, through the thieves’ range extenders, the car has no reason to suspect the key isn’t inside—and fires right up.

But Tesla’s credit card keys, like many digital keys stored in cell phones , don’t work via radio. Instead, they rely on a different protocol called Near Field Communication or NFC. Those keys had previously been seen as more secure, since their range is so limited and their handshakes with cars are more complex.

Now, researchers seem to have cracked the code . By reverse-engineering the communications between a Tesla Model Y and its credit card key, they were able to properly execute a range-extending relay attack against the crossover. While this specific use case focuses on Tesla, it’s a proof of concept—NFC handshakes can, and eventually will, be reverse-engineered.

  • Ar chevron_right

    Almost every Ferrari sold since 2005 is being recalled / ArsTechnica · Tuesday, 9 August, 2022 - 12:46

All these Ferraris have to be recalled because of a faulty brake fluid reservoir cap.

Enlarge / All these Ferraris have to be recalled because of a faulty brake fluid reservoir cap. (credit: Ferrari)

Spare a thought for Ferrari. Not its F1 team, repeatedly snatching defeat from the jaws of victory as rival Red Bull romps away with the championships, but the road car division, which is in the process of recalling nearly every car it has sold since 2005.

The problem is the cap of the brake fluid reservoir. It's designed to vent pressure if necessary, but evidently that design isn't so hot. Venting can fail to happen, causing a vacuum to build up, resulting in a possible leak of brake fluid. And if you don't have any brake fluid in your brake lines, you aren't going to be able to slow down or stop (without hitting something large and solid).

The fix is therefore pretty simple—a new brake fluid reservoir cap, and a software patch that lets a driver know if their brake fluid reservoir is running low. (Should this occur, Ferrari says pull over immediately and get the car towed.)

Read 2 remaining paragraphs | Comments

  • Sc chevron_right

    Security Vulnerabilities in Honda’s Keyless Entry System / Schneier · Tuesday, 12 July, 2022 - 12:23 · 1 minute

Honda vehicles from 2021 to 2022 are vulnerable to this attack :

On Thursday, a security researcher who goes by Kevin2600 published a technical report and videos on a vulnerability that he claims allows anyone armed with a simple hardware device to steal the code to unlock Honda vehicles. Kevin2600, who works for cybersecurity firm Star-V Lab, dubbed the attack RollingPWN.


In a phone call, Kevin2600 explained that the attack relies on a weakness that allows someone using a software defined radio— such as HackRF —to capture the code that the car owner uses to open the car, and then replay it so that the hacker can open the car as well. In some cases, he said, the attack can be performed from 30 meters (approximately 98 feet) away.

In the videos, Kevin2600 and his colleagues show how the attack works by unlocking different models of Honda cars with a device connected to a laptop.

The Honda models that Kevin2600 and his colleagues tested the attack on use a so-called rolling code mechanism , which means that­—in theory­—every time the car owner uses the keyfob, it sends a different code to open it. This should make it impossible to capture the code and use it again. But the researchers found that there is a flaw that allows them to roll back the codes and reuse old codes to open the car, Kevin2600 said.

  • Ar chevron_right

    California DMV gives Cruise and Waymo OK to charge for rides / ArsTechnica · Friday, 1 October, 2021 - 19:26

A Cruise robotaxi test vehicle in San Francisco.

Enlarge / A Cruise robotaxi test vehicle in San Francisco. (credit: Cruise)

The autonomous vehicle developers Cruise and Waymo both got a little closer to running true driverless robotaxi services in and around San Francisco. In May, both Waymo and Cruise applied to the California Department of Motor Vehicles for deployment permits (as opposed to the testing permits that have allowed non-commercial operations). On Thursday, the DMV issued autonomous deployment permits to both companies, which is a necessary step if the robotaxis are to charge passengers for their rides.

San Franciscans might have to be night owls to catch a Cruise; the DMV's authorization gives Cruise permission to operate on surface streets within a geofenced area of San Francisco between the hours of 10 pm and 6 am. Cruise's autonomous vehicles are allowed to operate in light rain and light fog, but they aren't allowed to exceed 30 mph (48 km/h).

Waymo is allowed to operate over a wider area; the DMV's authorization is "within parts of San Francisco and San Mateo counties." These robotaxis are also trusted to cope with light rain and light fog and are approved for speeds of up to 65 mph (105 km/h).

Read 2 remaining paragraphs | Comments

  • Ar chevron_right

    BMW explores recycling with the i Vision Circular concept / ArsTechnica · Monday, 6 September, 2021 - 09:45 · 1 minute

BMW provided flights to Munich and seven nights in hotels so we could attend IAA Mobility and then later this week drive its two new electric cars, the i4 and iX (which you'll be able to read about in the next few weeks). Ars does not accept paid editorial content.

MUNICH, GERMANY—The BMW i Vision Circular is not the company's new Neue Klasse . But the new concept, revealed this morning at IAA Mobility, explores idea which the company says will inform that electric vehicle, due in 2025.

Not so much in the way it looks, which is a shame since this compact one-box shape—described by a fellow journalist as a Cyber Twingo—is a refreshing break from oversized SUVs. Instead, it's the car's approach to sustainability that BMW is running with—"Circular" refers to the car's lifecycle, which aims to use entirely recycled materials resulting in a vehicle that is entirely recyclable too. Currently, BMW says that across its brands (which include Mini and Rolls-Royce), it's already at 30 percent recycled and reused materials.

"The BMW i Vision Circular illustrates our all-encompassing, meticulous way of thinking when it comes to sustainable mobility. It symbolises our ambition to be a pioneering force in the development of a circular economy," said BMW Chairman Oliver Zipse. "We lead the way for resource efficiency in production and we are seeking to extend this status to all stages of the vehicle life cycle. This is a question of economic sustainability too, as the current trend in commodity prices clearly shows the financial consequences in store for any industry that is reliant on finite resources."

Read 3 remaining paragraphs | Comments

  • Ar chevron_right

    Hyundai’s sharp-looking Ioniq 5 EV is Motional’s new robotaxi / ArsTechnica · Wednesday, 1 September, 2021 - 17:38 · 1 minute

In 2023, Motional will begin operating Hyundai Ioniq 5 robotaxis.

Enlarge / In 2023, Motional will begin operating Hyundai Ioniq 5 robotaxis. (credit: Motional)

In 2023, you'll be able to take Lyft rides in autonomous Hyundai Ioniq 5s with self-driving systems provided by Motional—as long as you live in the right city. This week, we got our first look at the sensor-bedazzled battery-electric vehicles, which add lidar, radar, and cameras to one of the best-looking new vehicles we've seen in some time .

Motional was created in 2020 by Hyundai Motor Group and automotive supplier Aptiv, which had been testing its level 4 autonomous vehicles in Las Vegas for years. When I rode in an autonomous Aptiv vehicle during CES in 2018 , it was with a safety driver behind the wheel. But in February of this year, Motional began fully driverless testing in Las Vegas. The company said it completed over 100,000 passenger rides without incident between beginning operations and removing the safety drivers.

Motional has worked with Hyundai to integrate the sensor suite and other hardware into the Ioniq 5, and Motional President and CEO Karl Iagnemma told TechCrunch that the robotaxis will roll off the line in South Korea, just like normal Ioniq 5s. "This is not a scenario where we’ll take a base vehicle, move it to a different line, take the components off, and then reintegrate or retrofit it," he said. The cars will still have steering wheels, and passengers will not be allowed to ride in that seat.

Read 1 remaining paragraphs | Comments