There is a risk of automobile security. Nowadays cars have vast attack surface a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

slt2021 on Dec 28, 2022 | parent | context | favorite | on: Ask HN: Risk of unsafe software in automobiles?

There is a risk of automobile security. Nowadays cars have vast attack surface and uplink accesses directly into internal car's CAN/Ethernet bus: OBD-II port, bluetooth, GSM/5G, WiFI, NFC, access via OEM's web portal (these are big piles of unsecure code), via mobile app API, dealer network applications.

Plus OEMs have a vast parts and software supply chain that can be compromised.

I suspect that in couple years timeframe we can see massive incident, like ransomware, that will disable entire fleet of a single OEM globally. Like imagine all Mercedes around the world to just stop operating - these kind of incidents

uconnectlol on Dec 29, 2022 [–]

This is the correct take. Also just found yet another problem puiblished a few weeks ago: https://medium.com/@doctoreww/day-2-your-car-is-trackable-by...

This stuff falls completely within any infosec person's expectations. Privacy leaks are expected, as are interference from remote signals.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact