Gentlemen, Start Your Engines 20120419

•

1 like•345 views

Short overview of the current security status on the automotive telematics security arena. Presented at the ISACA Scandinavian Conference April 23-24th 2012

Technology

Gentlemen,
Start your engines
Mattias Jidhage

Omegapoint

- Founded in 2001
- 170 consultants
- e-Business & Security
Falun

New York

Stockholm

Göteborg

Kalmar

Helsingborg

Malmö

Telematics
“integrated use of telecommunications and informatics”

ECU
=
Electronic
C
BCM=Brake

ECU=Engine
ontrol

CCU=Convenience
ontrol

ACU=Airbag
CC ontrol
odule

CTM=Central
Ciming
Module

GEM=General
Electronic
M
SCM=Suspension
ontrol
U odule

TCM=Transmission
M Module

BCM=Body
CCTontrol
ontrol
odule

ECM=Engine
ontrol
CUodule
M
PCM=Powertrain
CC Mnit
MUnit

CCM=Central
ontrol
ontrol
nit odule

~100
Bosch,
Siemens,
Delphi..

Telematics

Potentially less than great security?

Eh, What's up Doc?
•  The Car
•  Transport
•  Server
•  Client

The Car - Research
•  Experimental Security Analysis of a
Modern Automobile
–  OBD-II
•  Comprehensive Experimental Analyses of
Automotive Attack Surfaces
–  CD
–  OBD-II (PassThru)
–  Bluetooth
–  GSM

The Car – Reality
•  War Texting: Identifying and Interacting
with Devices on the Telephone Network
–  Method for attacking telematics
•  In general: GSM Baseband + uC Chip
•  UART -> RE -> Firmware -> Vulnerability
–  How2 find targets?
•  FindMe
•  WhoIs

The Car – Reality

•  Put it to the test
–  Zoombak Tracking Device
•  Zoombak Scanner
•  Ask nicely via SMS
–  Subaru Outback 1998
•  after market telematics unit
•  unlock and start engine
•  http://youtu.be/bNDv00SGb6w

Transport - GSM
•  A5/1

•  SRLabs
–  CCC 2009, BlackHat 2010
–  Rainbow tables (100.000 years to 1 month)
–  Decode voice
•  100-300m upstream
•  5-35km downstream

Transport – GPRS/EDGE
No encryption
•  GEA/0
•  GEA/1
•  GEA/2
•  GEA/3
•  GEA/4 No users

•  SRLabs
–  CCC 2011, Crypto analysis (weak crypto)
–  Decode GPRS -> Wireshark

Server
•  Car interface
–  Proprietary protocol
•  ASN.1 – Touring complete
•  GPRS, EDGE, SMS and data over voice
–  “We use a Private APN”
•  Generic Routing Encapsulation
•  Node to Node communication
•  Operator web application
•  Smartphone interface: REST/JSON

Client - browser
•  Web application
–  no news
–  move on
–  there is nothing to see

–  DriveBy Trojan Download & Install
•  Starring Windows
•  Guest appearance by Mac OSX

Client – smart phone
•  Few real vulnerability tests performed
•  iOS
–  Continous Jailbreak
–  iOS 5.0.1 - iPhone 4GS and iPad2
–  iOS 5.1 – iPad3

•  Android
–  Rouge apps
–  Android Market - ‘Bouncer’

Conclusion
•  All components are possible targets
•  Very few has the complete picture
•  Activity in the security arena
•  This is going to get worse before it gets
better
–  2012 models CAN bus is unprotected
–  New tools arriving every day
–  Larger attack surface than ever
•  Use fast shoes

The Future
•  Telematics – M2M
–  “integrated use of telecommunications and
informatics”

Insulin pump Prescription
medication

The Future

ABB IRB 6640
Industrial robot

The Future
Three Gorges
Infrastructure - SCADA – Stuxnet

The Future
Home Metering Unit - SmartGrid
270 000 HMU using ZigBee

“Everything is a computer”

@mjidhage
mattias.jidhage@omegapoint.se

Thank You!

References
•  http://www.autosec.org/publications.html
•  http://www.isecpartners.com/storage/docs/presentations/
isec_bh2011_war_texting.pdf
•  http://events.ccc.de/congress/2009/Fahrplan/
attachments/1519_26C3.Karsten.Nohl.GSM.pdf
•  https://srlabs.de/blog/wp-content/uploads/
2010/07/100729.Breaking.GSM_.Privacy.BlackHat1.pdf
•  http://events.ccc.de/camp/2011/Fahrplan/attachments/
1868_110810.SRLabs-Camp-GRPS_Intercept.pdf

What's hot

Car hacking is not only hard, but very expensive. Automotive security is still in its infancy and requires more trained eyes on the problem; unfortunately the biggest barrier of entry is the overall cost. This talk will focus on a researcher's ability to assess the security of pieces of a car without having to purchase the full vehicle. By providing a cost effective blueprint for assessing several ECU's outside of the vehicle we feel more researchers will jump into the automotive security arena. Also, go-karts...yes go-karts.

Suns Out Guns Out: Hacking without a Vehicle by Charlie Miller & Chris Valasek

Shakacon

Connected car solution and E-call system for OEM by Smartdriving

Nikita Kasyanenko

Self driving and connected cars fooling sensors and tracking drivers

Vivek chan

Need and value for various levels of autonomous driving

Heiko Joerg Schick

I.c ingine ppt

pradeep kumar

In the automotive world, the number and the diversity of systems implementing embedded computers continue to increase. After a presentation of the different families of automotive systems and some examples (current, trend for futur), we will go through the main requirements and constraints of automotive systems: environmental constraints, reliability, safety, security, diversity of users and use cases, costs, high volumes, diversity of markets and car manufacturers. Second part of the presentation will address the following points through examples: - Platform approach: how to optimize schedules and reduce investment while addressing a variety of system configurations growing. - System integration: how to optimize the architecture and reduce the number of embedded computers. - System development and validation: planning constraints, methods and tools

20140311 cisec-automotive systems

CISEC

E call ppt

Prince Nani

Transit-Protect presentation 2014

Transit-Protect

Vehicle Tracking System

Vikas Agarwal

T062500000 p003050ppte

Phani Kumar

MIPI IP Modules for SoC Prototyping

Arasan Chip Systems

Automation on Traffic Signals

Mphasis

Automated Driving: Innovative Product Development & Safety

AssociationofEquipmentManufacturers

GSM BASED ANTI THEFT SYSTEM FOR VEHICLES conclusion In a situation where there is high level of theft, there is need for better security system. It is much safer to have a System that monitors and communicates to the device owner. This tends to utilize the availability of GSM network, mobile phone and electronics circuit to achieve an automated system which is programmed to work as a thinking device to accomplish this purpose. Global system for mobile communication (GSM) is a wide area wireless communications system that uses digital radio transmission to provide voice, data, and multimedia communication services. A GSM system coordinates the communication between a mobile telephones (mobile stations), base stations (cell sites), and switching systems. . The power supply provides the voltage and current required for effective performance of the system. This supply is tapped from the car battery and then regulated before being fed to the system. i. If the system is active, it monitors both the car doors and boot to check if anyone is opened. ii. Demobilizes the car by disconnecting the ignition line from the battery supply via the actuator . iii. Sends text message to the car owner signifying where the attempt is made from, and finally iv. Starts up an alarm for alert purpose. GSM based Anti-theft system implemented on 8051 microcontroller. This is a very useful application of GSM (Group Special Mobile) and is very commonly used in vehicles. A GSM system consists of a modem. The modem acts as a modulator and demodulator for GSM signals. The relevant messages are also displayed on a computer screen.

GSM Based Anti theft system

Kshitij Rokde

Gsm based advance security and rtealtime vehicle tracking using gps technolgy

Hardik Patel

What's hot (15)

Suns Out Guns Out: Hacking without a Vehicle by Charlie Miller & Chris Valasek

Connected car solution and E-call system for OEM by Smartdriving

Self driving and connected cars fooling sensors and tracking drivers

Need and value for various levels of autonomous driving

I.c ingine ppt

20140311 cisec-automotive systems

E call ppt

Transit-Protect presentation 2014

Vehicle Tracking System

T062500000 p003050ppte

MIPI IP Modules for SoC Prototyping

Automation on Traffic Signals

Automated Driving: Innovative Product Development & Safety

GSM Based Anti theft system

Gsm based advance security and rtealtime vehicle tracking using gps technolgy

Viewers also liked

RFC6749 et alia 20130504

Mattias Jidhage

Who Are You 20120922

Mattias Jidhage

Futuristische demonstratie uit de autosector (Bosch) - Belgian Insurance Conf...

Wolters Kluwer Belgium

Fast and Vulnerable

mrlanrat

The Six Highest Performing B2B Blog Post Formats

Barry Feldman

Each technological age has been marked by a shift in how the industrial platform enables companies to rethink their business processes and create wealth. In the talk I argue that we are limiting our view of what this next industrial/digital age can offer because of how we read, measure and through that perceive the world (how we cherry pick data). Companies are locked in metrics and quantitative measures, data that can fit into a spreadsheet. And by that they see the digital transformation merely as an efficiency tool to the fossil fuel age. But we need to stretch further…

The Outcome Economy

Helge Tennø

Viewers also liked (6)

RFC6749 et alia 20130504

Who Are You 20120922

Futuristische demonstratie uit de autosector (Bosch) - Belgian Insurance Conf...

Fast and Vulnerable

The Six Highest Performing B2B Blog Post Formats

The Outcome Economy

Similar to Gentlemen, Start Your Engines 20120419

Research skills

Darshan Bhatt

Remote car locking system

Anurag Kumar choudhury

Gsm based advance security and rtealtime vehicle tracking using gps technolgy 2

Hardik Patel

Internet of Things

cumulocity

Embedded Systems in Automotive

محمدعبد الحى

ITS "Intelligent Transportation System" Guided Vehicle using IOT Project

Mohamed Abd Ela'al

These slides use concepts from my (Jeff Funk) course entitled analyzing hi-tech opportunities to analyze how autonomous vehicles are becoming economic feasible. They are becoming economically feasible because the cost of lasers, ICs, MEMS, and other electronic components are falling at 25 to 40% per year. If the cost of autonomous vehicles fall 25% a year, the cost of the electronics associated with autonomous vehicles will fall 90% in 10 years. Dedicating roads to autonomous vehicles is necessary to achieve the most benefits from autonomous vehicles. While using autonomous vehicles in combination with conventional vehicles can free drivers for other activities, dedicating roads to autonomous vehicles can dramatically reduce congestion, increase speeds, and thus increase the number of cars per area of the road. They can also reduce accidents, insurance, and the number of traffic police. These slide discuss the use of wireless technologies for the control and coordination of autonomous vehicles. Improvements in bandwidth, speed, and latency (delays) along with improvements in computer processing are occurring and these improvements are making dedicated roads for autonomous vehicles economically feasible.

Smart infrastructure for autonomous vehicles

Jeffrey Funk

SIMATIC manager سيماتك منجر سيمنز

EssosElectronic

Automotive Telematics

Venkatesh Agaram

SMART ANTI THEFT SYSTEM FOR VECHILE SECURITY USING GSM

Arun balaji

IMCC.pptx

ssuser7479cd

Aplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLC

TICAnoia

Internet of things basics

cumulocity

OBD 2 Car GPS Tracker – A simple Plug & Play Device

Satya Prakash

OBD2 GPS Car Tracker VT200 by Thinkrace Technology is a plug and play OBD Tracker with a lot of features like - Real-time tracking, geofence area, regular reports like fuel reports, over-speed reports and much more. With so many amazing features Thinkrace Technology's OBD GPS Tracker is the best deal for you if you are looking for a reliable GPS Car Tracker. Know more about this product here - http://www.thinkrace.com/thinkrace-obd2-gps-car-tracker-vt200.aspx

OBD2 GPS Car Tracker by Thinkrace Technology

Manav Mathur

CITMO 2006

Antonio Bove

Principles of a vehicle infotainment platform - Hans-Ulrich Michel, BMW

mfrancis

Automotive telematics

Narendra K Saini

Transit-Protect presentation 2014

Transit-Protect

Fleet Management System

RekaNext Capital

Similar to Gentlemen, Start Your Engines 20120419 (20)

Research skills

Remote car locking system

Gsm based advance security and rtealtime vehicle tracking using gps technolgy 2

Internet of Things

Embedded Systems in Automotive

ITS "Intelligent Transportation System" Guided Vehicle using IOT Project

Smart infrastructure for autonomous vehicles

SIMATIC manager سيماتك منجر سيمنز

Automotive Telematics

SMART ANTI THEFT SYSTEM FOR VECHILE SECURITY USING GSM

IMCC.pptx

Aplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLC

Internet of things basics

OBD 2 Car GPS Tracker – A simple Plug & Play Device

OBD2 GPS Car Tracker by Thinkrace Technology

CITMO 2006

Principles of a vehicle infotainment platform - Hans-Ulrich Michel, BMW

Automotive telematics

Transit-Protect presentation 2014

Fleet Management System

Recently uploaded

Architecting Cloud Native Applications

WSO2

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

A Beginners Guide to Building a RAG App Using Open Source Milvus

Zilliz

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

ICT role in 21st century education and its challenges

rafiqahmad00786416

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Modernizing Securities Finance: The cloud-native prime brokerage platform transforming capital markets. Madhu Subbu, Managing Director, Head of Securities Finance Engineering Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

apidays

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Navi Mumbai Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Navi Mumbai Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Navi Mumbai Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Recently uploaded (20)

Architecting Cloud Native Applications

Why Teams call analytics are critical to your entire business

Powerful Google developer tools for immediate impact! (2023-24 C)

Corporate and higher education May webinar.pptx

A Beginners Guide to Building a RAG App Using Open Source Milvus

Data Cloud, More than a CDP by Matt Robison

ICT role in 21st century education and its challenges

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Strategies for Landing an Oracle DBA Job as a Fresher

Artificial Intelligence Chap.5 : Uncertainty

AWS Community Day CPH - Three problems of Terraform

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

GenAI Risks & Security Meetup 01052024.pdf

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Gentlemen, Start Your Engines 20120419

1. Gentlemen, Start your engines Mattias Jidhage

2. Omegapoint - Founded in 2001 - 170 consultants - e-Business & Security Falun New York Stockholm Göteborg Kalmar Helsingborg Malmö

3. Agenda

4. Telematics “integrated use of telecommunications and informatics” ECU = Electronic C BCM=Brake ECU=Engine ontrol CCU=Convenience ontrol ACU=Airbag CC ontrol odule CTM=Central Ciming Module GEM=General Electronic M SCM=Suspension ontrol U odule TCM=Transmission M Module BCM=Body CCTontrol ontrol odule ECM=Engine ontrol CUodule M PCM=Powertrain CC Mnit MUnit CCM=Central ontrol ontrol nit odule ~100 Bosch, Siemens, Delphi..

5. Telematics Potentially less than great security?

6. Eh, What's up Doc? •  The Car •  Transport •  Server •  Client

7. The Car - Research •  Experimental Security Analysis of a Modern Automobile –  OBD-II •  Comprehensive Experimental Analyses of Automotive Attack Surfaces –  CD –  OBD-II (PassThru) –  Bluetooth –  GSM

8. The Car – Reality •  War Texting: Identifying and Interacting with Devices on the Telephone Network –  Method for attacking telematics •  In general: GSM Baseband + uC Chip •  UART -> RE -> Firmware -> Vulnerability –  How2 find targets? •  FindMe •  WhoIs

9. The Car – Reality •  Put it to the test –  Zoombak Tracking Device •  Zoombak Scanner •  Ask nicely via SMS –  Subaru Outback 1998 •  after market telematics unit •  unlock and start engine •  http://youtu.be/bNDv00SGb6w

10. Transport - GSM •  A5/1 •  SRLabs –  CCC 2009, BlackHat 2010 –  Rainbow tables (100.000 years to 1 month) –  Decode voice •  100-300m upstream •  5-35km downstream

11. Transport – GPRS/EDGE No encryption •  GEA/0 •  GEA/1 •  GEA/2 •  GEA/3 •  GEA/4 No users •  SRLabs –  CCC 2011, Crypto analysis (weak crypto) –  Decode GPRS -> Wireshark

12. Transport – cell USRP H W

13. Server •  Car interface –  Proprietary protocol •  ASN.1 – Touring complete •  GPRS, EDGE, SMS and data over voice –  “We use a Private APN” •  Generic Routing Encapsulation •  Node to Node communication •  Operator web application •  Smartphone interface: REST/JSON

14. Client - browser •  Web application –  no news –  move on –  there is nothing to see –  DriveBy Trojan Download & Install •  Starring Windows •  Guest appearance by Mac OSX

15. Client – smart phone •  Few real vulnerability tests performed •  iOS –  Continous Jailbreak –  iOS 5.0.1 - iPhone 4GS and iPad2 –  iOS 5.1 – iPad3 •  Android –  Rouge apps –  Android Market - ‘Bouncer’

16. Conclusion •  All components are possible targets •  Very few has the complete picture •  Activity in the security arena •  This is going to get worse before it gets better –  2012 models CAN bus is unprotected –  New tools arriving every day –  Larger attack surface than ever •  Use fast shoes

17. What’s to come? •  “Internet of Things”

18. The Future

19. The Future •  Telematics – M2M –  “integrated use of telecommunications and informatics” Insulin pump Prescription medication

20. The Future ABB IRB 6640 Industrial robot

21. The Future Three Gorges Infrastructure - SCADA – Stuxnet

22. The Future Home Metering Unit - SmartGrid 270 000 HMU using ZigBee

23. “Everything is a computer” @mjidhage mattias.jidhage@omegapoint.se Thank You!

24. References •  http://www.autosec.org/publications.html •  http://www.isecpartners.com/storage/docs/presentations/ isec_bh2011_war_texting.pdf •  http://events.ccc.de/congress/2009/Fahrplan/ attachments/1519_26C3.Karsten.Nohl.GSM.pdf •  https://srlabs.de/blog/wp-content/uploads/ 2010/07/100729.Breaking.GSM_.Privacy.BlackHat1.pdf •  http://events.ccc.de/camp/2011/Fahrplan/attachments/ 1868_110810.SRLabs-Camp-GRPS_Intercept.pdf

Gentlemen, Start Your Engines 20120419

Recommended

Recommended

More Related Content

What's hot

What's hot (15)

Viewers also liked

Viewers also liked (6)

Similar to Gentlemen, Start Your Engines 20120419

Similar to Gentlemen, Start Your Engines 20120419 (20)

Recently uploaded

Recently uploaded (20)

Gentlemen, Start Your Engines 20120419