Charlie Miller

@0xcharlie

I'm that 0day guy

St. Louis, MO
Vrijeme pridruživanja: kolovoz 2009.

Tweetovi

Blokirali ste korisnika/cu @0xcharlie

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @0xcharlie

  1. proslijedio/la je Tweet
    prije 38 minuta

    The Blackhat USA call for papers is now open. Get your talks in!

    Poništi
  2. proslijedio/la je Tweet

    Many years ago I came to the conclusion that in many scenarios the "Bug Bounty" model was economically superior to the typical pricing model of VA vendors, especially as security programs mature. This is how I reasoned though it. /1

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    22. sij

    This slightly edited photo of a slightly edited photo has me dead. Lol

    Poništi
  4. proslijedio/la je Tweet
    22. sij
    Poništi
  5. 19. sij

    speaking of gateways and secure vehicle architectures, i’m a big fan of over the air updates, but it does mean the internet connected module has to be able to communicate with all other modules, including steering, brakes, engine, etc which is a bit of a bummer.

    Poništi
  6. 18. sij

    Someone pointed out to me I misread the wiring diagram for Jeep. A gateway module was introduced into its architecture in 2019 and is also present in 2020 models. Thats pretty cool and about the timeframe I expected to see it. I love seeing improvements over time!

    Poništi
  7. 17. sij

    btw the research for that last tweet cost me $36.95. you’re welcome internet.

    Poništi
  8. 17. sij

    If you are interested in automotive architectures in regards to security, check out this (older) paper we wrote in 2014:

    Prikaži ovu nit
    Poništi
  9. 17. sij

    I know big architectural changes like that take a while in the automotive space, but I was hoping to see some change after our research was presented 5 years ago. Architecture looks identical between 2014 and 2020 model.

    Prikaži ovu nit
    Poništi
  10. 17. sij

    You may recall me and hacked a 2014 Jeep Cherokee. We chose that car because it had no gateway module between the telematics module and the modules with physical controls. I just looked at the 2020 model, there is still no gateway module.

    Prikaži ovu nit
    Poništi
  11. 17. sij

    This is the original source for the article, I guess:

    Prikaži ovu nit
    Poništi
  12. 17. sij
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    17. sij
    Poništi
  14. 17. sij

    I was really inspired by "rockstars" like , , early in my career and it made me want to try to do impactful research. Instead of putting people down, let's encourage people and celebrate good work!

    Poništi
  15. 10. sij

    i used to get on tv because i was a security researcher, now i get on because i’m a fan. (that’s me on the right)

    Poništi
  16. 8. sij

    I can confirm that katie called and got my feedback more than once on this subject.

    Poništi
  17. 3. sij

    In conclusion, another great paper by which seems to have the best group of car security researchers in the business. I hope they continue all this great work as well as continue publishing it so the industry can learn and improve from it!

    Prikaži ovu nit
    Poništi
  18. 3. sij

    By way of comparison, me and 's Jeep hack and the UCSD/UW hack against the Impala required no user interaction and had unlimited range. Hopefully those types of attacks are no longer possible (or are at least much harder!)

    Prikaži ovu nit
    Poništi
  19. 3. sij

    To compare to some of their other work, this required no user interaction but landed them further away from the CAN network. Their browser exploits were more reliable and landed them closer to the CAN network but required some kind of prerequisites such as user interaction.

    Prikaži ovu nit
    Poništi
  20. 3. sij

    I love watching this research group continue to dig in deeper on this car. If you wonder why they pick on Tesla, my guess is that its a matter of they now know everything about it and to gain that knowledge on a new car would be difficult (and explains why I stopped researching)

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·