@0xcharlie If it took that long, why drop the vendor to media now? Drop it @_defcon_ ?
Also we reported this bug to Chrysler in October. Patch comes out 3 weeks before our talk. Public disclosure works.
-
-
-
@geoffnorton@_defcon_ to get people to patch before we release details at defcon. -
@0xcharlie@_defcon_ If its not OTA, majority of car owners won't patch anyways.
End of conversation
New conversation -
-
-
@0xcharlie@obscuresec Is it an OTA patch, will a recall be issued, or none of the above? -
@0xcharlie@obscuresec That's sad. That said, you have a personal responsibility to advocate a recall to media in that case. Please do. -
@mattifestation@0xcharlie Doesn't everyone with knowledge of the bugs existence have the same responsibility? -
@obscuresec@0xcharlie When publicizing your research with media flocking towards you, you have a unique opportunity to set a precedent.
End of conversation
New conversation -
-
-
@0xcharlie I reported in January 2014 to chevrolet, again in September 2014 with the help of@cesarcer &@nudehaberdasher still unresponsiveThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@0xcharlie Do you think that something like this was possible 6 years ago? https://en.wikipedia.org/wiki/2009%E2%80%9311_Toyota_vehicle_recalls … -
@timetabling@0xcharlie The Toyota "unintended acceleration" issue was a safety software bug, not a security flaw http://betterembsw.blogspot.co.uk/2014/09/a-case-study-of-toyota-unintended.html …
End of conversation
New conversation -
-
-
@0xcharlie@hackerfriendly Maybe this leads to better engineering/laws down the road, but this puts Jeep drivers in danger in the near term.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@0xcharlie@hackerfriendly Only a minority of vehicles will ever be patched so this isn't a public disclosure leading to better security.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
.
@0xcharlie REALLY admire your research, but don’t you think tampering with vehicle speed in highway endangered other drivers?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@0xcharlie So your saying that they wouldn't patch until you were giving the talk? Or it took that long to patch?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@0xcharlie - by 'patch' what are you referring to.... what does the process look like for the consumer?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@0xcharlie Hopefully instead of this mealymouthed “you should update your software” crap, they’ll treat it like a recall. They should.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@0xcharlie Could you follow me so I can DM you my number? Local reporter hoping to do more on your Wired piece. Thanks!Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@0xcharlie@blowdart Public disclosure works sometimes... when private / coordinated disclosure fails.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@0xcharlie Of course, it doesn't hurt to have the brand caché of@0xcharlie and@nudehaberdasher in order to get vendors' attentionThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.