I'll be curious to see what @TeslaMotors means by "codesigning" I have some horrible suspicions.....
I'd concentrate on the gateway first, the classic "update-from-unsecure-domain" design flaw was really surprising.
-
-
yes the insecure update of gateway is bad but TBH its the tip of a big iceberg.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
even with a totally locked down gateway the car is vulnerable to exploitation of the VAPI.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
An attacker can just abuse legit messages & do a LOT of bad stuff. No need to tamper with GW firmware at all.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
lets not lose sight of the value of locking down the firmware or securing the infotainment itself.
-
of course, ideally all should be locked...I just see the CAN BUS entry points as first priority :)
-
my point entirely. Locking the GW down limits the points of CAN interaction but it doesn't close them.
End of conversation
New conversation -
-
-
there are several wins that would be MUCH bigger than just locking down the ability to tamper with GW firmware.
-
agreed of course, it just gets difficult if not designed for that in the first place, especially for runtime lock
-
no argument from me. Securing with hindsight is always easier ;)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.