Tesla only implemented code-signed updates *now*? WTF? What is this, the 90s? https://www.wired.com/2016/09/tesla-responds-chinese-hack-major-security-upgrade/ …pic.twitter.com/QSzceZoGgB
This is the legacy version of twitter.com. We will be shutting it down on June 1, 2020. Please switch to a supported browser, or disable the extension which masks your browser. You can see a list of supported browsers in our Help Center.
Reverse engineer, Dolphin Emulator developer and maintainer. Infrastructure security engineer @ $employer.
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Add this Tweet to your website by copying the code below. Learn more
Add this video to your website by copying the code below. Learn more
By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.
| Country | Code | For customers of |
|---|---|---|
| United States | 40404 | (any) |
| Canada | 21212 | (any) |
| United Kingdom | 86444 | Vodafone, Orange, 3, O2 |
| Brazil | 40404 | Nextel, TIM |
| Haiti | 40404 | Digicel, Voila |
| Ireland | 51210 | Vodafone, O2 |
| India | 53000 | Bharti Airtel, Videocon, Reliance |
| Indonesia | 89887 | AXIS, 3, Telkomsel, Indosat, XL Axiata |
| Italy | 4880804 | Wind |
| 3424486444 | Vodafone | |
| » See SMS short codes for other countries | ||
This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.
Hover over the profile pic and click the Following button to unfollow any account.
When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.
The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.
Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.
Get instant insight into what people are talking about now.
Follow more accounts to get instant updates about topics you care about.
See the latest conversations about any topic instantly.
Catch up instantly on the best stories happening as they unfold.
Tesla only implemented code-signed updates *now*? WTF? What is this, the 90s? https://www.wired.com/2016/09/tesla-responds-chinese-hack-major-security-upgrade/ …pic.twitter.com/QSzceZoGgB
To be slightly fairer to them, my understanding is that they pulled updates over TLS.
Transport security != codesigning. Completely unrelated things.
I'm aware of that, obviously, but my point is that most attack vectors are going to be focusing on MitM'ing the OTA updates.
I disagree. Most attack vectors are going to be focusing on any random entry point, and without codesigning, you then push FW.
Either way it's irrelevant. I'm just saying that we're not likely to see mass bricking/pwning of Teslas via rogue femtocell.
Key bit is /mass/, if you're unfortunate enough to be a target OTOH...
Yup. As I say, they really should be signing (and it looks like they have released a patch to do so) but at least it's limited
...to local targeted attacks, rather than just everyone within transmission range of some twat with an antenna.
yeah, except if you find a remote exploit through something that's not TLS, and then you can rewrite FW with anything you want.
Again, not saying they shouldn't sign firmware. Saying it's good that they at least use TLS.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.