How To Hack a BMW: Details On the Security Flaw That Affected 2.2 Million Cars

0x2A (548071) writes BMW recently fixed a security hole in their ConnectedDrive software, which left 2.2 million cars open to remote attacks. Security expert Dieter Spaar reverse engineered the system and found some serious flaws [note: if you'd prefer English to German, try this translation], including using the same symmetric keys in all vehicles, not encrypting messages between the car and the BMW backend or using the outdated DES.

Re: You know, im fine with a car that doesnt have

[drinkypoo]

So do they fail on or off? If you're driving along and your battery cable falls off, does you e-brake immediately go full on, or not work at all?

It doesn't work. People don't believe in e-brakes any more, so now they're just parking brakes. Seriously, if I post about a paragraph rant about how there's no such thing as an e-brake, I'll bet you a dollar that some asshole will come along and claim that they were never anything more than a parking brake. But as the owner of a car whose e-brake system is actually capable of making a (one (1), that is) full-speed panic stop, that is to say a W126 Mercedes-Benz, I find this notion ridiculous.

EPBs are bad, mmkay? But they're now quite common, and just another reason why the best cars are from the late eighties to late nineties, if not the early sixties to early seventies. Obviously, the mid seventies to mid eighties were a dark time for automobiles...