Tesla Fixes Security Bugs After Claims of Model S Hack (reuters.com)

← Back to Stories (view on slashdot.org)

Tesla Fixes Security Bugs After Claims of Model S Hack (reuters.com)

Posted by BeauHD on Wednesday September 21, 2016 @01:00AM from the remote-control dept.

An anonymous reader quotes a report from Reuters: Tesla Motors Inc has rolled out a security patch for its electric cars after Chinese security researchers uncovered vulnerabilities they said allowed them to remotely attack a Tesla Model S sedan. The automaker said that it had patched the bugs in a statement to Reuters on Tuesday, a day after cybersecurity researchers with China'a Tencent Holdings Ltd disclosed their findings on their blog. Tesla said it was able to remedy the bugs uncovered by Tencent using an over-the-air fix to its vehicles, which saved customers the trouble of visiting dealers to obtain the update. Tencent's Keen Security Lab said on its blog that its researchers were able to remotely control some systems on the Tesla S in both driving and parking modes by exploiting the security bugs that were fixed by the automaker. The blog said that Tencent believed its researchers were the first to gain remote control of a Tesla vehicle by hacking into an onboard computer system known as a CAN bus. In a demonstration video, Tencent researchers remotely engaged the brake on a moving Tesla Model S, turned on its windshield wipers and opened the trunk. Tesla said it pushed out an over-the-air update to automatically update software on its vehicles within 10 days of learning about the bugs. It said the attack could only be triggered when a Tesla web browser was in use and the vehicle was close enough to a malicious Wi-Fi hotspot to connect to it. Slashdot reader weedjams adds some commentary: Does no one else think cars + computers + network connectivity = bad?

56 of 76 comments (clear)

Min score:

Reason:

Sort:

Turn off the wireless by Anonymous Coward · 2016-09-21 01:16 · Score: 1

I disable Wi-Fi, Bluetooth, and location services on my phone when I'm not actively using them. Hopefully you can do the same for your car.
1. Re:Turn off the wireless by Anonymous Coward · 2016-09-21 02:09 · Score: 1
  
  Good luck with that. When shopping around at a Jeep dealership I asked how to remove the SIM card from the mobile data connection used by Uconnect (as opposed to Uconnect Via Mobile on the cheaper models which uses the Buletooth internet gateway on your smartphone) and nobody would own up to knowing anything about it. That's fine, plead ignorant. I bought a car from a different manufacturer.
2. Re:Turn off the wireless by Coren22 · 2016-09-22 08:05 · Score: 1
  
  You expect that a sales person even knows what a SIM card is or where it is located?
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Cars? by ledow · 2016-09-21 01:19 · Score: 2

"Does no one else think cars + computers + network connectivity = bad?"
Does no one else think that phone + computer + network connectivity + radio connectivity + location sensing + chargeable services + .... + ... = bad?
Apparently only a few.
1. Re:Cars? by Anonymous Coward · 2016-09-21 01:40 · Score: 1
  
  Connecting two different systems that have no place in intercommunicating doesn't make sense.
  Attaching the wifi to the CAN bus is an awful idea. It borders on stupid.
2. Re:Cars? by bozzy · 2016-09-21 01:50 · Score: 2
  
  They aren't necessarily intrinsically bad, per se. It's just that people either make mistakes (introduce bugs) or are malicious (abuse it). It's why we can't have nice things.
  
  --
  playmoney.me - The free alternative to paper board game play money
3. Re:Cars? by rudy_wayne · 2016-09-21 01:53 · Score: 3, Insightful
  
  "Does no one else think cars + computers + network connectivity = bad?"
  Whether it's your car, television or phone, it's not bad if done properly. The problem is, nobody gives two shits about doing it properly.
4. Re:Cars? by pr0fessor · 2016-09-21 02:15 · Score: 1
  
  I think if you engaged the brake at the wrong time without warning it might be able to cause and accident
5. Re:Cars? by fluffernutter · 2016-09-21 02:34 · Score: 1
  
  I'm just throwing this out there with admittedly not knowing, but I've always assumed radio connectivity in airplanes is informational and not actually able to control the plane in any possibly disastrous way.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
6. Re:Cars? by parkinglot777 · 2016-09-21 02:50 · Score: 1
  
  Does no one else think that airplanes with radio/network connectivity = bad? Does no one else think satellites orbiting Earth at 17,000mph with radio network connectivity = bad? Apparently only a few.
  I would ask if the control of an air plane can be controlled remotely like the car? If so, then it is bad. And if Tesla can update/patch their firmware of their car via Internet, then I am waiting to see some other vulnerabilities of the update/patch system they have in the future...
7. Re:Cars? by fluffernutter · 2016-09-21 02:58 · Score: 1
  
  Even worse, if someone does do it properly customers will complain that it is inconvenient and probably not buy it.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
8. Re:Cars? by kelemvor4 · 2016-09-21 03:21 · Score: 1
  
  I'm just throwing this out there with admittedly not knowing, but I've always assumed radio connectivity in airplanes is informational and not actually able to control the plane in any possibly disastrous way.
  Boeing has had remote control capabilities since 2006. Airlines don't use it for fear of hacks. Source: http://www.dailymail.co.uk/new...
9. Re:Cars? by Opportunist · 2016-09-21 03:46 · Score: 1
  
  If that borders on stupid, I have to ask from which side.
  CAN was never supposed to be a user space bus. When it was created, security was simply a non-issue because back then to get access to it, you'd pretty much have had to dismantle the whole car. Stealing it was heaps easier. And it's also not like with TCP where you can simply stack TLS on top of it, it doesn't work that way.
  Leave the CAN bus alone! And don't even get the idea to mix user space electronics, where the idiot on the wheel can plug his insecure junk in, with mission critical controls for steering, brakes, fuel ignition or driver safety!
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
10. Re:Cars? by mspohr · 2016-09-21 05:35 · Score: 1
  
  cars + computers + network connectivity + bad security = bad
  You can't isolate yourself from the entire world. That's why we have locks on doors. Some people have strong locks, others don't need strong locks.
  Cars need strong locks. These security researchers did the right thing. They found a vulnerability, notified Tesla, and Tesla was able to fix it quickly and roll out the fix to its cars. That's the way it's supposed to work.
  All cars have a CAN bus which can control many things in the car. It needs a strong lock.
  
  --
  I don't read your sig. Why are you reading mine?
11. Re:Cars? by sigmabody · 2016-09-21 05:41 · Score: 1
  
  This is only really bad if the remote connectivity portion is physically connected to the CAN bus, so as to affect vehicle control through remote commands, and be effectively impossible to secure well enough to prevent exploitation.
  ... except this is what every manufacturer does with their telematics systems, on purpose.
  I guess it's only monumentally stupid if you write the software such that it can rewrite it's firmware and whole control system via remote update.
  ... which is what Tesla does, for "customer convenience".
  Gosh, yeah, I guess this whole "remote connected car" thing is pretty monumentally idiotic. I wonder if there is some ulterior motive for the government to push such an obviously stupid system, which allows someone with access to completely remote control a vehicle with no trace of evidence or accountability...
  ... oh, wait, never mind, nothing to see here.
Better equation by gachunt · 2016-09-21 01:41 · Score: 1

"Does no one else think cars + computers + network connectivity = bad?"

Nope. Tesla was able to patch all their cars quickly, without asking drivers to come in to get serviced.

That's a net gain of: thousands of kms saved + time saved + less cars on road = good

A worse equation is that Tesla is working to eliminate:

Cars + humans + driving + distraction( texting | eating | doing makeup ) = bad
1. Re:Better equation by Fire_Wraith · 2016-09-21 01:52 · Score: 1
  
  A better comparison would be what the situation would be like if the cars didn't have easy network connectivity that allowed OTA patches. You'd have to bring them in to a service center to get patched. How many people would do it right away? How many would just be lazy and not bother at all?
  
  There's certainly something to be said for having an air gap, but even air gaps aren't foolproof, and they're becoming increasingly unrealistic in the world of interconnected systems we live in.
2. Re:Better equation by fluffernutter · 2016-09-21 01:58 · Score: 1
  
  Tesla was able to patch all their cars quickly
  Have you ever heard of a zero-day exploit?
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
3. Re:Better equation by goose-incarnated · 2016-09-21 02:04 · Score: 1
  
  "Does no one else think cars + computers + network connectivity = bad?" Nope. Tesla was able to patch all their cars quickly, without asking drivers to come in to get serviced.
  ???
  The patch would not have been needed had the connectivity not existed.
  "Luckily, this problem that would not have existed without network connectivity was solved by using the network connectivity." Circular reasoning at its finest, folks. There would have been no patch if there was no network connectivity.
  
  --
  I'm a minority race. Save your vitriol for white people.
4. Re:Better equation by FrankHaynes · 2016-09-21 02:06 · Score: 1
  
  If the automobiles didn't have easy network connectivity, they couldn't be compromised so readily be bad actors.
  I'm buying a new car soon and I have resolved not to buy one that doesn't allow me to disable any built-in radios immediately.
  
  --
  slashdot: A failed experiment.
5. Re:Better equation by fluffernutter · 2016-09-21 02:54 · Score: 1
  
  If your car isn't connected to anything and it is working properly, why would you need patches?
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
6. Re:Better equation by cbiltcliffe · 2016-09-21 03:14 · Score: 1
  
  "Does no one else think cars + computers + network connectivity = bad?"
  Nope. Tesla was able to patch all their cars quickly, without asking drivers to come in to get serviced.
  That's a net gain of: thousands of kms saved + time saved + less cars on road = good
  
  You're making the assumption that only legitimate researchers who follow proper notification procedures are looking for this stuff. Hackers looking to take advantage of it are looking, too, but they won't tell Tesla (or whatever relevant manufacturer) if they find anything.
  What happens if some genius security researcher with a mental instability (we know they exist) gets recruited by Daesh, and figures out how to lock up the brakes on every Tesla that's travelling faster than 50 mph with a GPS location that puts it on a freeway? Do you really think "Well, Tesla would have been able to update the firmware over the air to prevent it, if only those miserable hackers had told them about it instead of causing thousands of car crashes around the world," is going to be comforting to anybody who's been run over by a transport truck as a result?
  I know, the chances of the incompetent twits that comprise Daesh actually accomplishing anything like this are slim to none, but there are smart hacker groups out there looking at this, and how much do you think Putin would pay to see a whole bunch of high end American cars cause huge amounts of chaos on American roads where thousands of cars (or more) get in pileups on the freeways across the country within a span of 5 minutes?
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
7. Re:Better equation by cbiltcliffe · 2016-09-21 03:16 · Score: 1
  
  Your tagline: "-- space for rent"
  Is it referring to space in the GPs head? Or are you simply selling advertising in your sig?
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
8. Re:Better equation by lhowaf · 2016-09-21 05:54 · Score: 1
  
  Why not do the updates through the charging cable/station? That way, at least you know the vehicle isn't in use. If the vehicle is in use, it won't be long before it is connected again.
Re:Let me know by Maritz · 2016-09-21 01:52 · Score: 5, Funny

I think they've been on lithium ion for a while now.

--
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
Connectng by fluffernutter · 2016-09-21 01:56 · Score: 3, Informative

Connecting a car to anything is just stupid and reckless. It will be a constant battle with hackers. All AI should be on board.

--
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
1. Re:Connectng by TFlan91 · 2016-09-21 02:22 · Score: 1
  
  I disagree with your first half, but agree with the latter.
  I would like my devices to be able to easily download patches, whether they be security or new features. I don't want to have to go to a dealer ship to get a critical patch and then be talked about 10 other things I could pay for to have done.
2. Re:Connectng by fluffernutter · 2016-09-21 02:36 · Score: 1
  
  The problem with that is, if Tesla can send you patches so can hackers. I'm pretty sure you wouldn't want hackers sending you patches. Security is inconvenient by necessity.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
3. Re:Connectng by fluffernutter · 2016-09-21 02:47 · Score: 1
  
  You're just adding fuel to my fire, considering I've long been arguing that automation isn't mature enough to use yet.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
4. Re:Connectng by fluffernutter · 2016-09-21 03:26 · Score: 1
  
  Yes, because encryption never breaks.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
5. Re:Connectng by SirSlud · 2016-09-21 04:21 · Score: 1
  
  Your front door can be broken into. Yet you still lock it, because doors are useful and the pragmatic likelihood that somebody will break down your door is a lot lower than somebody walking into it unlocked. The real question I have to wonder if what do hackers have to gain from hacking a car? If the barrier to entry is high enough, there are plenty of easier ways of causing people harm, stealing the car, or whatever other police-procedural fantasy crime you can think of.
  
  --
  "Old man yells at systemd"
6. Re:Connectng by fluffernutter · 2016-09-21 04:28 · Score: 1
  
  What do people have to gain by dropping rocks off of overpasses? A lot of people just like the thrill of it. Also hackers like the challenge. If my house gets broken into, as much it would suck, my house insurance covers it and they are just things. If a car gets hacked and kills people, they aren't coming back so it is a bit more important for a car to be totally secure.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
7. Re:Connectng by fluffernutter · 2016-09-21 09:50 · Score: 1
  
  Explain how a person hacks a car remotely if it is not network connected please. There is a world of difference between being present at the vehicle and not.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
Title wording by campuscodi · 2016-09-21 01:59 · Score: 1

"Claims of Model S Hack"
It's not a claim Reuters!!! The researchers reported the issues to Tesla, who fixed them. Tesla fixed them BECAUSE the hack worked. It's not a claim at all.
Computers and networks in cars are fine by sjbe · 2016-09-21 02:05 · Score: 2

Does no one else think cars + computers + network connectivity = bad?
In principle no I do not. Cars have been loaded with computers for quite some time now for all sorts of good reasons. You just don't usually notice them - which is a good thing. As for network connectivity that is fine too. There are all sorts of useful things you can do with network access. Are there downsides? Sure, just like any technology. I haven't seen any showstoppers however. Just problems that will take some time to work through. I think the auto companies are going to struggle for a while to learn to deal with the security issues because they have no experience with them but they'll figure it out eventually. There also are some privacy issues but those too will eventually be sorted out to a reasonable degree.
Actually I think cars without computers are a much worse idea in most cases. Worse performance, worse fuel economy, more dangerous, less features, more maintenance, etc. I'm old enough to remember when cars mostly didn't have computers in them. They're better with computers.
1. Re:Computers and networks in cars are fine by HBI · 2016-09-21 02:19 · Score: 1
  
  The computer thing is a red herring. There have been computers in cars since at least the early 1990s.
  The question, put more precisely here is: why does a car need to be on a packet switched network?
  I can come up with lots of reasons for cars to send packets out. Telemetry data comes to mind here, though why the owner would want this is less clear. I'm sure the car company is interested.
  But why does a car need to respond to incoming packets? I can only think of reasons that the owner would find either benign - or inimical. The benign reasons are receiving map updates and system updates. Remote shutdown of the vehicle is amongst the inimical reasons.
  The conclusion I come to is that as a convenience factor for the company, it's easier to have it on a network. However, it opens up a huge attack surface. Overall, it appears not to be much of a benefit to the owner of the car, as the owner could accomplish the noted updating tasks using a USB drive, and any required vehicle telemetry could be cached on-vehicle and retrieved manually as required.
  
  --
  HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
2. Re:Computers and networks in cars are fine by CastrTroy · 2016-09-21 03:00 · Score: 1
  
  The auto company doesn't have to do anything to make networked cars more secure except hire people already knowledgeable in the field computer systems design and security. And actually listen to what they are telling you to do. Putting a computer on a car is no different than putting a computer in any other situation that we've been doing for years. We already know how to make computers secure.
  It's fine to have a bluetooth radio. But the radio should not be in any way hooked up to the core systems of the car that control the engine and brakes. You can have remote door locks, but it should be much more robust, using some kind of challenge-response type encryption based technology instead of just sending the same signal over the air every time you want to unlock the car.
  
  --
  
  Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
3. Re:Computers and networks in cars are fine by fluffernutter · 2016-09-21 03:11 · Score: 1
  
  Here's the problem.. What if these experts tell Tesla what they should, that the only secure way of doing it is to connect physically? Tesla is just gong to send them away because they know customers will complain about that, and Autopilot probably doesn't work at all without it.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
4. Re:Computers and networks in cars are fine by Anonymous Coward · 2016-09-21 03:13 · Score: 1
  
  I routinely see cars from the 30s, 40s, 50s, and 60s on the road. Some of them never restored, but still running.
  When was the last time you saw a car from the 80s on the road? 80s cars, with computers especially, are unmaintainable, unreliable, and are just junk. Late 90s started getting reasonable, but I still think they are unmaintainable. When an eprom goes out what do you do with an antique car? Replace entire engine or transmission because a $2 part went bad that you can't possibly get a replacement for (unless you get lucky in a scrap yard). Tesla cars in 20 years will be FAR worse in this regard.
  Go ahead and say all the things that are better, but maintainability is not one of them. Long term reliability is not one of them.
5. Re:Computers and networks in cars are fine by fluffernutter · 2016-09-21 03:21 · Score: 1
  
  This is a big reason why I think most people will not get their hands on automated vehicles. They will be expensive from the factory, and junk by the time they would be sold used. Every vehicle I have had in the last 20 years has had some sort of electrical glitch. Electronics and weather cycles just don't mix.
  
  --
  Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
6. Re:Computers and networks in cars are fine by krray · 2016-09-21 07:40 · Score: 1
  
  In principle I agree with you, but...
  Computers + cars, as you've said, is a wonderful thing.
  I personally chose my [used] car based on the LACK OF network connectivity (before it was a known issue).
  I liked the Chrysler 300 w/ uConnect. So I bought one -- specifically 2012. I wasn't considering any 2013 or later as it was mid-way through 2013 that they added Internet capabilities to uConnect. I wasn't going to muck around trying to figure out when the car I wanted was manufactured during the year -- I just decided to only look at and consider 2012 or before.
  We all see how well that played out (w/ Jeep). The exact same system / setup is in the Jeep...
7. Re:Computers and networks in cars are fine by RivenAleem · 2016-09-27 03:44 · Score: 1
  
  For a long time you could simply perforate the brake-line and let the fluid drain. This could be used to cause a crash. Where were the articles about car security then? No matter what we put into cars, there will always be some way for a malicious actor to take advantage of some design flaw to put someone in danger. However, the risk is relatively small, while the reward is great.
Re:Next Headline by fluffernutter · 2016-09-21 02:48 · Score: 1

There are probably hackers reading about this and thinking, "Challenge accepted!".

--
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
Re:They aren't?! by fluffernutter · 2016-09-21 03:04 · Score: 2

This goes directly against the whole Autopilot philosophy. In your example, people are expected to be capable of using poison properly and responsibly. If you spread it around and someone doesn't use it properly, well, it's not your fault. Didn't you read the small sign in the corner of the yard? What makes it more interesting is that automation is being pushed on the premise that humans aren't perfect, yet expect perfection from them in other ways? It's a strange way of thinking.

--
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
Why a network? Plenty of reasons by sjbe · 2016-09-21 03:15 · Score: 1

The question, put more precisely here is: why does a car need to be on a packet switched network?
Lots of reasons. Map updates, traffic updates, relaying location, weather updates, infotainment, concierge services, updates to car features, etc. The list is almost endless if one thinks about it.

The conclusion I come to is that as a convenience factor for the company, it's easier to have it on a network.
It's not just a convenience for the car company though that is a real factor. It's also a convenience for the car owner. If there is a recall on something software related (which happens a lot these days) it is MUCH more convenient for the car owner to not have to waste a substantial portion of the day scheduling time at a repair facility to have the problem fixed or the update applied. It's also much easier to receive a lot of useful updates (maps, traffic, weather, etc) via a network and in time I think there will be some interesting safety features relating to how cars talk to each other to avoid accidents and minimize traffic delays.

However, it opens up a huge attack surface.
Yes it does and I discussed this somewhat in the post you responded to. There are well understood ways to mitigate the attack surface problem. One thing that will be key is keeping certain operational features (access, ignition, etc) separate from non-safety and physical security features. I think there will be some hard lessons learned in regards to this...

Overall, it appears not to be much of a benefit to the owner of the car, as the owner could accomplish the noted updating tasks using a USB drive, and any required vehicle telemetry could be cached on-vehicle and retrieved manually as required.
Disagree. I see all kinds of utility in having a car that has two way communication. There are risks of course but they are reasonably well understood risks. In any case I see it as a moot discussion. Cars are going to get networks and it's something we should figure out how to do in the best way possible starting today.
Re:Why a network? Plenty of reasons by fluffernutter · 2016-09-21 03:18 · Score: 1

Lots of reasons. Map updates, traffic updates, relaying location, weather updates, infotainment, concierge services, updates to car features, etc. The list is almost endless if one thinks about it.
So lets not put any of those things in a car. That's what tablets and phones are for.

--
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
or your car is old to get that update buy new car by Joe_Dragon · 2016-09-21 03:31 · Score: 1

or your car is 1 year old to get that update to auto drive 1.5 buy A NEW CAR! or pay $2500 + labor to install an new CPU unit.
Re:Let me know by Anonymous Coward · 2016-09-21 03:50 · Score: 1

I think that AC may have stopped taking his lithium for too long
Re:or your car is old to get that update buy new c by fluffernutter · 2016-09-21 04:08 · Score: 1

If you didn't like the way the car worked, you shouldn't have bought it.

--
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
Re:bad? by SirSlud · 2016-09-21 04:15 · Score: 1

If you ask the "right" people, apparently the barn has been "fully engulfed and about to collapse" for thousands of years now. Shit happens, we fix the shit, and try to get it as right going forward as is reasonably possible. The way people talk, it's like some kind of massive collective failure that will bring about the end of days *any day now* that humans are not perfect.

--
"Old man yells at systemd"
WTF? by GrumpySteen · 2016-09-21 05:03 · Score: 1

Slashdot reader weedjams adds some commentary
Really? Linking tangentially related articles at the end of the summary wasn't retarded enough? Now we're just adding random comments?
Related by ThatsNotPudding · 2016-09-21 05:31 · Score: 1

Most folks are still in love with Tesla, but I have to wonder if they're going to be any different than John Deere and Case - New Holland:
"You are only given the privilege to pay the massive price tag, but you are FORBIDDEN to work on it. Bring it to us, along with your nose to pay thru."
Network by mjperson · 2016-09-21 05:31 · Score: 1

>Does no one else think cars + computers + network connectivity = bad?
Not half as bad a wireless pacemakers.
CAN bus still around? Damn... by EndlessNameless · 2016-09-21 07:28 · Score: 1

The CAN bus was developed decades ago when cars first got electronics.
It has no appreciable security standards. The devices on the bus can implement their own security features, but that becomes a problem when you want to include components from various vendors. Most of them never even thought of security.
The only security was physical security, and that vanished as soon as the wifi connected.

--

---
According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
Re:Next Headline by krray · 2016-09-21 07:33 · Score: 1

Correct. :*)
Re:Coming from Detroit by Ungrounded+Lightning · 2016-09-21 07:52 · Score: 1

There is no security on the CAN communications of any modern vehicles that I know of. Any person connected to the bus can masquerade as anyone else.
That's why Tesla has several layers of bus, with firewalls between them, inside each car.
Get on one of the buses, you get to tweak the stuff on THAT bus. But you have to convince a firewall you're cool (i.e. doing something the firewall recognizes as legitimate) before it forwards your transaction to anything on even an adjacent bus.

--
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way