Tesla Cars Hackable – Protected by 6 character Password

The high tech Tesla electric car that received 5 stars in safety apparently could be hacked by cracking a 6 character password.

Black Hat Asia presenter and security researcher Nitesh Dhanjani explained last week that the car could be locked and unlocked by cracking a short password.

Tesla users must use an online account with which they can access the car via smartphone app.

Dhanjani found that the online account was susceptible to a brute force password attack that could allow a hacker access to the account. The hacker could then lock and unlock the car remotely, or even track and monitor the vehicle.

Vehicles are becoming more and more computerized and new ways to take advantage of this is being added with each new model. And as several hackers have found over the last few years, securing these features is not always top on the list.

“We cannot be protecting our cars in the way we protected our (computer) workstations, and failed,” Dhanjani said last week.

Tesla has been notified of the issues and have already made changes to the online accounts to make them more secure.

 

Advertisements

Black Hat USA 2013 Day One – Latest News

Black Hat’s Barnaby Jack Statement:

We have lost a member of our family. Everyone would agree that the life and work of Barnaby Jack are legendary and irreplaceable. Barnaby had the ability to take complex technology and intricate research and make it tangible and accessible for everyone to learn and grow from. Beyond his work in our industry, Barnaby was an incredibly warm hearted and welcoming individual with a passion for celebrating life. We all have a hilarious and upbeat story about Barnaby. He is truly a shining example of what we love about this community. (Continue Reading…)

Latest BlackHat news, Courtesy of DarkReading:

‘Hangover’ Persists, More Mac Malware Found
Attackers behind the Operation Hangover cyberspying campaign out of India found dropping OS X malware, covering their tracks online

Researchers To Highlight Weaknesses In Secure Mobile Data Stores
At Black Hat USA, a team of mobile-security researchers plans to show off ways to circumvent the security of encrypted containers meant to protect data on mobile devices.

‘Tortilla’ Spices Up Active Defense Ops
New free Tor tool due out at Black Hat USA aims to make the Tor anonymizing network easier to use for all types of Intel-gathering

Black Hat USA 2013: Complete Coverage
Articles leading up to and live coverage from Black Hat USA 2013, July 27 – Aug. 1

UPCOMING EVENTS

Android Patch Fixes Two File Vulnerability Attacks

Android Vulnerability

Google has released a security update that patches two separate vulnerabilities that could modify apps without changing their digital signature. Thus malicious apps could be installed without triggering a warning.

The first was discovered in February of this year by BlueBox Security. They found that if you took two application install files, one legitimate and one hacked – but using the exact same file name, you could get Android to install the hacked one.

When the resulting zipped APK file is processed and installed, Android would correctly check the digital signature on the first file to verify it’s legitimacy, but would actually install the second file!

According to BlueBox, 99% of Andoid devices are vulnerable to this attack. Sophos has a great step by step write up on it here, or if you are at Black Hat USA 2013 later this month be sure to check out Jeff Forristal’s talk, “Android: one root to own them all

The second vulnerability was published last week on a Chinese website called the ‘Android Security Squad Blog‘ (Google Translation). According to the site, the signature verification process can be attacked by modifying file headers.

Apparently malicious code can be added into the file headers, which at the time of the post’s writing was not checked by the Android’s signature verification process.

Both vulnerabilities have since been patched by Google. But the problem is how long will it take device manufacturer’s to implement the changes and push them out to end user devices? Of concern too is older devices that are no longer being updated.

According to The Verge, Google has made changes to the Google Play store updating mechanism to help prevent attacks like this from happening, and Sophos recommends using an Android Anti-virus program to protect against the vulnerability.

Small Disposable Devices that Own Wi-Fi Networks with Help from DARPA

If you haven’t seen Brendan O’Connor’s security conference presentations on “Reticle and F-BOMB” you should really take the time out and check them out. It is a fascinating project on using low cost computer boards to create a disposal, bot-net like, distributable Wi-Fi spying system. 

Once deployed, the sub $50 devices can crack and use the target’s wireless network to communicate back to the attacker using encrypted channels. As explained the F-BOMB, or “Falling or Ballistically-launched Object that Makes Backdoors“, can be deployed by being thrown into the target’s complex, hidden inside other objects, or even delivered via quad rotor drone.

But what would an F-BOMB be without brains? And this is where Reticle comes in.

Reticle is the software brain behind the cheap hardware brawn. Basically it is “Leaderless Command and Control” software that combines several open source products that in essence create an intelligent, fault tolerant and fully encrypted remote spying platform.

And get this, the software part of the project was created with funding from DARPA, the government’s advanced DoD research organization. Reticle was created under DARPA’s Cyber Fast Track program. A program that helps get idea’s to functional tech with greatly reduced paperwork and overhead.

Here is Brendan’s Bsides Las Vegas 2012 provided on YouTube by Adrian Crenshaw (aka IronGeek):

(NSFW intro comment)


Later this month at Black Hat USA 2013 Brendan will talk about his latest creation of this technology called CreepyDOL.

According to the presentation overview:

“CreepyDOL is a distributed sensing and data mining system combining very-low-cost sensors, open-source software, and a focus on user experience to provide personnel identification, tracking, and analysis without sending any data to the targets. In other words, it takes you from hand-crafted, artisan skeeviness to big-box commodity creepiness, and enables government-level total awareness for about $500 of off-the-shelf hardware.”

Sounds cool, in a really creepy way!

So, check out Brendan’s Bsides video from last year, and if you are at Black Hat this month, be sure to stop in and check out his presentation!