Tesla Cars Hackable – Protected by 6 character Password

The high tech Tesla electric car that received 5 stars in safety apparently could be hacked by cracking a 6 character password.

Black Hat Asia presenter and security researcher Nitesh Dhanjani explained last week that the car could be locked and unlocked by cracking a short password.

Tesla users must use an online account with which they can access the car via smartphone app.

Dhanjani found that the online account was susceptible to a brute force password attack that could allow a hacker access to the account. The hacker could then lock and unlock the car remotely, or even track and monitor the vehicle.

Vehicles are becoming more and more computerized and new ways to take advantage of this is being added with each new model. And as several hackers have found over the last few years, securing these features is not always top on the list.

“We cannot be protecting our cars in the way we protected our (computer) workstations, and failed,” Dhanjani said last week.

Tesla has been notified of the issues and have already made changes to the online accounts to make them more secure.


LinkedIn Passwords Stolen and Posted Online

Numerous security sites are abuzz about an estimated 6.5 million LinkedIn passwords that have allegedly been stolen. According to reports about 300,000 have been cracked and were posted in clear text on Russian forums.

Earlier today, LinkedIn confirmed in a blog post that some of the passwords did in-fact correspond to LinkedIn accounts. They also provided information on how they are handling the data breach:

  1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
  2. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link.
  3. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.

LinkedIn is continuing to investigate the breach, until then, the best bet is to immediately change your password. LinkedIn’s recommendations for strong passwords can be found here.

LM Hash flaw: Windows Passwords Under 15 Characters Easy to Crack

Solid State Drive (SSD) based cracking programs have really been a hot topic over the past few years. They are fast, very fast. I did an article a while back on using SSD based look up tables to crack 14 character Windows passwords in 5 seconds.

The blazing speed is possible because of the characteristics of the LM based password hashes that Windows stores along with the stronger NTLM based hashes. The LM based hashes can be cracked with SSD based tables in about 5 seconds. The NTLM version of the password hash is more secure and can take significant time to crack. The solution then is simple, disable LM password hashing.

Sounds simple doesn’t it? Well, the problem is, it doesn’t work. Even when you tell Windows to not store the less secure LM hash of the password, it still does.

Mike Pilkington posted an exceptional article today on this at the SANS Computer Forensics Blog. In his article, “Protecting Privileged Domain Accounts: LM Hashes — The Good, the Bad, and the Ugly“, Mike shows that even when Windows policy is set to disable LM hashes, the hashes are still created!

The interesting thing is that the lower security hashes are not present on the SAM stored on the hard drive. But when the security accounts are loaded into active RAM, Windows re-creates the LM hashes!

According to Mike’s article, the LM Hash can be pulled from active RAM using the Windows Credential Editor (WCE).

What is the solution then? Make your passwords at least 15 characters! The LM Hash only supports passwords of 14 characters or less, so if your password is over 14 characters, Windows can not create the less secure hash.

Why would Windows do this? Some older programs still use LM based security, so most likely Windows creates it even when you tell it not to for backwards compatibility.

For more information, check out Mike’s article.