undefined | Better HN

0 pointsbdamm5y ago0 comments

Just because the car has external connectivity doesn't mean the car has abusable vulnerabilities. Of course, some vendors are going to be better than others when it comes to hardening, pen-testing, and good operational security.

0 comments

3 comments · 1 top-level

mysterydip5y ago· 2 in thread

Even if the only allowable connection is the legitimate manufacturer's, the manufacturer itself could be compromised one day (if not already), allowing malicious commands to be sent on the trusted downlink. Or an "oops I found a bug in the code you just pushed to 100,000 cars" could happen accodentally.

Retric5y ago

It’s unlikely but possible for an over the airway connection to actually be inherently secure. One example is an isolated system that could monitor say engine temperatures and oil pressure and nothing else.

compiler-guy5y ago

That sort of system is totally _possible_, but not the way any modern automotive connectivity works.

1 more reply

j / k navigate · click thread line to collapse