Perhaps Keen is being cooperative because it's the right thing to do. Besides, I doubt anyone is getting rich from Tesla's bounty program. As I said earlier upthread Tesla could have convinced them to wait until they reached a certain level of patching before releasing the exploit.
-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Wow interesting. Those Defcon guys had me fooled. So it had nothing to do with the shadow. Pretty sure the step they omitted was the API call thru the VPN which coughed up the token. I'm aware that Tesla patched that by generating the token on the CID. However, the CID still has to communicate it to the mothership. Currently I see only one possible avenue of getting at that token, but it seems it will be salted and hashed so pretty much useless.
Having root access is pretty benign compared to the things I've heard of folks doing WRT tinkering automobiles. With code signing on the gateway I should think that Tesla would be much more lenient about it.
Having root access is pretty benign compared to the things I've heard of folks doing WRT tinkering automobiles. With code signing on the gateway I should think that Tesla would be much more lenient about it.
lunitiks
Cool James & Black Teacher
AFAIK, as long as your car isn't disconnected from the Internet entirely then you've at least been offered the update. If someone out there hasn't received notice of an update since Septemeber then please correct me.
Of course there are folks who won't update. Just like I haven't updated my iPhone to iOS 10. So what? Who cares?
Of course there are folks who won't update. Just like I haven't updated my iPhone to iOS 10. So what? Who cares?
Chris Valasek and Charlie Miller released an in depth analysis of their Jeep exploit not too long after notifying Chrysler of the vulnerabilities:
http://illmatics.com/Remote Car Hacking.pdf
I'm not aware of anyone that has actively targeted unpatched Jeeps maliciously. Unlike Jeep Tesla has the ability to roll out OTA updates. Because of this the attack surface is extremely small at this point. Additionally the Tesla hack is far less severe because it requires the use of the browser. I really don't see the argument to continue to withhold information.
http://illmatics.com/Remote Car Hacking.pdf
I'm not aware of anyone that has actively targeted unpatched Jeeps maliciously. Unlike Jeep Tesla has the ability to roll out OTA updates. Because of this the attack surface is extremely small at this point. Additionally the Tesla hack is far less severe because it requires the use of the browser. I really don't see the argument to continue to withhold information.
As I said a couple of months ago, it's very possible that they agreed to a non-disclosure agreement in return for the bounty. We have no sources but there are several legitimate reasons for them to not go public.
I'm certain a high percentage have been patched. The fewer number of vulnerable cars means a smaller attack surface therefore refuced risk.
I have no doubt that an NDA was involved. However, the speculation before was that there was a time limit on the NDA. Additionally, the researchers presented findings at a public conference two weeks ago. So it seems there is reason keep pushing for disclosure. Besides, what could Tesla do to a group of Chinese hackers if they violated the NDA? Practically, nothing.
I've dealt with this exact thing before and NDA's for security discoveries varied from 3 months to 3 years. Really depends on the risk and mitigation. In any case it said something to me that Elon got involved in communicating with them directly.
green1
Active Member
Yeah but wk057 said or implied that his bounty wasn't much for the vuln he reported last year so we can't assume it was "a bunch of money". It could have even been good will on the part of this research group. We may never know.
