BMW recently fixed a security hole in their ConnectedDrive software, which left 2.2 million cars open to remote attacks. Security expert Dieter Spaar reverse engineered the system and found some serious flaws [note: if you'd prefer English to German, try this translation],
including using the same symmetric keys in all vehicles, not encrypting
messages between the car and the BMW backend or using the outdated DES.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.