Ken TindellApr 4, 2023
A while back @mintynet had his car stolen in a keyless theft. He called me in as a #canbus guru to help work out how exactly the car was stolen, and now we know exactly how they did it and also how to stop them. We call it "CAN Injection πŸš˜πŸ’‰" and I've written the whole story up in a blog post: https://kentindell.github.io/2023/04/03/can-injection/
CAN Injection: keyless car theft

This is a detective story about how a car was stolen - and how it uncovered an epidemic of high-tech car theft. It begins with a tweet. In April 2022, my friend Ian Tabor tweeted that vandals had been at his car, pulling apart the headlight and unplugging the cables.

Ken Tindell’s blog
Show threadAxel 🚴😷🐧πŸͺ⌨ | #WeAreNatenomApr 7, 2023

@kentindell: Issues like this and the Tesla peeping story currently making the round are some of the reasons why I (as an IT security guy) am happy to only own cars with neither #CANbus nor internet connectivity nor cameras. Even my #EV has no CAN busβ€”it's a #CityEL from the '90s. πŸ˜‡ And my daily driver (or rather fortnightly driver) even has no electronics at all, at least ex works. And I can tell you the purpose of every part of it. (Do that with your car! πŸ˜‰) It's a CitroΓ«n #2CV.

Cc @mintynet

Show threadmintynetApr 7, 2023
@xtaran @kentindell
My other car is almost as basic as possible. It has 3 ECUs, 2 I built but includes CAN (no control, just monitoring)
Show threadAxel 🚴😷🐧πŸͺ⌨ | #WeAreNatenomApr 7, 2023

@mintynet: Nice! *slightenvy* πŸ˜‰ #Lotus or #Caterham? πŸ™‚ "Zetec" points towards a Ford engine, right?

Cc @kentindell

Show threadmintynet
@xtaran @kentindell 2.0 Blacktop zetec on gsxr600 throttle bodies, megasquirt 2.0 ECU, long 1st gear, full Sierra cosworth rear end, Scorpio cosworth front hubs and brakes. About 150bhp in 700kg
Apr 7, 2023 at 10:45amWeb