Denis Laskov 🇮🇱Oct 2, 2023

Gone in 61 seconds.

The keys were left near the front door.

Show threadMy camera shoots fascists

@it4sec

This and CAN attacks are a perfect illustration of "blue team has to be perfect every time, red team only needs to find one mistake." Until car manufacturers become liable for the thefts, they have little incentive to find and fix the vulnerabilities they've created. Being perfect is expensive.

Pro tip: drive an older car and put in a hidden fuel pump cut off switch. (I'm guessing that's probably too complicated in the modern motorized computers called cars.)

I recently crossed paths with an acquaintance in the parking lot who pointed to her new truck and excitedly told me how cool it was that she can control the entire thing with her phone... 😱🤦‍♂️

Oct 4, 2023 at 2:24pmWeb
Show threadJCR Oct 13, 2023

@Mikal @it4sec Even in late-model cars there are still separate fuses for things like the fuel pump etc, so I presume a cutoff switch is still possible.

Of course, you can also track thieves with telematics like OnStar…if you pay for the subscription :/

Show threadMy camera shoots fascistsOct 13, 2023

@jcr @it4sec

I will never let auto companies stick their spyware in any car I own. It may not be possible to disable it in new vehicles, but an older ones it's often not difficult. In 2000-teens Tacomas for example the telematic transceiver is controlled by a single fuse that you can remove, or you can pull the dash off and take the unit out.