Re: I love Asian names...
The 1970s called...
Researchers have used the Black Hat Asia conference to demonstrate the awesome power of the Raspberry Pi as a car-p0wning platform. Chinese web giant Tencent's Blade Team, a security research group, showed they could circumvent payment schemes used at electric vehicle charging stations. Their exploits also changed the charging …
This post has been deleted by its author
When the sun never stopped shining, it never rained, we had proper snow in winter, electricity and petrol were so cheap they were not worth the hassle of billing, 3 TV channels was excessive, computers were the size of tennis courts. And you could make jokes without people being offended. Oh, and there was decent music on the radio to listen to, too
Yes, much happier times.
And here I go again.
Sorry to grind the same organ again, but since when has it been a good idea to mix the network controlling the car with the network accessing the outside ?
Answer : never. But the beancounters argue for economy of scale.
Beancounters are the bane of security and common sense.
In this case it doesn't sound as if they are. An electric car and the charger communicate over the connection cable. It's basically a variant of HomePlug Powerline with a transport that rides over the current. When you plug the cable in, they'll handshake to say who each of them is, what charge formats they are, enable / disable charging, status etc.
Presumably one or both ends of this connection aren't very good so they can be spoofed, e.g. altering data or replaying it. But to exploit the hack you'd have to perform a man-in-the-middle - basically your own extension cable which pretended to be the charger on one side and the car on the other and falsified the data. It's probably very specific to the vehicle and charger too, even the firmware version. So is it a class exploit? Probably not.
There are probably other hacks that can occur from the outside. We know that some cars come with apps that allow you to control aspects of the car - air temperature, and such like. So it might be possible to cook someone's dog / baby, or lock the occupant out of the car, or pop the boot, or disengage the handbrake. But those would be different kinds of attack.