back to article Tencent research team scores free powerups for electric cars with Raspberry Pi-powered X-in-the-middle attack

Researchers have used the Black Hat Asia conference to demonstrate the awesome power of the Raspberry Pi as a car-p0wning platform. Chinese web giant Tencent's Blade Team, a security research group, showed they could circumvent payment schemes used at electric vehicle charging stations. Their exploits also changed the charging …

  1. This post has been deleted by its author

    1. Hubert Cumberdale Silver badge

      Re: I love Asian names...

      The 1970s called...

      1. Anonymous Coward
        Anonymous Coward

        Re: 1970s

        Ahh! Happier times...

        1. Yet Another Hierachial Anonynmous Coward

          Re: 1970s

          When the sun never stopped shining, it never rained, we had proper snow in winter, electricity and petrol were so cheap they were not worth the hassle of billing, 3 TV channels was excessive, computers were the size of tennis courts. And you could make jokes without people being offended. Oh, and there was decent music on the radio to listen to, too

          Yes, much happier times.

          1. Red Ted Silver badge
            Go

            Re: 1970s

            It was really only 2.5 channels on the TV, as BBC2 broadcast Open University lectures and the like during the day.

            As for the music quality, your impression is coloured by Survivor Bias. I can find lots of examples of rubbish music from that decade!

            1. Hubert Cumberdale Silver badge

              Re: 1970s

              Well, in any case, the OP (who shall remain nameless) saw sense and retracted. Also: the OU lectures definitely did count as proper television. Mesmerising, even when I was eight.

          2. Blackjack Silver badge

            Re: 1970s

            Then again the 80s had great music, movies and TV.

            The decade itself sucked but the entertainment was awesome. Oh and videogames too!

            https://www.youtube.com/watch?v=PQs5tXqgg8Q

  2. Pascal Monett Silver badge
    Flame

    "messages sent on the Controller Area Network"

    And here I go again.

    Sorry to grind the same organ again, but since when has it been a good idea to mix the network controlling the car with the network accessing the outside ?

    Answer : never. But the beancounters argue for economy of scale.

    Fuck them.

    Beancounters are the bane of security and common sense.

    1. DrXym Silver badge

      Re: "messages sent on the Controller Area Network"

      In this case it doesn't sound as if they are. An electric car and the charger communicate over the connection cable. It's basically a variant of HomePlug Powerline with a transport that rides over the current. When you plug the cable in, they'll handshake to say who each of them is, what charge formats they are, enable / disable charging, status etc.

      <p>

      Presumably one or both ends of this connection aren't very good so they can be spoofed, e.g. altering data or replaying it. But to exploit the hack you'd have to perform a man-in-the-middle - basically your own extension cable which pretended to be the charger on one side and the car on the other and falsified the data. It's probably very specific to the vehicle and charger too, even the firmware version. So is it a class exploit? Probably not.

      <p>

      There are probably other hacks that can occur from the outside. We know that some cars come with apps that allow you to control aspects of the car - air temperature, and such like. So it might be possible to cook someone's dog / baby, or lock the occupant out of the car, or pop the boot, or disengage the handbrake. But those would be different kinds of attack.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021