Re: "messages sent on the Controller Area Network"
In this case it doesn't sound as if they are. An electric car and the charger communicate over the connection cable. It's basically a variant of HomePlug Powerline with a transport that rides over the current. When you plug the cable in, they'll handshake to say who each of them is, what charge formats they are, enable / disable charging, status etc.
<p>
Presumably one or both ends of this connection aren't very good so they can be spoofed, e.g. altering data or replaying it. But to exploit the hack you'd have to perform a man-in-the-middle - basically your own extension cable which pretended to be the charger on one side and the car on the other and falsified the data. It's probably very specific to the vehicle and charger too, even the firmware version. So is it a class exploit? Probably not.
<p>
There are probably other hacks that can occur from the outside. We know that some cars come with apps that allow you to control aspects of the car - air temperature, and such like. So it might be possible to cook someone's dog / baby, or lock the occupant out of the car, or pop the boot, or disengage the handbrake. But those would be different kinds of attack.
Biting the hand that feeds IT
