Re: [93attendees] Timely article in Wired - Hackers Remotely Kill a Jeep on the Highway—With Me in It
Alexandre PETRESCU <alexandre.petrescu@cea.fr> Fri, 24 July 2015 19:25 UTC
Return-Path: <alexandre.petrescu@cea.fr>
X-Original-To: 93attendees@ietfa.amsl.com
Delivered-To: 93attendees@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 7B9C71A066B
for <93attendees@ietfa.amsl.com>; Fri, 24 Jul 2015 12:25:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.559
X-Spam-Level:
X-Spam-Status: No, score=-3.559 tagged_above=-999 required=5
tests=[BAYES_50=0.8, HELO_EQ_FR=0.35, HTML_MESSAGE=0.001,
MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01]
autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id ci0lHlOsFU8p for <93attendees@ietfa.amsl.com>;
Fri, 24 Jul 2015 12:25:56 -0700 (PDT)
Received: from oxalide-out.extra.cea.fr (oxalide-out.extra.cea.fr
[132.168.224.8])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 4DE401A010E
for <93attendees@ietf.org>; Fri, 24 Jul 2015 12:25:54 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21])
by oxalide.extra.cea.fr (8.14.2/8.14.2/CEAnet-Internet-out-2.3) with ESMTP id
t6OJPrQR001066
for <93attendees@ietf.org>; Fri, 24 Jul 2015 21:25:53 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1])
by localhost (Postfix) with SMTP id 9E23020591E
for <93attendees@ietf.org>; Fri, 24 Jul 2015 21:29:31 +0200 (CEST)
Received: from muguet2.intra.cea.fr (muguet2.intra.cea.fr [132.166.192.7])
by pisaure.intra.cea.fr (Postfix) with ESMTP id 90AC02058B1
for <93attendees@ietf.org>; Fri, 24 Jul 2015 21:29:31 +0200 (CEST)
Received: from [127.0.0.1] ([132.166.84.57])
by muguet2.intra.cea.fr (8.13.8/8.13.8/CEAnet-Intranet-out-1.2) with ESMTP id
t6OJPqBi014816
for <93attendees@ietf.org>; Fri, 24 Jul 2015 21:25:52 +0200
To: 93attendees@ietf.org
References: <75C7581F-A7A6-4B97-B2D9-F3AFFF1BE701@isoc.org>
From: Alexandre PETRESCU <alexandre.petrescu@cea.fr>
Organization: CEA
Message-ID: <55B29140.5090706@cea.fr>
Date: Fri, 24 Jul 2015 21:25:52 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <75C7581F-A7A6-4B97-B2D9-F3AFFF1BE701@isoc.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
micalg=sha-256; boundary="------------ms070606040204050404010004"
Archived-At: <http://mailarchive.ietf.org/arch/msg/93attendees/oYR1mspZccC18-CIeqgO_IAvW5c>
Subject: Re: [93attendees]
=?utf-8?q?Timely_article_in_Wired_-_Hackers_Remotel?=
=?utf-8?q?y_Kill_a_Jeep_on_the_Highway=E2=80=94With_Me_in_It?=
X-BeenThere: 93attendees@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list of IETF 93 attendees that have opted in on this list. "
<93attendees.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/93attendees>,
<mailto:93attendees-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/93attendees/>
List-Post: <mailto:93attendees@ietf.org>
List-Help: <mailto:93attendees-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/93attendees>,
<mailto:93attendees-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2015 19:25:58 -0000
And I hear today Fiat called back 1million(!) such vehicles following that risk. Imagine the costs. NExt time think it better... Alex Le 21/07/2015 16:17, Dan York a écrit : > Given the topic of this morning's technical plenary, I thought it was > an interesting bit of synchronicity that this article appeared on > Wired today: > > Hackers Remotely Kill a Jeep on the Highway—With Me in It > > http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ > > ... and the article references legislation that will apparently be > introduced in the US Congress today: "WIRED has learned that senators > Ed Markey and Richard Blumenthal plan to introduce an automotive > security bill today to set new digital security standards for cars and > trucks". > > The security researchers are apparently going to be releasing more > information about their work and the vulnerabilities they found at > Black Hat in Las Vegas next month. The article indicates they have > been working with Chrysler for some months to get fixes available, > although it sounds like getting the fix applied to vehicles involves a > manual step and so many may remain unpatched. > > The attackers were able to access and manipulate the Jeep over the > cellular network from their home by virtue of knowing the car's IP > address. (Exact mechanism of the attack to be disclosed next month.) > Once connected they were able to rewrite firmware and make various > modifications to the vehicle's actions. > > As our speakers discussed this morning in the plenary, there are a > wide range of security issues that need to be addressed, particularly > as these wired-up cars are connected to the global Internet. > > Dan > > P.S. Threads are naturally active on HN and Reddit: > > https://news.ycombinator.com/item?id=9921557 > https://www.reddit.com/r/technology/comments/3e23ge/hackers_remotely_kill_a_jeep_on_the_highway/ > > > > > > > > > _______________________________________________ > 93attendees mailing list > 93attendees@ietf.org > https://www.ietf.org/mailman/listinfo/93attendees
- [93attendees] Timely article in Wired - Hackers R… Dan York
- Re: [93attendees] Timely article in Wired - Hacke… Chris Morrow
- Re: [93attendees] Timely article in Wired - Hacke… Alexandre PETRESCU