[HN Gopher] Millions of Cars Exposed to Remote Hacking via Perfe...
___________________________________________________________________
Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack
Author : Bender
Score : 70 points
Date : 2025-07-10 18:13 UTC (4 hours ago)
(HTM) web link (www.securityweek.com)
(TXT) w3m dump (www.securityweek.com)
| minusLik wrote:
| Is there an exploit? I've always wanted to explore the inner
| workings of my car's computer system, but I don't know how.
| noman-land wrote:
| Look up OBD-II.
| Ccecil wrote:
| I recently read "The car hacker's handbook". It seemed to
| explain the basics very well and pointed me to all the
| necessary software and hardware to get started.
|
| It is an interesting topic for sure.
| minusLik wrote:
| That book looks very promising. Thanks a bunch!
| asdff wrote:
| Seems like early 2000s cars were the last of the good cars. You
| had full airbags by that point but cars were mostly still just
| basic fuel injected internal combustions engines with sensible
| transmission choices that had seen probably decades of iteration
| at that point. If you wanted some crazy infotainment its not hard
| to roll your own with the standard sized stereo slots in those
| cars. No telemetry. No "driver aids" behaving
| nondeterministically. Mechanical linkages vs by wire. Just a car.
| Starts with a key. Exactly what is says on the tin and nothing
| more or less.
| MisterTea wrote:
| I miss them too.
|
| Re. the radio: Now its a big useless screen that shows me
| useless data while still hiding all the useful data that I can
| get over OBD-II. And whats worse, that screen is tied to your
| fucking cars computer and configures your car so you cant
| remove it, no matter how much the software sucks. I hate my
| 2022 CR-V's garbage infotainment screen. Its a shit UI, shit
| audio quality, and the Bluetooth is bugged to all hell. I
| already have a computer with me in my car called a phone that
| does everything but better. And that's not saying much.
| spacecadet wrote:
| I own a bunch of impractical cars, but my daily driver is a
| 2005 Honda. I always explain to people exactly this. It's the
| last good year before everything became too digitized and
| wireless. It's got physical controls, a real horn, a cable
| driven throttle and at 350,000 miles with so little maintenance
| and no sign of stopping.
|
| I also own a 05 55 AMG, also all mechanical, but oh so
| impracticable :D
| LightBug1 wrote:
| Think you're onto something. I'm still rolling a 2005 Toyota.
| Incredibly functional, reliable, and I can add whatever I want
| and choose instead of having it forced down my throat by the
| current wave of nonsense ... Oh, and zero worries about it
| being hacked !
| avgDev wrote:
| Ah, I agree for the most part, however, safety has definitely
| moved forward. There is a lot more to safety than airbags and
| seatbelts.
| strulovich wrote:
| My car hit the breaks for me last week on a highway. I'm
| quite happy with the computerization of cars for this reason.
| It could be better as the link shows the downsides, but it
| probably has saved (tens of?) thousands of lives overall.
| avgDev wrote:
| Even the structures of cars have improved. The crumple
| zones and structural rigidity is constantly evolving.
|
| I also like sensors and crash avoidance tech.
| stavros wrote:
| My car hit the brakes for me last week on a highway as
| well, except there was no reason to, there was nothing
| there. I'm not as happy.
| kevin_thibedeau wrote:
| I intentionally opted out of these sort of driver assist
| features because I don't trust the firmware going into
| them. If a safety misfeature can be disabled manually you
| also run the risk of an insurer denying a claim if they
| find out it wasn't engaged. Better to not have it in the
| first place and use the mark I eyeball for safety.
| potato3732842 wrote:
| A couple months ago I was driving a rental and I coasted up
| on slow exit traffic with the intent of dodging right after
| the person to my right passed me. Well I got that far but I
| got close enough to the slowing traffic in front of me in
| the process it decided to brake. And of course because
| electronic throttle they lock you out of the gas. And it
| takes a couple seconds for it to decide that no, I really
| did want to go fast, so it lets me do that but of course
| the CVT needs to incrementally wind its way there at a
| leisurely pace.
|
| So instead of cleanly pulling off my merge into a lane
| going 10mph faster than me I look like a goddamn moron for
| zipping over and then hard braking away 20mph of speed. All
| because some programmers buried in Toyota HQ somewhere
| spent too much time on the HN or Reddit or whatever circle
| jerking it in the comments with the "you can never go wrong
| by braking" crowd. Could have been way worse had it been a
| spicer situation, like merging into traffic with a disabled
| vehicle at the end of the merge ramp.
|
| A car should do what I say. I can understand doing
| something when I have provided no input or perhaps ignore a
| 0-100% press to prevent wrong pedal accidents but this is
| just horrible systems design. If I'm traveling at speed and
| mash the gas it stands to reason I did that on purpose.
| potato3732842 wrote:
| Each improvement is hugely less influential than the last.
| Seatbelts get you 90% of the way there. Airbags do most of
| the rest, etc, etc.
| Gigachad wrote:
| All those improvements have been undone by the entire
| market turning in to brodozers and soccer mum tanks.
| qualeed wrote:
| Backup cameras are amazing. Especially now that I have kids
| shorter than my trunk line, I appreciate them even more.
|
| A lot of the other stuff, though, I agree with you.
| giantg2 wrote:
| Back up cameras can easily be added aftermarket if wanted.
| But frankly, many of those older cars had much better
| rearward vision that anything today.
| taeric wrote:
| We must have driven very different cars. Rear visibility
| has always been terrible, and rear cameras are a god send.
| const_cast wrote:
| Older cars are more likely to be things like coupes, a form
| factor more or less abandoned today. I know, I used to
| drive a coupe. Dear God, the rear visibility was the worse
| out of any car. And the side blind-spots. You'd think a
| small vehicle would have good side visibility but no, all
| you get are those tiny little back windows.
|
| But, it was a beauty.
| qualeed wrote:
| Sure, but where I live they are mandated by law in every
| new car.
|
| There's plenty of kids on my street, and I'm much more
| comfortable knowing _everyone_ has one when backing out of
| a driveway, and not just the people who bothered to go get
| one installed aftermarket.
| sugarpimpdorsey wrote:
| I'm routinely ridiculed for driving a car with a traditional
| ignition key, and insisting upon it, as if it's exclusive to
| Luddities.
|
| Everyone else can enjoy their reflection/replay attacks or
| whatever.
|
| Honorable mention to Toyota who has still not completely
| abandoned this simple, functional technology for a clunky fob
| that can be easily hacked.
|
| FWIW, fobs are _not for your convenience_. It 's for theirs.
| globular-toast wrote:
| > FWIW, fobs are not for your convenience. It's for theirs.
|
| Same with touch buttons. Not for you convenience, it's for
| theirs.
| taeric wrote:
| I'm curious who you are routinely interacting with that they
| care about your car keys. :D
|
| I do think the writing is on the wall for old fashioned keys,
| though? For one, they don't really give you that much
| protection. As laughable as poorly done key fobs are, a
| physical key is a pretty low bar as far as deterrence goes.
|
| It can be annoying to consider, but cultural norms protect
| cars far more than anything else. Is why many in suburban
| areas can get away with having their keys in the cars at all
| times.
| sugarpimpdorsey wrote:
| Keys have been chipped for > 30 years. The technology is
| proven, secure, and reliable. Kia and Hyundai learned this
| the hard way when they tried to shave pennies a few years
| ago.
|
| Fobs just created another attack vector catering to people
| too lazy to take it out of their pocket or purse.
| gottorf wrote:
| > people too lazy to take it out of their pocket or purse
|
| Keyless start has another legitimate function besides
| laziness: it allows you to leave your car locked with the
| engine (and AC) running while a baby or dog is inside.
|
| Of course, you can accomplish the same by having two keys
| with you; you decide whether that's another example of
| laziness. :-)
| sugarpimpdorsey wrote:
| It's not a legitimate function because the car will beep
| at you if you walk away.
|
| Some aftermarket remote starts have this feature.
|
| However, in many states it's illegal to leave a car
| running unattended.
|
| Though one could argue in court the baby or dog could
| serve as the attendant. Having said that, leaving a baby
| or dog unattended, AC or not, is just stupid.
| zamadatix wrote:
| Chipped keys have constantly fallent to cloning attacks
| and worse. The idea "you insert it therefore the whole
| system is secure" is backwards reasoning when the problem
| is the chips, protocols, and buggy security
| implementations themselves.
| sugarpimpdorsey wrote:
| Moving the goalposts. No chipped key car has ever been
| stolen by beaming some kit off AliExpress at it and
| simply driving away.
| _heimdall wrote:
| I came to the same conclusion. The exact year varies a bit by
| manufacturer.
|
| Chevy's pre-2008 were in a good spot, maybe 2007 for the
| avalanche body change? Quite a few Hondas and Toyotas were good
| through the early teens, especially the 4 cylinders.
|
| I have a late 80s GMC pickup, 2005 Buick, and a Chevy Volt. The
| only one I have any real issues with is the Volt, though that's
| only been the last couple years as the battery is getting old;
| the most frustrating thing is needing to run questionable
| software on an airgapped laptop just to turn the Volt back on
| when a high voltage safety flag is flipped tripped in the
| computer.
| rlf_dev wrote:
| There still are cars being sold without much of new
| "technology", I daily a MY2024 Abarth 595 that still doesn't
| have start-stop, ECall, auto braking, telemetry, lane-assist,
| the infotainment is replaceable by a standard third-party box
| without messing with the rest of the car and still has a
| traditional ignition key. It's a basic turbocharged FIAT FIRE
| engine, so maintenance is stupidly cheap and anyone can do it.
| dmitrygr wrote:
| Bluetooth stacks are very complex due to the initially-vague 1.1
| spec and the need for thousands of per-device quirks handlers.
| Even as specs were tightened, old device interop remains needed.
| If you implement a stack precisely as per spec, about half the
| devices out there won't work with it (no exaggeration).
|
| This situation is not a recipe for good code. Now that BLE has
| audio (the last thing from classic that it lacked), we can begin
| phasing out BT classic and this mess. However, it will be a
| decade before anyone can safely drop bt classic interop.
|
| Basically: anywhere you have a Bluetooth stack that supports bt
| classic, feel free to ASSUME there are RCEs and DOSs lurking. You
| will not be wrong.
|
| Source: a full blown case of PTSD from having written and
| debugged a few BT stacks
| Gigachad wrote:
| Could still contain it though. Bluetooth would only be needed
| for the non critical sound/calls/navigation stuff which should
| be it's own separate subsystem, on a read only OS with boot
| chain security so even if you did find an exploit in the
| bluetooth stack, it would only give you access to very
| unimportant things, and only until the car reboots.
|
| Of course I don't expect it's implemented anywhere near
| securely, but in theory it's very possible.
| bdavbdav wrote:
| I'm half excited about this, and hoping I can exploit the
| infotainment on my Octavia 4
| sugarpimpdorsey wrote:
| > The attacker may also be able
|
| The infosec community loves their weasel words don't they?
|
| The only other career path other than "meteorologist" where they
| get it wrong half the time with the burden of proof on the
| recipient, and everyone looks the other way.
|
| Show your work, or it's not possible.
| Sohcahtoa82 wrote:
| This is the wrong attitude to have.
|
| There are cases where vulnerable code is found, but it may take
| weeks of tinkering to actually build an exploit that gets
| arbitrary RCE.
|
| An example could be a buffer overflow that only allows a few
| bytes to be written. At first, you're likely just causing
| segmentation faults. DEP and ASLR will make writing an exploit
| that gives RCE difficult. This is when an attacker "may" be
| able to do something, if there's an attacker determined enough
| to figure out a full exploit.
|
| The original researcher might not be interested in spending
| that time and just wants the vendor to fix it.
| sugarpimpdorsey wrote:
| Unfortunately, you can only cry wolf so many times before no
| one will believe you anymore.
| sorenjan wrote:
| I read recently about how some cars can be hacked and stolen
| through the CAN bus to the headlights.
|
| https://arstechnica.com/information-technology/2023/04/crook...
___________________________________________________________________
(page generated 2025-07-10 23:01 UTC)