edvro

The new w222 MB-S class is via comand connected to the internet. Questions?
- has comand a firewall?
- what operating system is used?
- can the internet connection be switched off

In the last Hacker conference Defcon, they showed how easy it is to switch off the breakes of a BMW via wifi. It was possisble to take control of the car. This was shown on TV. (I'm not a hacker but as owner of a w222, I'm wurried a lot.)

Any comment?

Read this: http://www.wired.com/2014/08/wireless-car-hack/

http://www.wired.com/2014/07/car-hacker/

Chucky300

I'm wurried too

Diesel Benz

I did not find the report for the BMW experiment?

This is a topic that certainly needs attention and MB certainly has paid attention, the question is if they have been careful enough or if some bugs created security problems like on computers connected to internet.

The demonstration was however for a car that had a bluetooth or wifi transmitter connected to the car's diagnosis port: "Last year the two Darpa-funded security researchers spent months cracking into a Ford Escape and a Toyota Prius, terrifying each other with tricks like slamming on the brakes or hijacking the vehicles’ steering with only digital commands sent from a laptop plugged into a standard data port under the dash."

Someone would need to enter your car and attach this device to the OBD port. Quite unlikely that someone entering the car with your permission would install such a device. Still I would not mind if there was a warning message at the dash that "the car is connected to a diagnosis tool".

Internet connection from the car can be disconnected (now I'm talking about ROW market area cars, I don't know if MBrace allows the entertainment part being disconnected).

I doubt COMAND would have any servers that could be connected from internet but a browser vulnerability like for ordinary computers could be an issue when someone accesses an attacker's web page. COMAND entertainment is still supposed to well isolated from the drive train control but I don't think it is possible to prove that this isolation is perfect or even sufficient. It is only possible to prove that it isn't sufficient, meaning someone would identify a security breach.

edvro

It was demonstrated on BBC program Click. People in GB can access it via BBC App.
Thank you for your input.

Diesel Benz

I may have seen this on our local TV or perhaps on a plane. I cannot remember if they actually still used an additional device within the car that receives and sends messages via the OBD port. My understanding is that so far all "successful" attacks have been like this. Can you check carefully the BBC Clip stuff if you can still access it.

They just want to make it more dramatic like using cell phone internet connectivity instead of a short range BT/WIFI connection. Exaggeration is acceptable here to raise awareness of the potential problem early enough.