Hacked w222
#1
Newbie
Thread Starter
Join Date: Jul 2014
Location: Belgium-Antwerp
Posts: 12
Likes: 0
Received 1 Like
on
1 Post
Mercedes S 350 bluetec w222 model 2015
Hacked w222
The new w222 MB-S class is via comand connected to the internet. Questions?
- has comand a firewall?
- what operating system is used?
- can the internet connection be switched off
In the last Hacker conference Defcon, they showed how easy it is to switch off the breakes of a BMW via wifi. It was possisble to take control of the car. This was shown on TV. (I'm not a hacker but as owner of a w222, I'm wurried a lot.)
Any comment?
Read this: http://www.wired.com/2014/08/wireless-car-hack/
http://www.wired.com/2014/07/car-hacker/
- has comand a firewall?
- what operating system is used?
- can the internet connection be switched off
In the last Hacker conference Defcon, they showed how easy it is to switch off the breakes of a BMW via wifi. It was possisble to take control of the car. This was shown on TV. (I'm not a hacker but as owner of a w222, I'm wurried a lot.)
Any comment?
Read this: http://www.wired.com/2014/08/wireless-car-hack/
http://www.wired.com/2014/07/car-hacker/
Last edited by edvro; 09-08-2014 at 04:40 PM. Reason: Added links
#3
MBWorld Fanatic!
Join Date: Dec 2006
Location: Europe
Posts: 6,340
Received 293 Likes
on
245 Posts
223.168 & 213.012 & 906.633 & 214.005
The new w222 MB-S class is via comand connected to the internet. Questions?
- has comand a firewall?
- what operating system is used?
- can the internet connection be switched off
In the last Hacker conference Defcon, they showed how easy it is to switch off the breakes of a BMW via wifi. It was possisble to take control of the car. This was shown on TV. (I'm not a hacker but as owner of a w222, I'm wurried a lot.)
Any comment?
Read this: http://www.wired.com/2014/08/wireless-car-hack/
http://www.wired.com/2014/07/car-hacker/
- has comand a firewall?
- what operating system is used?
- can the internet connection be switched off
In the last Hacker conference Defcon, they showed how easy it is to switch off the breakes of a BMW via wifi. It was possisble to take control of the car. This was shown on TV. (I'm not a hacker but as owner of a w222, I'm wurried a lot.)
Any comment?
Read this: http://www.wired.com/2014/08/wireless-car-hack/
http://www.wired.com/2014/07/car-hacker/
This is a topic that certainly needs attention and MB certainly has paid attention, the question is if they have been careful enough or if some bugs created security problems like on computers connected to internet.
The demonstration was however for a car that had a bluetooth or wifi transmitter connected to the car's diagnosis port: "Last year the two Darpa-funded security researchers spent months cracking into a Ford Escape and a Toyota Prius, terrifying each other with tricks like slamming on the brakes or hijacking the vehicles’ steering with only digital commands sent from a laptop plugged into a standard data port under the dash."
Someone would need to enter your car and attach this device to the OBD port. Quite unlikely that someone entering the car with your permission would install such a device. Still I would not mind if there was a warning message at the dash that "the car is connected to a diagnosis tool".
Internet connection from the car can be disconnected (now I'm talking about ROW market area cars, I don't know if MBrace allows the entertainment part being disconnected).
I doubt COMAND would have any servers that could be connected from internet but a browser vulnerability like for ordinary computers could be an issue when someone accesses an attacker's web page. COMAND entertainment is still supposed to well isolated from the drive train control but I don't think it is possible to prove that this isolation is perfect or even sufficient. It is only possible to prove that it isn't sufficient, meaning someone would identify a security breach.
#5
MBWorld Fanatic!
Join Date: Dec 2006
Location: Europe
Posts: 6,340
Received 293 Likes
on
245 Posts
223.168 & 213.012 & 906.633 & 214.005
They just want to make it more dramatic like using cell phone internet connectivity instead of a short range BT/WIFI connection. Exaggeration is acceptable here to raise awareness of the potential problem early enough.