beaups
Well-Known Member
It's not semantics at all. Exploitation with a one-way payload is not revolutionary by any means. But all of this aside, if someone wants to steal your vehicle, there are much easier and commercially available ways to do that vs trying to exploit some uconnect vulnerability that may or may not exist. But, again, if that was the path the attacker wanted to take and the SGW was somehow in the way, the attacker could just spend 5 seconds removing it.Sean,
Symantics. Remote to me infers that you are not near the vehicle. For thieves this is certainly not the case. Bluetooth is certainly a nearby interface with very short range. One also has to 'hack' the pairing of both transceivers which infers physical access. FM, AM and Satellite are receivers only uni-directional (one-way). A connected interface to me is bi-directional (two-way) and the internal cellular radio of the UConnect-4s are the only practical connection point.
Certainly if you 'hack' Bluetooth, the attacker's unit can the provide the internet connection. This would be exactly like playing Spotify in you rig with your cellphone.
However, my point while an intrusion is difficult it is certainly possible (non-zero probability) for unintended access into your vehicle's drive-by-wire control system. Much more easier however without the SGW.
Removing the SGW is clearly an enabling mechanism. It's not so much the size of the attack surface (still smaller the better), it's about a successful intrusion independent of size. It only takes one access vector, in order to either steal (remote start, door unlock) or alter any other normal operating behavior.
Jay
Keep in mind also that the SGW is in no way an air gap, and assuming it isn't easily defeated by a remote attacker is dangerous.
Sponsored