Presentation Material
Abstract
In the realm of telecom and hardware hacking, this research embarks on a thrilling exploration of the vulnerabilities inherent in modern vehicular networks. Leveraging cutting-edge tools like FakeBTS and USRP, our study meticulously dissects the intricate world of car hacking. We unravel the cryptic techniques behind Firmware Over-The-Air (FOTA) exploits, decode the enigma of Firmware Reverse Engineering, manipulate GPS coordinates through Spoofing, exploit covert Processor Side Channels.
From a hacker’s perspective, this investigation not only identifies these vulnerabilities but also illuminates the pathways for potential exploits. Through ingenious Radio Rolling Codes bypassing methods, we expose chinks in the armor of contemporary security protocols, opening a Pandora’s box of possibilities for the astute hacker.
This research serves as a beacon for telecom enthusiasts and hardware hackers, beckoning them to dive into the intricate world of vehicular cybersecurity. Our findings underscore the urgent need for innovative countermeasures, pushing the boundaries of existing security paradigms. As technology hurtles forward, understanding and exploiting these vulnerabilities become paramount, shaping the future landscape of telecom and hardware hacking in the realm of connected vehicles.
AI Generated Summarymay contain errors
The speaker, the presentation on car hacking, a focus on the telematics control unit (TCU) and its vulnerabilities. They emphasized the importance of companies focusing on TCU attacks and mitigating security flaws. The speaker also discussed their experience with creating a fake cell tower to demonstrate the vulnerability of phones connecting to it.
During the Q&A session, Question 1: Radu asked why his phone would connect to the fake tower instead of the original provider’s tower. The speaker explained that rebooting the phone or increasing the range of the fake tower could make it connect to the fake one.
Question 2: An attendee asked if the speaker contacted the device manufacturer, and they replied that they did but received a slow response from the company.
Question 3: Another attendee inquired about potential legal issues with creating a fake BTS (Base Transceiver Station). The speaker advised using a Faraday cage to minimize risks and emphasized the importance of obtaining necessary permissions before conducting such experiments.
Question 4: Theo asked if the speaker faced negative feedback or legal threats from companies affected by their vulnerability discoveries. The speaker responded that they did encounter some bad feedback, but it’s essential to communicate effectively with vendors and avoid being too technical in explanations to avoid problems.