|
Steak Flavored Gum posted:I quite understand the relationship between barometric pressure and altitude. I also understand that it's only about 1 kPa higher than at sea level at the bottom of Death Valley, about a 1% difference. If that's what's loving with your TPMS, then something is very, very wrong. I was more questioning whether or not they were stupid enough to actually base the software on (edit: GPS) altitude and have some kind of moronic unsigned integer for feet above sea level, which I absolutely could believe. It's Dodge. I mean, if the military can make mistakes like that... http://www.defenseindustrydaily.com/f22-squadron-shot-down-by-the-international-date-line-03087/ I can't find any sources for the rumor about F-16 flight computers crashing when they flew below sea level in Israel, but it is a pervasive rumor.
|
#
¿
May 22, 2015 16:40
|
|
|
|
| # ¿ May 13, 2024 13:14 |
|
|
Somewhat Heroic posted:To all of the motorcycle riders with the strobing headlights though? They need a dick kicking. I hate those things and wonder how they are even legal. At least you notice them.
|
|
#
¿
Jul 2, 2015 21:31
|
|
|
One potential solution, as I see it, is cryptographic. Give every device on the intra-car network a unique public/private keypair, and install the public keys for each device on every other device in the car from the factory. Each vehicle becomes its own web of trust. Pro: You can't replace the radio firmware to send commands to the ABS unit. Con: You have to remove and install keys on every networked device in the car every time you swap a networked device, which would necessitate a trip to an authorized service center. Edit: or, you could pop the EEPROM where the keys are stored out of the old unit and into the new unit. drat that would be easy. "But couldn't you read the private key for, say, the BCM and use that to spoof BCM messages?" Well yeah, but only on that one car! Safety Dance fucked around with this message at 18:56 on Jul 23, 2015 |
|
#
¿
Jul 23, 2015 17:36
|
|
|
SperginMcBadposter posted:That's not what crypto is for and doesn't even stop the attack. Yes it is and yes it does. Let's say, for example, the BCM sends a message to the wipers, telling them to activate. The BCM cryptographically signs the message using its private key. The wipers have the BCM's public key installed, and can verify that the message came from the BCM. Now, let's say the infotainment system received a malicious OTA update that causes it to try to spoof messages from the BCM, telling the wipers to activate. The infotainment system does not have the BCM's private key, so it cannot sign the message.
|
|
#
¿
Jul 23, 2015 19:56
|
|
|
SperginMcBadposter posted:The bcm isn't between the radio and the can bus on the jeep though, so no it doesn't stop the attack. Well yeah, dingus, I'm not saying "re-jigger the Jeep", I'm saying "replace CANbus with a different protocol that works".
|
|
#
¿
Jul 23, 2015 20:17
|
|