12 July 202224 May 2023 by Clive Catton

The Rolling Pwn Attack – Honda drivers beware! UPDATED

Here is another research paper outlining how the wireless security car manufacturers are suing to secure our vehicles is woefully inadequate. The vulnerability often comes from the technology being used, having been developed for another task altogether.

This time it is Honda – check to see if your car is on their list:

Rolling PWN attack – Kevin2600 and Wesley Li

As the report says similar flaws could impact other makes and models of cars!

The is hope as Honda is doing something about the lack of security:

Honda redesigning latest vehicles to address key fob vulnerabilities – The Record by Recorded Future

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading

How to unlock a Tesla that does not belong to you! – Smart Thinking Solutions

Research that shows it is possible to hack an iPhone when it is turned off and drive off in your Tesla – UPDATED 18 May 2022 with real world examples of Bluetooth vulnerabilities – Smart Thinking Solutions

Please Note:

I am on leave so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary

Always Enabled

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
CONSENT	16 years 3 months 3 days 14 hours 29 minutes	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Others

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Cookie	Duration	Description
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".