Tag Archive for: Minutes

Hackers could steal a Tesla Model X in minutes, security researchers say

/in


It was the latest security experiment from the COSIC group at the University of Leuven in Belgium, which had previously found a similar vulnerability with Tesla’s Model S luxury sedan, where a key fob was also to blame.

The researchers said they were able to break into the SUV, which starts at $80,000, using a few hundred dollars’ worth of equipment.

Researchers noted that process took about 90 seconds.

The researchers, who informed the company of their findings on Aug. 17, said Tesla is rolling out an update intended to address the issue. An over-the-air software update is being pushed to the key fobs, they said, which will better lock them down.

Wired was first to report on the vulnerability. Tesla did not respond to a request for comment.

Lennert Wouters, a PhD student at the COSIC research group, said in an email that the problem is not necessarily unique to Tesla.

“This system was developed in-house by Tesla, so this exact vulnerability most likely only applies to the Tesla Model X,” he wrote. “However, other keyfobs which have an insecure firmware update mechanism could also be vulnerable to a similar attack.”

Among the key vulnerabilities, Wouters noted: the lack of “cryptographic signatures” in the firmware update process, meaning a key fob has no secure way of certifying whether an update is legitimate; and an insecure pairing protocol that allowed a new, modified key fob to be paired to a Model X.

Equipment to break into the car included a $35 Raspberry Pi computer, a modified key fob and a salvaged Tesla Model X control unit bought off eBay. Researchers used the spare control unit to get key fobs within several meters to advertise themselves as “connectable.” After that, they pushed out a software update to the key fobs that would “acquire a valid unlock message” so they could unlock the car later, Wouters said. They noted that the software in Tesla’s key fobs could be updated without an additional layer of security that would verify its authenticity.

“As this update mechanism was not properly secured, we were able to wirelessly compromise a key fob and take full control over it,” Wouters said in a news release. “Subsequently we could obtain valid…

Source…

Tianfu Cup Hackers Exploit Microsoft Windows, Google Chrome, and iOS in Minutes

/in


password hack free pixabay

How easy is it hack some of the world’s most popular software, such as Microsoft’s Windows 10 and Google’s Chrome? Well, quite easy it seems, at least for some of the world’s best hackers. That’s what happened at this year’s Tianfu Cup in China, where brand new exploits were used against leading services.

If you are unfamiliar with the Tianfu Cup, it is one of the biggest hacking competitions in the world and the largest in China. Held in central China city Chengdu each year, the competition has become a proving ground for security researchers.

It is also a place where the best tech software can test their mettle against zero-day exploits. Over the two-day event, security researchers test how popular software can handle zero-day vulnerability threats.

Hackers at the Tianfu Cup are looking to exploit apps and programs with never-seen-before attacks. If they succeed a point is earned, and the researchers with the most points win prizes. Last year, Microsoft Edge was successfully breached, and it seems Windows 10 was this year.

While that’s not good news for Microsoft, the company is certainly not alone. In fact, many leading platforms and services were compromised during the event. It is worth noting companies welcome these hackathons for exposing issues in software that can be fixed before an in-the-wild exploit is made.

“Many mature and hard targets have been pwned on this year’s contest,” organizers said today. The following services were successfully breached:

  • iOS 14 running on an iPhone 11 Pro
  • Samsung Galaxy S20
  • Windows 10 v2004 (April 2020 edition)
  • Ubuntu
  • Chrome
  • Safari
  • Firefox
  • Adobe PDF Reader
  • Docker (Community Edition)
  • VMWare EXSi (hypervisor)
  • QEMU (emulator & virtualizer)
  • TP-Link and ASUS router firmware

Fifteen Chinese hacking groups took part in the Tianfu Cup this year. Each hacker gets three five-minute windows to attempt to…

Source…

How to Hack a MacBook in Less Than 5 Minutes

/in

This is a very useful, but somehow also dangerous trick. Useful because you can still access your Mac even if you forgot your password. Dangerous because anybody could steal a Mac and access it …
mac hacker – read more

The ultimate breakfast hack: ‘Air fryer guy’ wows thousands with his morning bacon and egg meal that is ready in just seven minutes

/in

An Australian man who goes by the name ‘Air Fryer Guy’ has taken the internet by storm with his inventive seven-minute breakfast using Kmart’s popular $ 89 air fryer.
mac hacker – read more