Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Charlie Miller Profile picture
Charlie Miller
@0xcharlie
I'm that 0day guy
May 13, 2021 8 tweets 2 min read
Another interesting paper by @keen_lab about car hacking, this time a Mercedes. I read the car hacking papers (this one is 86 pages) so you don't have to! Thoughts in this thread (1/8) keenlab.tencent.com/en/2021/05/12/… First off, hat tip, great work as usual by these folks. I like how they look at "regular" cars and not just Telsa's here. This paper is more of a pure research paper with lots of info on how things work and security architecture, less about "just one hack" (2/8)
Aug 11, 2020 10 tweets 3 min read
Here is a recap of the Mercedes hacking research performed by Sky-Go team of 360 Group presented at Blackhat. I read the car hacking research so you don't have to :) blackhat.com/us-20/briefing… First off, great work. This is the same group that did the Tesla autopilot research a while back. They reverse engineer the telematics unit of a Mercedes E-class. This includes extracting firmware, modifying it, and refreshing it. Lots of hardware hacking required.
Feb 20, 2020 7 tweets 2 min read
This research (and others like it) is really clever and fun. I'll tell you why it doesn't worry me, though. First it attacks ADAS systems (i.e. not level 4 self driving cars like waymo, cruise, etc). ADAS systems are designed to *help* a human driver and so a human driver is always ultimately be in control and responsible to stop any such tricks played against the system.
Jan 3, 2020 8 tweets 3 min read
Here is my quick take analysis of the latest paper by @keen_lab (keenlab.tencent.com/en/2020/01/02/…). First off, lots of clever work and very interesting read. My favorite part was when they fix up the firmware after messing it up during exploitation by resetting the device. The attack does not require user action, however, the Tesla needs to be connected to an AP (but not necessarily the attacker's AP). The full attack works about 10% of the time. The attack, as demonstrated, takes just over a minute.
Aug 23, 2018 4 tweets 1 min read
Blackhat talk reviews are in. I dug up data for the last 4 years I presented: 2014, 2015, 2016, 2018. In that order the talk received (out of 5): 4.40, 4.92, 4.82, 4.49. I pretty much agree with that order ranking. In those same years, only between 7-13% of attendees filled out the evaluations. Come on people, fill out feedback for speakers! What follows is some highlights and lowlights from these four years of evaluations.
Jul 8, 2018 4 tweets 1 min read
I disagree with all “advice” in this article. Making yourself miserable everyday to protect against an incredibly unlikely attack doesn’t make sense. usatoday.com/story/money/na… “People who store their fobs in Faraday cages aren’t paranoid, experts say”. True, I guess, those people are paranoid AF.
May 22, 2018 21 tweets 4 min read
So @keen_lab just dropped a really awesome paper about hacking BMW cars. Get it here: keenlab.tencent.com/en/Experimenta…. What follows in my analysis (1/21): Their USB dongle to ethernet trick for local attack is funny because that worked on the Jeep too.