[Cerowrt-devel] can bus attack
moeller0 at gmx.de
Fri Apr 14 02:08:32 EDT 2023
> On Apr 14, 2023, at 06:04, Dave Taht via Cerowrt-devel <cerowrt-devel at lists.bufferbloat.net> wrote:
> The biggest bug with the early fq_codel deployment was that it dropped
> from head and fq'd which led to the prospect of messages sent out of
> order on the can protocol, which was not designed for that..
[SM] How did CAN react to this bug? Fixing its design or simply requiring in-order-delivery?
> much thought, we ended up overriding the default fq_codel qdisc, for a
> fifo, for the can bus devices, but there were a few years there where
> fq_codel was the default for can, in openwrt, which sometimes keeps me
> awake at night.
[SM] How many critical CAN bus implementations actually use OpenWrt? I thought CAN is big in automobiles, so if any of those use OpenWrt that would be interesting news ;)
> This set of security bugs is bigger and essentially a message flood
> attack on a FIFO, making it possible to steal a car via accessing the
> headlamp, using a 10 dollar adaptor. Fascinating reading.
[SM] It appears automobile designers assumed a non-adversarial environment, which is odd given that 3rd party diagnostic dongles that interface with the car network/bus have been a thing for years.
I guess the good thing is that we do have some well-tested techniques to harden such a design (that are unlikely to be retro-fitable into existing cars, assuming that vendors actually still care about older models anyway).
> AMA March 31: https://www.broadband.io/c/broadband-grant-events/dave-taht
> Dave Täht CEO, TekLibre, LLC
> Cerowrt-devel mailing list
> Cerowrt-devel at lists.bufferbloat.net
More information about the Cerowrt-devel