不需要中国电动车,可以控制任何KIA汽车,只需要看汽车牌照

billwanhua

本站元老
注册
2005-07-07
消息
15,377
荣誉分数
4,816
声望点数
373
拿一个手机,根据KIA 车牌号码,30秒就能操控任何车,还可以假装owner找到车主的一切个人信息,甚至开启汽车的摄像机

I don't know, but I do know I need any of my cars, electronics, door lockers as less smart as possible.
WHO knows if there's a backdoor or a flaw or any loop holes somewhere out there


A new proof of concept released this week—simply called Kiatool—is probably the most powerful attack against any Kia we've seen yet.

There's a couple of issues here. First is the glaring threat to the vehicle itself. I mean, let's cut right to the chase—you can unlock and start the car with just the license plate. That... really bad. Like a relay attack on steroids. And it could all done without the owner ever noticing a thing (except for an eventual missing car or belongings).

Even scarier is the privacy issue at play. The exploit allows the attacker to fetch information about the owner's name, phone number, email address, the location of the vehicle, and, in some cars, even allows the vehicle's cameras to be accessed remotely.

In theory, this would allow for an attack chain that lets a driver pull up to a car at the grocery store to get the plate, silently add a burner email account to the owner's Kia account, find its location later on, then check the cameras to make sure nobody is around when they want to snatch it. Or, worse, use it to target the owner. Scary stuff.
 
最后编辑:
KIA名字不吉利,Kill丫的。
 
必压低
这名字谁起的
 
后退
顶部