Some fascinating research out on hacking a Subaru via STARLINK connected vehicle service. "On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK connected vehicle service that gave us unrestricted targeted access to all vehicles and customer accounts […] - ThreadSky

About ThreadSky

briankrebs.infosec.exchange.ap.brid.gy • 36 days ago

Some fascinating research out on hacking a Subaru via STARLINK connected vehicle service.

"On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK connected vehicle service that gave us unrestricted targeted access to all vehicles and customer accounts […]

Comments

klefstadmyr.social.vivaldi.net.ap.brid.gy•36 days ago

@briankrebs Not very nice of him to release the blog post 10 months before telling them, though.

/s

Landwomble.mastodon.cloud.ap.brid.gy•36 days ago

@klefstadmyr @briankrebs looks like a typo, the blog is dated 23rd Jan 2025 i.e. today

stux.mstdn.social.ap.brid.gy•36 days ago

@briankrebs Easily hackable cars + self-driving public beta test

What could go wrong 🤔

baoigheallain.mastodon.ie.ap.brid.gy•36 days ago

@briankrebs @Nicovel0 Smart cars are not very smart

rustoleumlove.mastodon.online.ap.brid.gy•36 days ago

@briankrebs at least one thing that is pretty effin rad about riding my track bike - it cannot be hacked remotely by some fckwad
and the bike doesnt collect any GD data

gme.bofh.social.ap.brid.gy•36 days ago

@[email protected] @[email protected] But you carry your cellphone with you, right? 😂

wolf480pl.mstdn.io.ap.brid.gy•36 days ago

@briankrebs wait what? remotely starting the car????

Idk about other countries, but here it's illegal for the driver to walk away from a car while the car's engine is running. So the ability to turn the engine on without the driver's physical presence sounds like something that should never be […]

jrconlin.mindof.jrconlin.com.ap.brid.gy•36 days ago

@briankrebs

Gonna guess this is pretty much the same vulnerability that Kia had a while ago.

Also going to bet that it's not just Kia and Subaru that have this vulnerability.

(Gotta pad those VINs, kids.)

stuartl.mastodon.longlandclan.id.au.ap.brid.gy•36 days ago

@briankrebs Friends don't let friends implement security controls exclusively in the front-end.

Posting Rules

Be respectful to others
No spam or self-promotion
Stay on topic
Follow Bluesky's terms of service

Comments

Posting Rules

Reply