Monthly Archives: September 2016

Hackers take over a Tesla’s brakes from 12 miles away.

A Chinese hacking collective has released a video purporting to show the first remote hack of a Tesla vehicle, just a day after Elon Musk’s company announced a rollout of new safety features for its Autopilot software.

The hack was carried out by Keen Security Lab and shows the team controlling the brakes from 12 miles away and operating the door, dashboard screen, trunk, sunroof, lights, windshield wipers, wing mirror and chair – the latter being for any nefarious hacker wanting to make a passenger slightly more comfortable, against their will.

The entire series of hacks was carried out using a laptop, either from across a car park, in the passenger seat, or at a location out of view. But key to the hackers’ claim is the fact they were never plugged into the vehicle as has been the case with previously publicized exploits.

The video appears to portray a pretty damning picture of Tesla vulnerabilities, particularly since the team claims its techniques will work on other Tesla models and not just the S P85 and S 75D used in the demonstration. Plus the hacks were carried out in both parking and driving modes.

However, a Tesla spokesperson said that the set of circumstances necessary to enable the Keen hacks were extremely narrow, by the car company’s own estimation at least.

“The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious Wi-Fi hotspot,” said the spokesperson.

“Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.”

Backing this statement up, there is an odd exchange in the video when the Keen driver is asked by his would-be hackers and colleagues to search for a nearby charging station before setting off.

Most importantly, all the security issues demonstrated in the video were fixed by an “over-the-air” software update that was deployed within ten days of Tesla receiving the Keen report.The narrow set of parameters needed for the hack to be possible, combined with the fact it took the Keen team months of research to collectively discover the hacks, suggests there isn’t too much to worry about.

Nevertheless, seeing lab director Samuel Lvlurch forward in the driver’s seat when the brakes are activated remains a troubling visual reminder of just how dangerous these kinds of vulnerabilities obviously are – this is in spite of the fact the car in the Keen demonstration is travelling at low speeds for safety purposes.

The Keen team is made up of professional hackers. Together they won $557,500 of prize money at the Pwn2Own hack contest in 2015 for a series of exploits including a 30-second Adobe Flash hack.

And these are the kinds of groups Tesla actively seeks help from. “We engage with the security research community to test the security of our products so that we can fix potential vulnerabilities before they result in issues for our customers,” continued the spokesperson. “We commend the research team behind today’s demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research.”

The Keen Security Lab, for its part, reminds all Tesla owners to make sure their firmware is up to date.

This is far from the first time a Tesla vehicle’s safety has been publicly critiqued.

Following the fatal crash in June involving a semi-autonomous Tesla S, a US-Chinese research team proved that a series of off-the-shelf tools could be used to confuse the vehicle’s autopilot sensors and effectively trick it into thinking an object was in front of it that did not exist, or that a real object was not in fact there.

With the memory of the fatal crash still fresh, Tesla announced September 19 it would roll out an updated version of its Autopilot software (8.0) on September 21. This will include more than 200 new safety features and see the car’s radar become a “primary control sensor.”

Tags:, , , , , ,

Could This Be the End of Indoor Cellular Dead Spots?

How SpiderCloud Is Changing The Way We Do Indoor Cellular

Connectivity becomes more important every day, as cellular and WiFi-enabled devices become large facets of everyday life and business stops being tethered to a desk or desktop computer. As many advantages as the leaps forward in mobile technology have provided for both businesses and consumers, they have also drawn attention to the increasingly widespread problem that cellular coverage just isn’t keeping up with the demand. Dead zones aren’t just something out of The Walking Dead, they’re a large part of our indoor cellular experience.

Rural areas, sheltered locations and medium to large buildings can be dead zones for cellular coverage. This situation leads to the strange phenomenon of a metropolitan conference center becoming as cut off from the rest of the world as a remote outpost in Antarctica, via lack of cellular coverage. Large scale solutions to combat cellular dead zones can be expensive and difficult to justify for some smaller venues, but the faster mobile technology integrates itself into every aspect of life, the more dead zones become less of an annoyance and more of a serious problem.

SpiderCloud, a California-based startup, has a unique solution to the cellular dead zone problem. They are treating spotty cellular coverage not as one big problem, but as a series of smaller problems all strung together. Using small cells – a catch-all term for discrete, linkable short-range RF transmitters – SpiderCloud is creating an affordable, scalable cellular Distributed Antenna System designed for medium and large enterprises and venues; a system that is both much more affordable and much more effective than any other solution for providing complete cellular coverage to medium and large buildings.

On its own, a single one of SpiderCloud’s small cells isn’t particularly impressive. Each one has an in-building range that is only in the tens of meters, enough to provide coverage to a small-ish room, but useless over large distances. SpiderCloud’s small cells are not, however, designed to be used one at a time. Instead, the small cells are designed to be used in concert, with many small cells linking together to provide networked coverage over a large area. The system is almost infinitely scalable: while a small venue can make do with a small network, a large venue can continue adding small cells to provide powerful and evenly-distributed coverage over the entire venue. Signal strength and dead zones cease to be issues, as individual small cells can be added to the network to add coverage to specific areas in the venue, and the built-in redundancy of a network of small cells means that if a cell breaks or needs maintenance, the loss of coverage to the entire venue is absolutely minimal.

The infinite scalability factor is definitely one of the unique features of SpiderCloud’s Small Cell deployment model, but SpiderCloud has some other game changing features up their sleeve as well. One of SpiderCloud’s most characteristic features is it’s Self Organizing Network (SON). The intelligent SON feature means that their small cell Distributed Antenna Systems have the ability to self configure, self optimize and self heal; this centralized, single point integration means it’s capable of extremely rapid deployments because there is no manual configuration required.

Another reason, and probably the most important reason, SpiderCloud is standing out from other indoor cellular companies is because their technology is capable of using a building’s existing Ethernet infrastructure for connectivity and power. That’s right, add another switch to your IT rack and you’re off and running. No large orders of tens of thousands of feet of half-inch coax cable are required to serve as the horizontal backbone for their small cells, it’s all run on traditional twisted pair cabling (Cat5e or better). Not only does this translate into major time savings, but it also translates into major money savings as well. In fact, SpiderCloud technology boasts up to 10x the capacity of comparable Distributed Antenna Systems at less than half the price. It’s kind of a big deal.

SpiderCloud’s little-startup-that-could mentality is making waves and winning it valuable friends. In the US, SpiderCloud has partnered with Verizon Wireless for cellular coverage over its small cell systems, while in the UK and Europe SpiderCloud is working with Vodafone and other major mobile carriers. On the east coast, installations have begun in Philadelphia and New York, and venues in Boston are next in line to upgrade their wireless coverage with SpiderCloud’s small cell systems. With such effective technology, strong partnerships, and an IPO on the horizon, SpiderCloud could very well change the way medium to large venues handle cellular coverage almost single-handedly. And who’s the east coast telecommunications firm that’s certified in SpiderCloud Small Cell technology? None other than Telecom Infrastructure Corp.

If you’re interested in upgrading the indoor cellular coverage for your building or office space, then don’t wait, call Telecom today and ask about Distributed Antenna Systems and SpiderCloud.

Tags:, , , , , , , ,