W1NGE
Well-Known Member
- First Name
- Adrian
- Joined
- Jan 11, 2021
- Threads
- 32
- Messages
- 8,792
- Reaction score
- 5,265
- Location
- Aberdeen, Scotland
- Vehicles
- GTS ST, Macan T
Good luck with your conBox exploits!First, the device doesn't have to be actually connected 24/7 in order to be vulnerable. As long as it's connected, it can be attacked from the internet. New vulnerabilities are found every single day in various software packages (one source https://www.cve.org/ ), and fast patching is key to proper cybersecurity maintenance.
Side note, even though I don't have a Taycan, I would not assume "privacy mode" blocks all connectivity. For example, does your car get real time traffic information or is able to do music streaming while in privacy mode? Just because your app cannot connect or you cannot retrieve your own location via the internet, does not mean your car is not connected. Now, I don't have a Taycan yet to verify, I am slowly assembling some Taycan guts on my bench while I'm bored waiting for Porsche to build mine, but I haven't scored a component Porsche calls a "conBox-High" yet from some poor crashed Taycan. I'll update if I confirm myself or find some reliable source, but my money is it's always connected. Devices nowadays are always connected, even in "airplane mode" phones do occasionally turn on some of their radios.
Privacy mode doesn't even have to mean you don't get updates either. I know with Tesla, your car is still connected and gets updates, you just get an error message if you try to connect to the car with the app. I also happen to have designed an OTA system which works on devices in privacy mode (passes GDPR) - the device connects to an ephemeral server which helps determine the appropriate update, then complete wipes all knowledge of the device's connection, the device then goes and anonymously downloads the update and applies it. There is no personally identifiable information stored anywhere outside of the device, the manufacturer's cloud has no idea your device updated, but you have the latest software.
Ah, but there is the gotcha. Imagine a large cyber security hole is discovered in a Taycan, where a malicious actor can connect to your car when it's parked (whenever it is actually online, perhaps not 24/7, maybe 10/6), and initial remote parking with sensors disabled. Imagine someone is doing it to the cars and Porsche saying "please wait while we qualify a fix, then get in line for an appointment, until then park your car deep underground to prevent connectivity, nothing we can do for you".
Consider the false alarm issue Taycan's have been experiencing for last few months. While it does not have as dire consequences, if Porsche had fast OTA's, they could have deployed a new option to permanently disable the internal sensor. They could deploy it to a few cars, see if users report any issues, and if not, do the next wave, then the the next. Worst case scenario, you deploy a revert back to the previous version.
Delivery method for OTA is very insignificant. An update is an udpate, whether it's delivered via WiFI, LTE, sattelite, of a USB stick.
Porsche needs to learn how to deploy OTA's to avoid carnage. You never deploy to everyone. You deploy to test cars first, then a random sample of customers, then more customers, etc. If at any point you run into issues, you stop the deployment of that update, assess the situation, and mitigate (which may include issuing a revert OTA). Now, if Porsche OTA is not yet mature and got itself into a situation where an over the air update broke the car and broke the OTA capability with it, well, that is the one scenario you always have to test - after update the car has to boot up and be able to accept another update, everything else (even ability to drive) is secondary.
Sponsored