Course

In the current reality of connected and autonomous vehicles, manufacturers keep repeating security mistakes of the past, with minimal experience adopted by other industries and their failures. And one of those failures, which arguably costed millions in stolen intellectual property, initiated exploit chains and botnets, and helped malicious actors exploit understand and analyze targets more efficiently, is hardware vulnerabilities.

The telephone booth of escape for an attacker after an unsuccessful compromise of target hardware, is (and always will be) hardware vulnerabilities, allowing full access due to physical limitations on the amount of protections one can implement. But why, after years of compromised device this is still a thing? Why can we still escape the matrix in most of our 200+ penetration testing and security research engagements the last 5 years?

The answer came in one of those engagements: forensics. Vehicle manufacturers, use hardware interfaces to allow easy access for forensics investigation after a fatal crash. But is this the only way? Should we allow open doors, in the name of forensics?

These and several other questions will be answered in this talk, going through almost a decade of experience in the automotive sector, with manufacturers using the excuse of forensics to expose critical interfaces, or make use of archaic and vulnerable practices.

We will go through the significance of forensics in the automotive sector, and why requirements pushed manufacturers into this limbo state, through a series of practical PoC and demos of vulnerable hardware implementations, which led to complete compromise of target and reveal of several 0days to automotive components. We will analyze what is there to expose, and why the data needed after a crash cannot obtained till now with other means.

We will conclude with alternative options for allowing effective and efficient forensics investigation in automotive components, with practical proposals, already implemented by several small manufacturers that care about making secure and safe products with respect to their users, drivers, passengers and pedestrians.

Our ultimate goal is to raise awareness and provoke thoughtful consideration within the industry about the importance of securing hardware interfaces. Attendees will gain insights into how balancing forensic requirements with stringent security protocols can lead to safer and more secure automotive systems. We encourage a collaborative shift toward embracing cybersecurity as a foundational element of vehicle design and engineering, ensuring that the drive toward innovation does not outpace the imperative of safety.

Let’s follow the white rabbit, and escape a different matrix. The one of insecure vehicles in our streets.

Planned to be presented in Off-By-One conferfence 2025, on May 8-9, 2025, in Singapore.