Unlocking the doors of a car is sort of like a "Hello World" in Car Hacking. But this isn't the end - it's not a tip of an iceberg but there are other things you can also hack or play. There is more to just opening the doors and hacking infotainments. And so the speaker drafted a Car Hacker's Methodology and Checklist geared towards application security hackers and professionals based on his experience as an automotive security bug triager and a car hacker himself.
Join the author as he summarizes his own checklist for the following attack surfaces:
The author would also demonstrate real world attacks against known vehicles and how you may be able to replicate it or do it on a cheap hardware or known hardware. The author would like to point out some attacks that are also misunderstood or overlooked like sometimes you dont need to jam or perform rolljam to open a car. canTot which is made by the author will also be shown as part of a tool he uses for automation in car hacking.
Jay Turla is a Principal Security Consultant at VikingCloud, and one of the goons of ROOTCON. He has presented at international conferences like ROOTCON, HITCON, Nullcon, DEFCON, etc. He used to work for HP Fortify and Bugcrowd in the areas of appsec. His main interest or research right now is about car hacking and is currently one of the main organizers of the Car Hacking Village of ROOTCON / Philippines which is recognized and supported by the Car Hacking Village community.