• 0 Posts
  • 9 Comments
Joined 2 years ago
cake
Cake day: July 1st, 2023

help-circle

  • The main things are removing the cellular connection and disabling the connection back to the Tesla services. Back in the old days you could pull the SIM card, root the center and driver’s displays, setup firewall rules to block traffic to/from the Tesla servers, and disable the VPN.

    This is more difficult with the newer models. You can still pull the SIM, but would need to get creative for root access since it is a continuous game of whack-a-mole between the root methods and patches.



  • I set the VPN tunnel from the VPS to deny everything to the internal network by default, then put the services that need to be accessed on the allow list in the firewall. So the VPN endpoint from the VPS can only hit the very specific IPs/ports/protocols that were explicitly allowed. There is still the possibility of a compromise chain of VPS->service->container/VM->hypervisor->internal network access, but I feel comfortable with those layers.

    You could also setup an IDS such as Snort to pick up on that exploit traffic between the services and internal VPN endpoint if extra security is necessary on top of fail2ban and log alerts on the VPS.





  • This is handled by the inverter and charging modules, some use FPGA chips others use dedicated ASICs, but it doesn’t require anything wild in terms of raw compute power, mostly up to having good algorithms to handle the situations correctly. Nothing more than a modern ICE engine which needs to very precisely manage intake and exhaust cam phasing, ignition timing, intake pressure, and multiple injections per cylinder/cycle along with monitoring a multitude of sensors to keep everything in tolerance. In terms of simplicity, the first automobiles at the turn of the century were electric before the ICE caught on thanks to the advent of the electric starter and limitations in battery technology at the time.


  • skysurfer@lemmy.worldtoTechnology@lemmy.worldRoku got hacked
    link
    fedilink
    English
    arrow-up
    123
    ·
    1 year ago

    The headline is misleading. Roku didn’t get hacked and leak accounts. There were ~15000 customers that had accounts accessed due to credential stuffing. Aka, they reused passwords on other sites that had leaks and hackers tried those credentials on their Roku accounts and got into them.