A movie that succeeds in hijacking the vulnerability of the application by Nissan car behind the earth

now"Running computer"Especially for hybrid vehicles and electric vehicles (EV) with a feeling of being converted to, the control of the whole body has been computerized, it is no exaggeration to say that the computer is responsible for almost all operations of the vehicle. Thanks to that, it is also possible to open keys using smartphone applications, but a movie that controls the Nissan LEAF on the other side of the earth is disclosed as a vulnerability of this application I will.

Troy Hunt
http://www.troyhunt.com/

Hackers Can Download Trip Histories, Tamper With Fans of Nissan Electric Cars | Motherboard
http://motherboard.vice.com/read/hackers-download-trip-history-tamper-with-fans-nissan-leaf-app-bug

In the following movie, it actually shows how to connect from Australia to LEAF in the UK, to put air conditioner and to download running data.

Controlling vehicle features of Nissan LEAFs across the globe via vulnerable APIs - YouTube


Mr. Troy Hunt shown on the left screen of the movie is posing this problem. And Scott Herme, who is on the right, is a person who provided Nissan LEAF for experiments. Hunt is on standby in his own LEAF car in the Australian sunny poolside, and Hermes in the UK in the rainy season.


Hunt opened a notepad with the URL written on the PC screen. There are three URLs written "AC On (air conditioner on)", "AC Off (air conditioner off)", "Driving History (driving history)". Apparently accessing this URL seems to be able to do LEAF operation, the important part of the string is hidden.


Hunt first copied the URL of "AC On" and pasted it in the browser.


A string such as "success" was displayed on the browser shortly. In addition, "vin" depicted on this screen points to "Vehicle Identify Number", that is, an ID unique to the vehicle.


After a few seconds the lamp on the LEAF panel suddenly lights up ... ...


The blue LED of the dashboard also starts flashing. In addition, it seems that the air conditioner started to operate at full power in the car.


Next, Mr. Hunt copied the URL of "AC Off" and pasted it on the browser.


Then, from Helmer's air conditioner stopped, a report that the lamp such as the dashboard had disappeared.


Finally Hunt pasted "Driving History". After a short time……


A character string was displayed in the browser. It has become a long content compared to the previous time.


While looking at the letters, "Have you run 1542 yards (about 1.4 km)? Then you are running 64,42 yards (about 55 km)?" Asked Mr. Herme. Then it seems that everything seems to be true, Herme answers "yes" with a bitter smile like looks surprised.


Finally, Mr. Herme who answers "I am driving 135 times this month," he said, "Maybe it is." It is evidence that "135" is written in "TotalNumberOfTrips" at the bottom of the history.


In this way, it was a movie proving that it is possible to access the LEAF from behind the earth by vulnerability of the application, operate it, and extract information. Note that GPS position information is not included in this.

This problem was said that Hunt was discovered by a student who participated in a workshop held in Norway. Hunt reported the matter to Nissan the following day. Then, it was said that a quick reaction came back, but since there was no appearance of a fix being done even after one month thereafter, in order to notify the user of LEAF of the danger of the application, the owner of LEAF We urge you to take measures including uninstallation.

According to Hunt, if a malicious hacker can specify the VIN of the vehicle, it will be possible to access the vehicle through the application. Although details are not made public, there is no mechanism to verify who actually is accessing it, so once you can access it all operations will be possible.

I covered Nissan on this matterMotherboardAccording to Nissan, although confirming this problem, Nissan answered that it judged that there is no urgency as "There is no influence on the operation and safety of the vehicle at all".

At the same time, Nissan said, "We are currently working on a permanent and robust solution method for this problem," he said that he announced that it will adopt countermeasures soon. However, he said that he said that he said "I am certain that it is coming soon but I will avoid expressions about the date and time" for that period.

Mr. Hunt said that it shows that car companies are not strongly conscious of security concerning such a problem occurrence, pointed out that full-scale response is necessary. "If you are in a hurry to ride the flow of things on things, you should not go back on security measures, and at the beginning of something like something like" I started countermeasures " There is nothing, "he talks about the importance of immediate measures.

◆ 2016/02/26 09: 40 Addendum
It is clear that Nissan disabled the function of LEAF application after Hunt's announcement.

Nissan disables Leaf app after car hack risk revealed online - BBC News
http://www.bbc.com/news/technology-35660641

The day after Hunt's blog was posted, Nissan stopped the service of the application. In response to BBC's interview, Nissan was able to manipulate temperature control via the net as a result of Hunt's report and subsequent investigation, and the problem of access to telematics (mobile communication) was found on a dedicated server I am clarifying that I stopped the service of the application in response to that.

What is affected by this measure is that in addition to already covered LEAF, electric commercial vehicles equipped with a similar systemE-NV 200It has become clear that it contains. According to Nissan, there is no problem with the actual driving safety performance, and there is no influence on usual use of the vehicle. Nissan is proceeding with renovation of the system including the application, and is aiming for urgent restoration.