Calling all Security Minded Geeks ?

[DevSecOps]

QNX isn't my thing, and I don't know if it's anyone's here. But lately I've been noticing DNS buffer overflow attempts that have been blocked by Cisco AMP, from IP's in PA to the MME. Blackberry admitted to a BadAlloc bug affecting 175 million vehicles and medical equipment ( CVE-2021-22156 ) just a few months ago after dragging their feet for quite some time on it. Wondering if anyone else has seen attempts to probe at the MME Sync system?

Also kinda curious if the MME initiates a VPN to Ford for OTA's - if anyone knows.

Sponsored

 

[sockmeister]

QNX isn't my thing, and I don't know if it's anyone's here. But lately I've been noticing DNS buffer overflow attempts that have been blocked by Cisco AMP, from IP's in PA to the MME. Blackberry admitted to a BadAlloc bug affecting 175 million vehicles and medical equipment ( CVE-2021-22156 ) just a few months ago after dragging their feet for quite some time on it. Wondering if anyone else has seen attempts to probe at the MME Sync system?

Also kinda curious if the MME initiates a VPN to Ford for OTA's - if anyone knows.

IPs in PA, you say!? I promise, it wasn't me... ?

 

[sockmeister]

@CHeil402 Has seen some of the Mach-E's update attempts through his router's logs. Maybe there's some more information about what exactly it connected to?

I doubt it opens a VPN, but I'm sure it's end-to-end encrypted at least, in this day and age...

 

[DevSecOps]

IPs in PA, you say!? I promise, it wasn't me... ?

I know "exactly" where you live now ... ?

 

[CHeil402]

@CHeil402 Has seen some of the Mach-E's update attempts through his router's logs. Maybe there's some more information about what exactly it connected to?

I doubt it opens a VPN, but I'm sure it's end-to-end encrypted at least, in this day and age...

My car hasn't done anything "interesting" recently but the car's TCU talks to TomTom and Ford's server's over https. Doesn't look like a VPN, but that shouldn't be needed anyway.

 

[DevSecOps]

Doesn't look like a VPN, but that shouldn't be needed anyway.

Most critical infrastructure will use a VPN (not the ones for consumers) but direct to the MFG so to prevent MIM or DNS Spoofing attempts. Tesla is a good example of a auto MFG that uses a VPN to push vehicle updates.

The day to day traffic for the car I have looked at many times over, but I have never received an OTA, hence my curiosity.

 

[benk016]

I've always suspected that Ford only uses cellular for sending any communication to the car such as lock/unlock. Wifi maybe would send some telemetry data and give it an alternative download route for update files. But for the actual communication with the car, I suspect is through a private network on cellular.

As far as downloads, it's probably just downloading it from azure storage like all their files are.

 

[sockmeister]

My car hasn't done anything "interesting" recently but the car's TCU talks to TomTom and Ford's server's over https. Doesn't look like a VPN, but that shouldn't be needed anyway.

So the Sync Maps are made by Garmin, but it's also using TomTom for something? That's interesting.

 

[Av8tor]

So the Sync Maps are made by Garmin, but it's also using TomTom for something? That's interesting.

I think TomTom is a traffic feed, Apple Maps uses it too. Not 100% positive, but that's what I'm thinking.

 

[sockmeister]

I think TomTom is a traffic feed, Apple Maps uses it too. Not 100% positive, but that's what I'm thinking.

That makes sense! I wondered where that came from.
Supposedly in '23 they'll be shifting to a partnership with Google. I wonder if this means Android Automotive OS on the touchscreens, and native google maps.

Sponsored