Quote:
|
Originally Posted by jlawphoto
Quote:
Originally Posted by R0ut3r
Interestingly, I own a cyber security firm and I am not comfortable with the total lack of security in the Bluetooth kit.
I don't want someone pushing bad settings on my vehicle under any circumstance.
I would, however, appreciate it if the vendor just allowed the app to function wired to the phone. USB to lightning and USB to micro-USB adapters are cheap... and secure.
|
Wouldnt someone need to have the JB4 app to make changes?
I get it, you want 100% security, im trying to be realistic here. |
You don't need the jb4 app. It's just a serial connection emulated over Bluetooth.
The jb4 app would be useful to someone that cares about what they are doing.
Anyone with a Bluetooth enabled computer can "dabble" (we call it fuzzing) to figure out what this interface does and cause you a lot of grief in the process. We don't even know if the JB4 limits the input values based on its firmware or if it's limited in the interface.
I'm not going for 100% security, it's just I know enough about this technology to be much more aware of the risks and vulnerabilities involved.
__________________
___________________________________________
Current: 2021 Lamborghini Urus, 2021 Ferrari F8 Tributo Spider, 2019 X3, 2022 M4C Cab
Past: 2009 e92 335XI, 2012 e92 M3, 2014 335XI, 2016 X6M, 2019 M5, 2013 Ferrari California, 2017 Ferrari California T, 2020 X4MC, 2020 Porsche C4S Cab (992)
Montreal, Canada