">Car electronics change very little year to year. If you have an unreported exploit, it wouldn't surprise me if it were valid for more than 5 production years."
Anecdotally, most ECUs I've seen change up 1-3 years. I have no idea if later units might be code compatible with prior, but I'd doubt it.
>I think you read this wrong - the car was disassembled to explore the systems, but after vulnerability development, physical access to a target was not required.
Obviously, I'm not certain, but looking at the previous work they reference [0 .p12-13] seems to say that the bridging exploits [1 .p5] are dependent on re-flashing. Perhaps the 2011 Bluetooth overflow is injecting 2010 re-flash equivalent code?
"We were able to successfully reprogram our car’s telematics unit from a device connected to the car’s low-speed bus (in our experiments, a laptop running CARSHARK). Once reprogrammed, our telematics unit acts as a bridge, relaying packets from the lowspeed bus onto the high-speed bus."
"Note, such interbus bridging is critical to many of the attacks we explore since it exposes the attack surface of one set of components to components on a separate bus; we explain briefly here."
Anecdotally, most ECUs I've seen change up 1-3 years. I have no idea if later units might be code compatible with prior, but I'd doubt it.
>I think you read this wrong - the car was disassembled to explore the systems, but after vulnerability development, physical access to a target was not required.
Obviously, I'm not certain, but looking at the previous work they reference [0 .p12-13] seems to say that the bridging exploits [1 .p5] are dependent on re-flashing. Perhaps the 2011 Bluetooth overflow is injecting 2010 re-flash equivalent code?
0: http://www.autosec.org/pubs/cars-oakland2010.pdf
"We were able to successfully reprogram our car’s telematics unit from a device connected to the car’s low-speed bus (in our experiments, a laptop running CARSHARK). Once reprogrammed, our telematics unit acts as a bridge, relaying packets from the lowspeed bus onto the high-speed bus."
1: http://www.autosec.org/pubs/cars-usenixsec2011.pdf
"Note, such interbus bridging is critical to many of the attacks we explore since it exposes the attack surface of one set of components to components on a separate bus; we explain briefly here."