Volkswagen Owners Club (GB)

Volkswagen Owners Club (GB)

Volkswagen Owners Club (GB)
  • Home
  • About Us
    • Show Diary
    • Privacy Policy
  • News
  • Classifieds
  • Technical
    • VW Age Certificates
    • Chassis & Engine Serial Numbers
    • Air Cooled Tech
    • Water Cooled Tech
  • Contact
⁄ Sign inJoin

Car Hacking Concerns Over Golf GTE Infotainment System

Security researchers at a Dutch cyber-security firm, Computest, have discovered that the in-vehicle infotainment system in the Golf GTE along with other models from the Volkswagen Group has a weakness that can be exploited over WiFi. The two researchers that discovered the flaw, Daan Keuper and Thijs Alkemade, described how they have successfully tested their …
May 1, 2018 In: News 0 Comment
Car Hacking Concerns Over Golf GTE Infotainment System

Car Hacking Concerns Over Golf GTE Infotainment System

May 1, 2018 In: News 0 Comment

Security researchers at a Dutch cyber-security firm, Computest, have discovered that the in-vehicle infotainment system in the Golf GTE along with other models from the Volkswagen Group has a weakness that can be exploited over WiFi.

The two researchers that discovered the flaw, Daan Keuper and Thijs Alkemade, described how they have successfully tested their findings on a Golf GTE and an Audi A3 Sportback e-tron. They explained how they use the car’s WiFi connection to gain access to the Harman infotainment system via an exposed software component.

The researchers went on to describe how under certain conditions, attackers could listen to phone conversations, turn the microphone on or off and gain access to the address book and conversation history. They also explained that there is a chance of discovering satellite navigation data, such as where the car has been or even follow the car to wherever it is at any given time.

It was also identified that the infotainment system is indirectly connected to the car’s acceleration and braking systems, but the researchers stopped short of delving further over concerns they might breach VW’s intellectual property. Although they did discover that other flaws could be exploited using USB debugging ports located under the dashboard.

The good news is that these flaws were reported to VW back in July 2017, and the open interface on the Golf GTE and Audi A3 infotainment systems had already been closed by an update that was applied from production week 22/2016 onwards.

In writing their report, Keuper and Alkemade purposefully withheld crucial information on how they exploited the security flaws. They made it very clear that they do not plan to reveal the exact services and software ports that they used to break into the Golf and A3 during their experiments.

They explained that when writing their paper, they would describe the process they followed, but not the full details on the remote exploitable vulnerability as they are committed to a responsible disclosure policy and they didn’t want to put people at risk.

REVERSE

60 Years Bully

FORWARD

All-Wheel Steering Touareg

  • Electrifying

    Electrifying

    Jun 26, 2017
  • AGM Report 2018

    AGM Report 2018

    Nov 25, 2018
  • 60 Years Bully

    60 Years Bully

    Jun 27, 2017
  • Volkswagen Owners Club of Great Britain Logo
  • Search Articles

  • Categories

  • Recent Articles

    • Big Wins for VW at What Car? Awards 2019
    • AGM Report 2018
    • VW Beetle Production at a Dead End
Volkswagen Owners Club (GB)
Copyright © 2018. Web Design Sheffield by Switchstance.
Sign in
⁄ SEARCH