bbc
gadgets to use
geeky gadgets
gizmodo
jalopnik
jezebel
kotaku
lifehacker
ny times
pocket lint
readwrite
tech republic
tech world
techcrunch
technology
the inventory
the next web
venture beat
wired
count
sauces
help
I'm confused... What am I doing here?

Choose which sources you wish to remain and you're all set. Use the buttons to turn sources on and off.

What do the different colours mean?

Depending on if any articles/links are visible on the page there are 4 modes to show the state of your chosen sources.

on / visible on page

off / visible on page

on / not visible on page

off / not visible on page

Indian startups explore forming an alliance and alternative app store to fight Google’s ‘monopoly’ - techcrunch

Indian startups explore forming an alliance and alternative app store to fight Google’s ‘monopoly’

Google, which reaches more internet users than any other firm in India and commands 99% of the nation’s smartphone market, has stumbled upon an odd challenge in the world’s second largest internet market: Scores of top local entrepreneurs. Dozens of top startups and firms in India are working to form an alliance and toying with […]
techcrunch - 2 hours ago
Lots of happy people as Palantir and Asana spike on first day of trading - techcrunch

Lots of happy people as Palantir and Asana spike on first day of trading

The markets are closed and the verdicts are in: investors liked what they saw in Palantir and Asana . The two companies, which debuted this morning in dual (and duel) direct listings, continued to prove that enterprise tech companies without the brand recognition of Spotify (which conducted its own direct listing back in 2018) can […]
techcrunch - 7 hours ago
Dustin Moskovitz discusses Asana’s first trading day - techcrunch

Dustin Moskovitz discusses Asana’s first trading day

It’s a big day for Asana, the work management tool that debuted on the NYSE this morning in a direct listing. Founded back in 2009 by Dustin Moskovitz and Justin Rosenstein, the company has assiduously grown over the years, taking in about $213 million in venture capital the past decade and reaching almost $100 million […]
techcrunch - 7 hours ago
Everything Google announced at today’s hardware event - techcrunch

Everything Google announced at today’s hardware event

This year, Google’s annual hardware event consisted of a brisk 30 minutes of pre-recorded promotional videos, but the company managed to pack a number of new product announcements into that time. To make things easy for you, here’s a quick rundown of everything that Google announced, including the Google Pixel 5, a new TV interface […]
techcrunch - 7 hours ago
How 3 remote-friendly tech companies plan to return to the office - techcrunch

How 3 remote-friendly tech companies plan to return to the office

Six months ago, millions of workers left their offices for the last time without realizing it. Many would be laid off because of the pandemic, but for those fortunate to keep their jobs, some of their employers still haven’t determined whether they will open their workplaces again. Some of the biggest tech employers in the […]
techcrunch - 8 hours ago
Investors give Baltimore’s Facet Wealth $25 million to sell businesses on financial planning as a benefit - techcrunch

Investors give Baltimore’s Facet Wealth $25 million to sell businesses on financial planning as a benefit

Yesterday, Baltimore-based fintech company Facet Wealth said it raised $25 million in financing as it readies a new business line pitching financial planning as an employment benefit to businesses looking to recruit top talent. Employment benefit packages are expanding beyond the basic gym membership and healthcare to include subscriptions to Netflix, discounts on delivery and […]
techcrunch - 8 hours ago
A new Google Assistant feature, ‘Hold for Me,’ waits on hold so you don’t have to - techcrunch

A new Google Assistant feature, ‘Hold for Me,’ waits on hold so you don’t have to

Google has been pushing forward the capabilities of what a smartphone can do when it comes to one of the device’s most basic — if these days often overlooked — features: phone calls. In previous years, the company launched Call Screen to vet your incoming calls, Duplex for restaurant reservations, and just this month, a […]
techcrunch - 9 hours ago
AOC flagged ‘material risks’ to Palantir investors in letter to SEC - techcrunch

AOC flagged ‘material risks’ to Palantir investors in letter to SEC

In a newly released letter, New York Rep. Alexandria Ocasio-Cortez issued words of warning to the SEC over Palantir’s efforts to take the company public, cautioning the regulatory body over details the progressive congresswoman says were “omitted” in the company’s disclosures. Illinois Rep. Jesús “Chuy” García co-authored the letter, embedded below, which was submitted to […]
techcrunch - 9 hours ago
Pixel 5 and 4a 5g get the same, improved cameras with rear ultrawide lens, Night Sight portraits and more - techcrunch

Pixel 5 and 4a 5g get the same, improved cameras with rear ultrawide lens, Night Sight portraits and more

Google made its newest smartphones official today, unveiling the much-leaked Pixel 4a 5g and Pixel 5. Both smartphones will get the same, improved cameras, despite a $200 price different between the models, which is great news for people who are specifically coming to Google for their excellent mobile camera tech. Here’s an overview of what […]
techcrunch - 9 hours ago
Google unveils the $99 Nest Audio smart speaker - techcrunch

Google unveils the $99 Nest Audio smart speaker

Four years after the introduction of the Google Home smart speaker, Google showcased its successor to the company’s mid-range smart speaker. In keeping with the broader rebranding of the company’s smart home products, the device is now called Nest Audio. The smart speaker will retail for $99 and come in a variety of colors including […]
techcrunch - 10 hours ago
Google launches the $499 Pixel 4a 5G - techcrunch

Google launches the $499 Pixel 4a 5G

As expected, Google today officially launched the 5G version of its Pixel 4a phone at its annual hardware event. Given all the previous leaks, there were no real surprises left and Google had already announced the $499 price. We now have a launch date, though. It’ll launch in Japan on October 15 and then come […]
techcrunch - 10 hours ago
Google’s Pixel 5 get reverse wireless charging and 5G for $699 - techcrunch

Google’s Pixel 5 get reverse wireless charging and 5G for $699

Here it is, the centerpiece of this morning’s confusing-titled Launch Night In. The Pixel 5 is Google’s latest mobile flagship. Launching months after the budget-minded Pixel 4a (and same day as the Pixel 4a 5G) , the new handset sports a a 100% recycled aluminum body to set the new phone apart from the rest […]
techcrunch - 10 hours ago
The new Chromecast adds a remote and the new Google TV interface for $49 - techcrunch

The new Chromecast adds a remote and the new Google TV interface for $49

It’s been a while since Google gave its Chromecast line a proper bit of love — perhaps not surprising for a fairly mature device now marking its seventh year. At today’s big Launch Night In event, however, the company’s bringing the popular TV dongle a much-needed refresh by way of Chromecast with Google TV. The […]
techcrunch - 10 hours ago
The new Google TV brings streaming apps, live TV and search into a single interface - techcrunch

The new Google TV brings streaming apps, live TV and search into a single interface

Not to be confused with the smart TV platform of the same name (2010-2014, RIP) or the Android TV platform it’s built on top of, Google has just taken the wraps off the new Google TV. The name refers to the interface for the new, aptly titled Chromecast with Google TV, combining streaming services, live […]
techcrunch - 10 hours ago
Golden raises $14.5M to build a wiki-style database of tech knowledge - techcrunch

Golden raises $14.5M to build a wiki-style database of tech knowledge

Golden is announcing that it has raised $14.5 million in Series A funding. The round was led by previous investor Andreessen Horowitz, with the firm’s co-founder Marc Andreessen joining the startup’s board of directors. When Golden launched last year, founder and CEO Jude Gomila told me that his goal was to create a knowledge base focused […]
techcrunch - 10 hours ago
The roadmap to startup consolidation in Southeast Asia is becoming clearer - techcrunch

The roadmap to startup consolidation in Southeast Asia is becoming clearer

While Southeast Asia’s startup ecosystems are still young compared to those in China or India, it has matured over the last five years. Unicorns like Grab, Gojek and Garena are continuing to grow, and more competitive startups are emerging in sectors like fintech, e-commerce and logistics. That leads to the question: Will consolidation start to […]
techcrunch - 10 hours ago
Following Apple’s Sidecar launch, Astropad announces Luna Display for Windows - techcrunch

Following Apple’s Sidecar launch, Astropad announces Luna Display for Windows

In June, Luna Display creator Astropad wrote a blog post titled, “Why Getting Sherlocked by Apple Was a Blessing in Disguise.” It arrived on the one-year anniversary of Apple’s launch of Sidecar for macOS, which let Mac owners use an iPad as a second display — thus making Luna’s functionality redundant. The rose-colored post detailed […]
techcrunch - 10 hours ago
Aurora Labs ramps ‘self-healing’ software with $23M from LG Technology Ventures, Porsche SE, Toyota Tsusho - techcrunch

Aurora Labs ramps ‘self-healing’ software with $23M from LG Technology Ventures, Porsche SE, Toyota Tsusho

The automotive market is grappling with increasingly complex software systems, and in turn greater risks of glitches that can cause costly and unsafe disruptions and damage an automaker’s credibility. Just look at today’s new cars, trucks and SUVs compared to their counterparts a decade ago. New vehicles coming off assembly lines today contain tens of […]
techcrunch - 10 hours ago
‘The Real Facebook Oversight Board’ launches to counter Facebook’s ‘Oversight Board’ - techcrunch

‘The Real Facebook Oversight Board’ launches to counter Facebook’s ‘Oversight Board’

Today a group of academics, researchers and civil rights leaders go live on with ‘The Real Facebook Oversight Board’ which is designed to criticize and discuss the role of the platform in the upcoming US election. The group includes Facebook’s ex-head of election security, leaders of the #StopHateForProfit campaign and Roger McNamee, early Facebook investor. […]
techcrunch - 11 hours ago
Asana up 39% and Palantir still holding as both direct listings hit the public markets - techcrunch

Asana up 39% and Palantir still holding as both direct listings hit the public markets

Two direct listings in one day. Lots to talk about. Asana started trading just a bit after noon Eastern today, quickly zooming to roughly $29 a share in early trading this afternoon. We are still waiting for the first trades of Palantir to hit the market. Asana’s reference price was revealed yesterday by the NYSE, […]
techcrunch - 11 hours ago
LOAD MORE TECH
bbc
gadgets to use
geeky gadgets
gizmodo
jalopnik
jezebel
kotaku
lifehacker
ny times
pocket lint
readwrite
tech republic
tech world
techcrunch
technology
the inventory
the next web
venture beat
wired
count
sauces
help
I'm confused... What am I doing here?

Choose which sources you wish to remain and you're all set. Use the buttons to turn sources on and off.

What do the different colours mean?

Depending on if any articles/links are visible on the page there are 4 modes to show the state of your chosen sources.

on / visible on page

off / visible on page

on / not visible on page

off / not visible on page

techcrunch
Security bugs let these car hackers remotely control a Mercedes-Benz

Security bugs let these car hackers remotely control a Mercedes-Benz

techcrunch - 1 month ago

Few could ever forget back in 2015 when security researchers Charlie Miller and Chris Valasek remotely killed a Jeep’s engine on a highway with a Wired reporter at the wheel.

Since then, the car hacking world has bustled with security researchers looking to find new bugs and ways to exploit them in a new wave of internet-connected cars that have only existed the past decade.

This year’s Black Hat security conference albeit virtual, thanks to the coronavirus pandemic is no different.

Security researchers at the Sky-Go Team, the car hacking unit at Qihoo 360, found more than a dozen vulnerabilities in a Mercedes-Benz E-Class car that allowed them to remotely open its doors and start the engine.

Most modern cars are equipped with an internet connection, giving passengers access to in-car entertainment, navigation and directions, and more radio stations than you can choose from. But hooking up a car to the internet puts it at greater risk of remote attacks precisely how Miller and Valasek hijacked that Jeep, which ended up in a ditch.

Although vehicle security has gotten better over the past half-decade, Sky-Go’s researchers showed that not even one of the most recent Mercedes-Benz models are impervious to attacks.

In a talk this week, Minrui Yan, head of Sky-Go’s security research team, said the 19 security vulnerabilities were now fixed, but could have affected as many as two million Mercedes-Benz connected cars in China.

Katharina Becker, a spokesperson for Mercedes’ parent company Daimler, pointed to a company statement published late last year after it patched the security issues. The spokesperson said Daimler could not corroborate the estimated number of affected vehicles.

“We addressed all findings and fixed all vulnerabilities that could be exploited before any vehicle in the market was affected,” said the spokesperson.

After more than a year of research, the end result was a series of vulnerabilities that formed an attack chain that could remotely control the vehicle.

To start, the researchers built a testbench to reverse-engineer the car’s components to look for vulnerabilities, dumping the car’s software and analyzing the car’s internals for vulnerabilities.

The researchers then obtained a Series-E car to verify their findings.

At the heart of the research is the E-Series’ telematics control unit, or TCU, which Yan said is the “most crucial” component of the car, as it allows the vehicle to communicate with the internet.

By tampering with the TCU’s file system, the researchers got access to a root shell  a way to run commands with the highest level of access to the vehicle’s internals. With root shell access, the researchers could remotely open the car’s doors.

The TCU file system also stores the car’s secrets, like passwords and certificates, which protect the vehicle from being accessed or modified without proper authorization. But the researchers were able to extract the passwords of several certificates for several different regions, including Europe and China. By obtaining the vehicle’s certificates and their passwords, the researchers could gain deep access to the vehicle’s internal network. The car’s certificate for the China region had a weak password, Yan said, making it easier to hijack a vulnerable car in the country.

Yan said the goal was to get access to the car’s back end, the core of the vehicle’s internal network. As long as the car’s back-end services can be accessed externally, the car is at risk of attacks, the researchers said.

The way the researchers did this was by tearing down the vehicle’s embedded SIM card, which allows the car to talk to the cell networks. A security feature meant the researchers couldn’t plug the SIM into a router without freezing access to the cell network. The researchers modified their router to spoof the vehicle, effectively making the cell network think it was the car.

With the vehicle’s firmware dumped, the networking protocols understood and its certificates obtained and cracked, the researchers say they could remotely control an affected vehicle.

The researchers said the car’s security design was tough and able to withstand a number of attacks, but it was not impervious.

“Making every back-end component secure all the time is hard,” the researchers said. “No company can make this perfect.”

But at least in the case of Mercedes-Benz, its cars are a lot more secure than they were a year ago.


Send tips securely over Signal and WhatsApp to +1 646-755-8849 or send an encrypted email to: zack.whittaker@protonmail.com

sauce: techcrunch
CLOSE