Cybersecurity

8584 readers

103 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

263

Norway discovers that its Chinese electric buses can be remotely disabled (cybernews.com)

submitted 3 days ago* (last edited 3 days ago) by slothrop@lemmy.ca to c/cybersecurity@sh.itjust.works

39 comments fedilink hide all child comments

different source (Danish)

It's no surprise, as kill switches are pretty much ubiquitous.

you are viewing a single comment's thread
view the rest of the comments

[–] HobbitFoot@thelemmy.club 21 points 3 days ago (2 children)

Similar backdoor control capabilities, usually at least officially frowned upon in Western tech companies, weren’t found in buses bought from Dutch company VDL.

Looks like that was discussed in the article.

[–] fort_burp@feddit.nl 7 points 3 days ago (2 children)

No I think floofloof meant that the article doesn't point out that Tesla and John Deere products have that same feature.

[–] SeptugenarianSenate@leminal.space 3 points 3 days ago

Common John Deere L

[–] stray@pawb.social 2 points 3 days ago* (last edited 3 days ago)

It specifically mentions Tesla and John Deere in the article.

[–] Alcoholicorn@mander.xyz 3 points 3 days ago (2 children)

I looked up the top 5 bus manufacturers in Europe, accounting for a combined 80-90% of new buses.

All of them use OTA updates.

The author picks a very unusual bus without telling the reader to make the reader believe this is a chinese problem and not standard practice in 2025.

[–] yetAnotherUser@discuss.tchncs.de 9 points 3 days ago (1 children)

There's a difference between consensual OTA updates (meaning the bus company would manually need to confirm the update) and non-consensual OTA updates (meaning it is done regardless of the bus company's wishes).

The Chinese buses are capable of the latter which is a gigantic security vulnerability. You do not want any operating system anywhere to update itself without consent.

[–] Alcoholicorn@mander.xyz 1 points 3 days ago (1 children)

Does Iveco(41%) or any other manufacturer with a meaningful market share do that?

[–] stray@pawb.social 3 points 3 days ago (1 children)

https://www.iveco.com/global/Press/PressReleases/2021/IVECO-Over-the-Air-Update-the-smart-timesaving-way-to-update-vehicle-software

The language used here suggests to me that the user initiates the update, but that's as far as I can guess.

[–] Alcoholicorn@mander.xyz 1 points 2 days ago

Operators of the chinese bus can pull the SIM card and reinsert it as desired as mentioned in the article, I'm not sure there is a meaningful difference if that is how the Iveco works.

[–] stray@pawb.social 1 points 3 days ago

You obviously didn't read the article because the author talks about non-Chinese products as well. They specifically describe a possible future where Trump disables all Danish iPhones. It has nothing to do with China and everything to do with the problem of "smart" devices and how little control we have over our own possessions.