The hack, the crash and two smoking barrels.
Thomas Sermpinis
DEF CON 32 Main Stage · Day 1 · Main Stage
In "The hack, the crash and two smoking barrels," Thomas Sermpinis, a lead at Auxilium Pentest Labs, delivers a candid and critical assessment of the cybersecurity landscape within the automotive industry. His talk, presented at DEF CON 32, pulls back the curtain on what he terms the "stupid things that automotive industry is doing still in 2024," emphasizing that many modern vehicles, despite their advanced features, are built on fundamentally insecure foundations. Sermpinis aims to highlight the pervasive security vulnerabilities stemming from dated protocols and architectural missteps, framing these issues not merely as financial risks but as profound threats to user safety.
AI review
Thomas Sermpinis delivers a blunt, necessary assessment of automotive cybersecurity, revealing that despite modern features, vehicles are built on fundamentally insecure foundations. He meticulously details the pervasive, decades-old vulnerabilities in the CAN bus protocol and the dangerous exposure of critical ECUs through telematics units, emphasizing these are not just financial risks but profound threats to human safety. The talk serves as a stark warning and a call to action for an industry that prioritizes speed and cost over robust security, offering critical insights for…