Smart Bus Smart Hacking: Free WiFi to Total Control
Kai Ching Wang, Chiao-Lin Yu
DEF CON 33 · Day 1 · Main Stage
In an era where smart infrastructure is rapidly integrating into daily life, the security implications of these interconnected systems often lag behind their convenience. This talk, "Smart Bus Smart Hacking: Free WiFi to Total Control," delivered by Chiao-Lin Yu (Stephen Meow) and Kai Ching Wang (Canniver) at DEF CON, unveils a chilling reality: the ubiquitous free Wi-Fi on modern smart buses can be a direct conduit to gaining complete control over the bus's critical operational systems and even its central control infrastructure. The speakers meticulously detail a journey from a casual Wi-Fi connection during a traffic jam to uncovering a cascade of vulnerabilities that expose not just a single vehicle, but potentially an entire fleet.
AI review
Competent IoT attack chain research against real smart bus infrastructure — the target is interesting and the vulnerability chain is genuine — but the individual findings (BOA CVE, default creds, unencrypted HTTP, unauthenticated APIs) are so well-trodden that the talk's novelty is basically 'we applied 2015 IoT playbook to buses in Taiwan.' Still worth the slot at a regional con; at DEF CON it fills space without advancing the discipline.