> One such option would be a device powered by our Kaspersky OS, which we are developing for car manufacturers. Thanks to our microkernel operating system, such protection can control all interactions between the hardware components inside an information system and prevent any deviations caused by internal errors or unauthorized access attempts. You can learn more about our operating system and its capabilities on the Kaspersky OS Web page.
I get that the whole blog post is an advertisement, but infotainment systems should be physically isolated from control systems.
Furthermore, just using a microkernel doesn't actually provide any guarantees. It's a sound architecture choice, but that's all.
There are advanced control techniques that prevent replay, sensor spoofing, and other attacks specifically for control systems. But it doesn't look like this particular product implements those.
Correctly using a security-oriented microkernel only mitigates certain (really stupid) classes of attacks. These sorts of application domains deserve serious, in-house engineering effort aimed at very well understood risk/attacker models that are specific to the particular control problem.
Control systems need traditional pentesting/security types so that you're not broadcasting root credentials in plain text (...jesus). But a hardened system also needs input from controls/sensing people who understand security problems associated with particular application domains.
True for more reasons than software. The critical control systems (anything that can screw up the driver’s control of the car) should probably run on a CPU that is hardened against single event upsets and similar faults. No amount of microkernel magic can replace that.
> It also would be a harder boundary to draw than you might think
As an example my 2010 Toyota has an automatic parking system[0], which connects the backup camera, infotainment system (for display and input), steering control and parking sensors.
[0] Which to be honest is basically pointless. It works, but takes a lot longer to setup and use than just parking yourself.
or remote start, remote diagnostics, tire pressure monitoring systems, maintenance reminders, electronically controlled suspensions, many traction control systems, etc.
Not arguing those features should/need to exist but they are heavily dependent on UI/control system data exchange.
You clearly haven't owned a boat to understand what "costs money" means. An expense that would have your average automobile owner up in arms about would be pocket change for even the smallest of boat system systems.
And for the majority of boats out there this is a total non-issue as they're not even going to come close to having any of this integrated in any usefully hackable way.
So unless you're talking about the 80'+ class of boats or megayachts things are still based on circa 1990's tech, at best. Even the big boats don't integrate all that much.
There are way more vectors than discussed here. In this environment you have limited drinking water, limited power, limited fuel, limited communications bandwidth, limited hardware replacements, limited crew skills, limited food, etc. It seems like DoS against critical resources in this environment could easily lead to death.
By the time you get to a vessel large enough to have any of these systems integrated they'll very likely have means at their disposal to seek immediate aid. That and systems such as this are often redundant and almost always have means to be operated manually. So, please, spare us the 'easily lead to death' fear mongering. That's just plain wrong.
Two is one and one is none. You'd be utterly foolish to go to sea without redundant navigation and communication equipment. A hacker might take out your navigation instruments, but so could a simple short circuit. Saltwater is brutal on electrical systems, so only a fool operates on the assumption that their primary nav system is absolutely reliable.
Even on a tiny inshore yacht, you'd want a handheld GPS, a handheld VHF radio and a stash of AA batteries in case your main electrical system fails. On a small coastal yacht, that stuff would be in your survival bag next to the liferaft. A large offshore yacht should have two fully independent nav stations on completely separate electrical systems. If all that fails, you should still have an EPIRB and a canister of flares; good bluewater sailors can happily complete a passage on sextant and compass.
Contingency planning is at the heart of seamanship. If you're placing total faith in your instruments, then you have bigger problems than the insecurity of the NMEA protocol.
Kaspersky is currently widely considered to be a security threat created and used by a hostile power to illegally control and use American's computers in ways they do not want and do not consent. Recommend changing the url back to The Verge so as not to support Kaspersky.
Dang, you've told me specifically not to mention this country's name here on HN so I won't. It's in the URL/ articles I posted, I hope that is okay. Kaspersky is not a welcome source of information, it is to be immediately distrusted and assumed full of lies intended to deceive.
Isn't the best way to manipulate with lies to tell the truth most of the time?
I mean they're not wrong that infotainment systems are a security mess. I don't think I'll be buying a Kaspersky Gateway (tm) anytime soon to send all my traffic to a foreign power I mean um protect my local network. But the basic point is correct. Security standards in these systems are a joke.
Anyone else think it's odd that a Moscow based cyber security company which has been associated with oligarchs is now investigating yacht vulnerabilities? I mean who investigated the vulnerabilities of yachts??
While watching my website code, seeing kaspersky is very scary. How the heck it managed to come inside, at first though it is virus and did long research.
> One such option would be a device powered by our Kaspersky OS, which we are developing for car manufacturers. Thanks to our microkernel operating system, such protection can control all interactions between the hardware components inside an information system and prevent any deviations caused by internal errors or unauthorized access attempts. You can learn more about our operating system and its capabilities on the Kaspersky OS Web page.
I get that the whole blog post is an advertisement, but infotainment systems should be physically isolated from control systems.
Furthermore, just using a microkernel doesn't actually provide any guarantees. It's a sound architecture choice, but that's all.
There are advanced control techniques that prevent replay, sensor spoofing, and other attacks specifically for control systems. But it doesn't look like this particular product implements those.
Correctly using a security-oriented microkernel only mitigates certain (really stupid) classes of attacks. These sorts of application domains deserve serious, in-house engineering effort aimed at very well understood risk/attacker models that are specific to the particular control problem.
Control systems need traditional pentesting/security types so that you're not broadcasting root credentials in plain text (...jesus). But a hardened system also needs input from controls/sensing people who understand security problems associated with particular application domains.
True for more reasons than software. The critical control systems (anything that can screw up the driver’s control of the car) should probably run on a CPU that is hardened against single event upsets and similar faults. No amount of microkernel magic can replace that.
>I get that the whole blog post is an advertisement, but infotainment systems should be physically isolated from control systems.
But that costs money. It also would be a harder boundary to draw than you might think.
> It also would be a harder boundary to draw than you might think
As an example my 2010 Toyota has an automatic parking system[0], which connects the backup camera, infotainment system (for display and input), steering control and parking sensors.
[0] Which to be honest is basically pointless. It works, but takes a lot longer to setup and use than just parking yourself.
exactly.
or remote start, remote diagnostics, tire pressure monitoring systems, maintenance reminders, electronically controlled suspensions, many traction control systems, etc.
Not arguing those features should/need to exist but they are heavily dependent on UI/control system data exchange.
You clearly haven't owned a boat to understand what "costs money" means. An expense that would have your average automobile owner up in arms about would be pocket change for even the smallest of boat system systems.
And for the majority of boats out there this is a total non-issue as they're not even going to come close to having any of this integrated in any usefully hackable way.
So unless you're talking about the 80'+ class of boats or megayachts things are still based on circa 1990's tech, at best. Even the big boats don't integrate all that much.
There are way more vectors than discussed here. In this environment you have limited drinking water, limited power, limited fuel, limited communications bandwidth, limited hardware replacements, limited crew skills, limited food, etc. It seems like DoS against critical resources in this environment could easily lead to death.
By the time you get to a vessel large enough to have any of these systems integrated they'll very likely have means at their disposal to seek immediate aid. That and systems such as this are often redundant and almost always have means to be operated manually. So, please, spare us the 'easily lead to death' fear mongering. That's just plain wrong.
Two is one and one is none. You'd be utterly foolish to go to sea without redundant navigation and communication equipment. A hacker might take out your navigation instruments, but so could a simple short circuit. Saltwater is brutal on electrical systems, so only a fool operates on the assumption that their primary nav system is absolutely reliable.
Even on a tiny inshore yacht, you'd want a handheld GPS, a handheld VHF radio and a stash of AA batteries in case your main electrical system fails. On a small coastal yacht, that stuff would be in your survival bag next to the liferaft. A large offshore yacht should have two fully independent nav stations on completely separate electrical systems. If all that fails, you should still have an EPIRB and a canister of flares; good bluewater sailors can happily complete a passage on sextant and compass.
Contingency planning is at the heart of seamanship. If you're placing total faith in your instruments, then you have bigger problems than the insecurity of the NMEA protocol.
I'm not trying to be alarmist, but seas are dangerous.
Guess this is well targeted at wealthy oligarchs.
Url changed from https://www.theverge.com/2018/3/16/17130602/modern-yacht-rou..., which points to this.
Kaspersky is currently widely considered to be a security threat created and used by a hostile power to illegally control and use American's computers in ways they do not want and do not consent. Recommend changing the url back to The Verge so as not to support Kaspersky.
http://www.bbc.com/news/uk-42202191
https://www.bloomberg.com/news/articles/2017-07-11/kaspersky...
Dang, you've told me specifically not to mention this country's name here on HN so I won't. It's in the URL/ articles I posted, I hope that is okay. Kaspersky is not a welcome source of information, it is to be immediately distrusted and assumed full of lies intended to deceive.
Isn't the best way to manipulate with lies to tell the truth most of the time?
I mean they're not wrong that infotainment systems are a security mess. I don't think I'll be buying a Kaspersky Gateway (tm) anytime soon to send all my traffic to a foreign power I mean um protect my local network. But the basic point is correct. Security standards in these systems are a joke.
Anyone else think it's odd that a Moscow based cyber security company which has been associated with oligarchs is now investigating yacht vulnerabilities? I mean who investigated the vulnerabilities of yachts??
Kaspersky? The people accused of espionage with their anti-virus software?
http://www.bbc.com/news/uk-42202191
https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-...
https://www.bloomberg.com/news/articles/2017-07-11/kaspersky...
While watching my website code, seeing kaspersky is very scary. How the heck it managed to come inside, at first though it is virus and did long research.