This Is How Easy It Is to Hack EV Chargers | WSJ
ฝัง
- เผยแพร่เมื่อ 15 พ.ค. 2024
- Electric vehicle chargers are plagued with security flaws that could expose sensitive data, compromise Wi-Fi networks and in a worst-case scenario, bring down power grids. Today’s EVs have more lines of code than a modern passenger jet, making them increasingly vulnerable to cyberattacks.
WSJ reveals how EV chargers can be hacked, and what it will take to protect the world’s rapidly growing EV infrastructure from cybercriminals.
Chapters:
0:00 EV chargers vulnerabilities
0:44 How to hack into an EV charger
4:06 Power grid implications
6:49 Cybersecurity
News Explainers
Some days the high-speed news cycle can bring more questions than answers. WSJ’s news explainers break down the day's biggest stories into bite-size pieces to help you make sense of the news.
#EV #Cybersecurity #WSJ
"Unconnected and dumb" is the best advice I have heard lately!
No Network Connection is how vast majority of Level 2 AC charger operate. They simply don't need a network connection.
It’s really not - why stop there? Throw your laptop away, don’t use a mobile phone, shun the internet. Their cure has become worse than the disease.
Connecting the internet to everything is a terrible idea. People are bugging their own houses willingly due to ignorance.
a tinder box with a smart ignition, all snug in your house, seems like a great idea
Same thing with footpaths!
Why do we make it so easy for strangers to come to our homes? If you get rid of the path, you don’t even need locks on your doors!
People buy super expensive smart locks, with a special anti picking cylinder, but then as it has a solenoid you can open it with a strong magnet 😂
Hey, everyone! I've been delving into TH-cam, focusing on storytelling and creative video-making. Recently stumbled upon VideoGPT, and it's been a total game-changer. My videos now have this professional quality that has really boosted my confidence.
Hasn’t anyone seen maximum overdrive!?!
Showing the companies do not take cybersecurity seriously and then repeating their statement that they take cybersecurity seriously?
They are legally required to give the company's response. Not doing so gets the journalism company sued.
Wht they're calling 'chargers' is a misnomer. The charger is built into the car. The box on the side of your house is a power outlet. It makes power available to the on-board charger but the current drawn is determined by the on-board charger.
Stealing a Wi-Fi password does not give you a bank password. Bank passwords are also E2E encrypted. No need to exaggerate.
In the USA, 99% of these chargers are in peoples garages locked away. The big security risk for most people is in their filing cabinet. Where is the median doing a piece on the filing cabinets?
If you steal a WiFi password you can emulate the WiFi network and implement a man in the middle attack. Are you a security consultant or penetration tester?
@@Kx0195that doesnt really matter, pretty much all connections like that are over TLS.
And you dont need to steal a wifi pass to impersonate a wifi network and do mitm.
@@Kx0195I am and the mod is correct
I like how they tried questioning raspberry pi when they clearly stated it's not for commercial use
Raspberry Pi was originally set up as a school educational thing to help kids get into hardware and coding.
I can't believe that some professional electronics designers haven't moved on from school level electronics class.
It's just laziness
Some of the Raspberry Pi units are intended for use as a component in a production device.
They are. They just recommend using the CM4 instead of CM3. Tons of commercial products use Pis. There's an entire "for industry" page on the Pi website
Stating a Pi is not for commercial use is quite dense. A Pi Compute Module is designed for development, but commercial breadboards and development boards use Pi as a headless computer to IO interface all the time instead of adding serial ports to bigger computers or replacing them all together.
This is a general concern for IOT devices but this pen test company is dramatizing and creating unnecessary FUD. One can't connect to any EV charger (EVSE or DCFC) because one charger is compromised, unless the providers overall ecosystem itself is vulnerable.
yeah those were my exact thoughts
The problem with that statement is the assumption the network is not vulnerable. Often we rely on the overall networks security to protect against low level fruit like this, but in truth and as seen in recent cyber attacks, many industries previously thought impenetrable have been hacked. In addition, highly targeted attacks against individuals do take place globally, any vulnerability, even one which affects a single individual, is a danger to all.
@@jacobp8294 Network vulnerability is a general concern (with any connected device/service) which I already mentioned.
I like how using a rPi is a “bug” just because it’s an open platform. What do they think about OpenEVSE?!
Well, if the manufacturer of the charger failed to add proper authentication to their APIs and the devices can be addressed through their sequential serial number, then any one can register an account and use those credentials to control all the chargers whose serial number they can guess. Of course the API should check that the charger the user tries to control belongs to the user but apparently that used not to be the case. Instead, they relied on the UI which only shows the user their own chargers but thats fairly trivial to bypass by using the same APIs the app uses.
I'm an electrical engineer. This guy obviously picked the cheapest, most armature charging box on the market. Have him try it on a Tesla charger.
Yup was coming to say the same lol
You missing the point.. They are connect to the power grid and they could take everyone down. Doesn't matter who the maker is. One weak company puts everyone at risk. Just like one lazy coworker opening an email put the company at risk..
@@CornelleJ That is not true at all. This video has no evidence. They did not show how it can be hacked. They only removed an rpi compute module from a box. but did they show the data is not encrypted on the box? Did they link any company announcement? Did they show any link to the vulnerability database? Also the video did not say how they can be used to bring down the network. The study is not linked.
@@buscseik Rewatch the video, they said the first 1 had 2 Vulnerabilities. Wallbox, hardware bug. 2nd was a remote attack. (smart phone attack), then Project EV had issue because of SN# for Creds.
@@CornelleJ Vulnerabilities has a public database. if this video would be true, these would be listed there, so the video could link them. Just for example, they made a screenshot of a study in the video published by IEEE. I checked if I can find the study on the IEEE website, but it is not there. Only two match, non of them were valid (one is a public file storing system, other is a website which signed by letsencrypt, which means, the site owner did not have to present id card or bank card to anyone to get the certificate, even a hacker could do that)
I wrote a paper on this last semester. The scary thing is that the weakest point on the grid changes depending on the time of the day / usage. If an attacker times everything right, then they can take down a small piece of the grid that could cascade to the larger system with a minimal amount of EV chargers (or smart thermostats). There are safe-guards against cascading failures, but they aren't designed for this type of attack.
In the uk the regulation requires that charge start and stop times have a randomised offset which is controlled in firmware not accessible to update or change.
You'd need far too many EVs for that to be an issue, and they'd have to be plugged in. The majority of chargers are in garages. Maybe thermostats, but most houses use gas heating. If you could gain remote access to every EV charger, you could pull it off, but that's like saying if you could get inside a vault you could perform a heist. It's not practical.
@@randomblock1_ said _"It's not practical."_
Does it need to be? Was the attack on the Iranian nuclear plant practical? I doubt when Putin says "Hack that network" that his hackers respond _"But that isn't really practical sir."_
@@LabGeckoThe point is that it would take decades to do all that hacking. And by then the first chargers would have been replaced.
The commercial psychosis of selling "smart" technology has only generated endless risks and security hazards.
I wrote up a compliance landscape for one of the top global auto manufacturers. There are real examples of hackers holding the company for ransom threatening DDOS. Threats included disabling security features (locks, adaptive cruise control, air bags, abs...), hacking personal information of connected devices, and disrupting recharging infrastructure. I warned them that there needs to be a clear divide between vehicle operating systems and infotainment.
I left the cybersecurity industry because I was tired of warning the C-suite and seeing deliberately negligent responses.
If they want to answer to Congress, that’s their business. Not mine.
DDoS is totally irrelevant to this. That can be mitigated by a middleman like Cloudflare, and certainly doesn't matter in the context of hardware vulnerabilities.
I like how they push the responsibility on the users instead working out the bugs before releasing a product. like my folks in their 70's and 80's are going to have a clue, my dad doesn't even have a smart phone.
Fear, uncertainty, and doubt.
We’ve just been fudded: “we’ve created weapons” 😬
Yeah, the verbiage was a bit over the top. But the scenario is real enough. There are plenty of nation states paying big money for attacks on grids. Browse Darknet Diaries if you need examples.
Raspberry Pi?? This is babytown frollics as far as hackers are concerned.
almost like its a weapon from china
Raspberry Pi OS is as good as any mainstream linux server in terms of security. The "problem" is the ability to easily remove and modify the compute module. That is not a serious attack vector as it requires prior physical access to each and every target device. This is not going to happen.
I like this reporting, but I feel it's a bit sensationalist. Cybersecurity research companies are paid to painstakingly find any and all loose threads with security and envision a worst-case scenario. I feel that's the only side of this represented in this story. While I'm sure they can be better, there are already safeguards in place against many of these issues (multi-factor authentication, car-key security, the ability to make your charger 'dumb' if it's in a public access area, etc). I guess it's technically possible, but the reality of a power-grid surge where a bunch of hackers physically individually popping the cover on a massive number of EV's, steal the log-in data, then later log into all of those accounts simultaneously and telling the cars to charge is pretty remote, right? Also, aren't most cars already charging when plugged in?
And there are methods to bypass 2fa and car security. Also other countries have had attacks on their power grid. It’s not unheard of. Doesn’t have to be a hacker but a state actor as well. But it’s definitely sensationalist.
I am not a security expert, just a home user/engineer and these flaws they are pointing out are class A negligence! None of these products should have made it to a customer
Also, everyone forget there are fuses everywhere in the electricity network :)
I agree that the average hacker will not get to your home, unmount your charger and take the memory chip. They at least prefer to stay in their home, on their computer chair. But maybe, if they have themselves a charger, they could try to look at its dataflow and use it against the company. but maybe the hackers, having much more knowledge than us, will just choose a charger without smart connectivity...
I think the point is that there are no standards keeping companies to a bare minimum of security. How many consumers do you know that search for security vulnerabilities before buying a product? I'm regularly telling friends and family about security holes and can't get them to check ahead of time. How diligent is the general public? And given that's their target audience, how diligent do you think companies are about security and safety when they need to get those numbers up for the next quarterly report?
Talking to anyone in pentest world will scare you. And it should actually.
No, just having your wifi password doesn't let attackers intercept your passwords. Everything is encrypted nowadays.
Someone has lied to you 😆
@@LabGecko what do you mean?
You can recharge an electric car without any of these security risks. When I had one, all I had to do was plug it into the power socket. A meter on the dashboard showed my charge status. The car never overcharged. I could set it and forget it until the charge was finished. If you want to have remote access to what your car's computer data, it is better to use a cellular connection on your phone to the car. Wi-Fi was never meant to be safe. Just a different way to connect things together. There is nothing safe about using Wi-Fi.
Wi-Fi is designed to be somewhat safe... but it doesn't make bad designs good
You think cellular is safer?
It's mind blowing that these industries continue to release infrastructure systems that aren't meeting the same standards that the IT industry does. It's getting better, but way to slowly and oversight is still sketchy.
imagine someone hacking self driving cars💀
Imagine someone hacking a plane you fly in? Why don't you express worry about that? Because you know the companies flying have every incentive to make that as difficult as possible. Cars are no different.
@@lawrencefrost9063 they aim laser pointers at planes and try to dazzle the pilot. In China people are aiming the lasers at the cameras controlling the car. It blinds autonomous vehicles. This is why LiDAR is extensively used.
As someone who works with self driving cars. The amount of stuff you would need to do in order to hack it and gain control would be pointless. You could only move 3mph for a few feet.
@@OneManOnFire absolutely, if someone is intent on causing problems then either stopping it physically or make it veer off course would be the option.
@@OneManOnFire buddy my point was that even if its to hard but few feets could cause series of serious accidents on certain scenarios
This typical of new systems. The priority is to implement the new system fast, with little regard to the intrinsic security!
Remember the early days of the Internet !
hyundai KIA can be stolen by 10 years old kids with USB cable.
It would be one car I'm not trying to find
They also need a screwdriver to pop the panel open to access the ignition switch.
By design lol
Is nobody asking why a vehicle charger even needs to contain sensitive data? Lock it with a physical key like your front door and the only thing it needs to know is the state of your battery and charge until the desired level.
because it doesn't contain sensitive data. it's just your wifi password
@@SegFaultOnLine1984 Isn't your wifi password fairly sensitive data?
Because many people are stupid. Older tech is usually better and for some reason, people feel a need to "upgrade" everything. Our locks at my apartments were "upgraded" from lock and key to digital cards. It gives the landlord more info, but the batteries need to be replaced yearly (six AA batteries per lock) and I wonder about security. The old locks and keys worked 100% of the time.
@@Djamonja not really, anything that connects to your home network and is outside your house is fairly susceptible to these sort of attacks. Gaining access to your wifi password is pretty pointless for pretty much any malicious actor anyway considering they actually need to be outside your house. And the bank details part is pure fear mongering because of https.
@@SegFaultOnLine1984 Once they have your Wifi password, can't they sit in a car near your house and access your network?
Never trust someone who opens with "suppose we're the good guys"
Sounds like they let the interns design these chargers or did they maybe outsource the design 🤣🤣
The only way to make any of this better, is for people to stop connecting literally everything in their lives to centralised servers. Most of which have fundamental security flaws, and all of which will always have flaws of some kind.
I don't understand why IOT device manufacturers insist on cloud first connection and not local connections for things.
@@Sparky400 So they can revoke your access whenever they feel like
Connecting and selling data is a base business model for most companies today
The study which was presented(but not linked) states, the chargers are not monitored by utility companies. That is not true. At least in Europe all installed ev charger supports open ADR, which provides control for utility providers.
Just lock the device behind a metal cage xD
someone never heard of lock picking lawyer
@@SgtJoeSmithsomeone’s never heard of cameras. If you have a Tesla you **most** likely have cameras
@@ItzAwsomeWasTaken but what if you are wearing black pants and black hoodie and black skin? you look like all the rest of them
But the warlock is your best sega nintendo player
@PenTestPartners: Could you perhaps also try a little bit of that whitehat hacking magic on the Boeing 373 Max?
The fact that it’s not standard to put all of these IOT devices on their own network at this point is quite sad. All routers should really come with an “IOT” network, a “guest” network, and a “trusted” network.
MOST Level 2 Chargers are OFFLINE anyways. They simply do not need a network connection.
This isn't surprising - criminals have been skimming gas pumps by opening them up for decades, not surprising some EV chargers are vulnerable to unauthorized modifications too.
another tip to make it harder for your data to be stolen, create a separate network for the "smart" device
“The Raspberry Pi is not really for a commercial product like this” 🤦♂️The compute modules are *LITERALLY* designed for this exact purpose! That’s why they exist.
tell those guys that it's not individual persons responsibility to update the system, it should by default have auto update feature!
basically you took someone's drive out? you can literally steal someone's laptop, punch a hole in it, take the ssd out and read all the information.
Yeah, get the updates, but if the company makes hundreds of models of devices it will forget the "old" ones very soon. And if the source code of the devices is closed because they want the moneys then no one can update it, even if the company closes
Yep, my EVSE is electric delivery only, dumb wires.
I’m running the one bought from Aliexpress China for 150usd with no wifi and set charging time to be on only during of peak from my car for a year with no issue😊 Cheap with no fancy option to be compromised😊 Charger can fire from 2.2kw up to 7kw though the RFID key to tap to start to stop the charger can be compromise but still there can not charg if my car say otherwise.
And just by using a "flipper" you can hack the RFID. D'oh!
EVERY Security Expert and Veteran Internet user will advise the same thing: Keep Stuff as Dumb as possible.
If there's NO need to connect to the internet... DON'T.
Right now, people are happily connecting their TVs, Toasters, Ovens, Doorbells, Security Cameras, Window Blinds, and even Faucets (among other things) to the Internet. These IoT (Internet of Things) are a Security Nightmare if not configured correctly AND Isolated properly from the Home Network.
People today are essentially offering MULTIPLE pathways to digital intruders.
As far as EVs are concerned... Manufacturers MUST keep systems Isolated. The Charging Tech must be separated from Infotainment.
Facebook is already here bro
Yet, this simply won't occur. People shall use IoT devices. That's not a solution.
In the UK there is dynamic pricing for ev charging, needs a network connection
Until it's illegal to sell customer data this will remain a base corporate business model.
The security of the Raspberry had nothing to do with it, this should have never been deployed like this!
And it is quite funny that all these companies say they value security, but yet they fail horribly and fall flat on their face using the same old repeated mistakes!
It is 2024, how are you even able to access these devices based on serial number? Some doofus made a quick implementation and it was deployed without anybody checking if the password to the device was ON the device?
Wow.
With hacking cars, that reminds me of Watch Dogs 2 where you could do the exact same thing
en.wikipedia.org/wiki/Michael_Hastings_(journalist)#Controversy_over_alleged_foul_play
No one is hacking cars. This is just WSJ bs
@@robertjamesonmusic I mean, if a vehicle has to rely on smart technology, that kind of tech could possibly be tapped into
Somebody on bbc news not having the word watchdogs
It’s these instances that require actual intervention from government powers to hold corporations accountable… you simply cannot trust them to operate on a level that is without thorough scrutiny and testing with their endless pursuit of limitless growth.
This is why I went for a commando socket and "portable" charger; the change from stand-alone wall chargers to Internet of Everything was never going to go well; people learned nothing from the issues with early electricity Smart meters.
When I brought up the issues of being remotely shutdown when using an internet connected charger - people called me an idiot; people STILL call me an idiot - because news of these hacks isnt widespread and is never mentioned on the big TV news channels.
For example, even though I follow a lot of tech news, I had no idea Ukrainian EV chargers were hacked and shut down at the start of the Russian genocide.
I am impressed by the level of security incompetence by the presented equipment developers in light of what we have learned over the past 30 years. This failure is how we get more government regulation and put the lie to comments from industry that "security is a primary concern". Best advice, do not unnecessarily connect to the Internet.
Why should Raspberry Pi response to your question?
This is like, you questioning knife company, because their knife used as murder weapon, on the other side of the world.
If someone steals an IoT device from your home, you should change your Wi-Fi credentials. It doesn't matter what platform it uses.
The initial animation of power grid shutdown seems very familiar to me…. I m almost sure that shows São Paulo s most popular district 😂😂😂
If my wallbox is "the power grid", then my router is "the internet".
Is there a citation on how an EVs battery could be over heated using the wall connector?
I don't see how it would be possible so would like to know how you came to that conclusion.
You're right- it's factually incorrect.
The actual charger and battery management system is part of the car.
The wall box "charger" is nothing more than a power switch that communicates with the in-car charging circuit, telling it what the limit of power it can suck out of the wall.
"Unconnected and dumb". My home appliances and my car goes dumb all the time and work perfect. No need to connect
I bought a wired printer for a lot of reasons mentioned in this video
The best way to stop the bad guys is to think like a bad guy.
Getting a bit tired of the EV issues. I don't have one nor want one, but I'll have to pay a price. Hacked power grids, taxes increasing, insurance increasing, electricity costs going up, vehicles going up in flames, fire department needing new tech to combat the fires, people possibly stealing my data or electricity. Thanks but no thanks. Please figure out how to put all of that on the adopters, not me.
Everybody should learn to ask politicians support for upkeep the things that matter to us.
For what humanly crazy reason does a car Charger need Internet Service? Because what becomes a very blaring issue - the greatest problem is the unnecessary services to recharge a battery! Not because of needs or requirements - but because they can! Making your own monsters to ensure your services stay in constant demand - poison's the whole pool!
Corporations make money selling user data to advertising. Connecting is a data source. Until it's illegal, they won't change.
@@LabGecko So predicated on ad revenue the entire backbone of a global technology/infrastructure has been subverted to being a cyber target buffet!
No mention of gasaholeline pumps with the same vulnerabilities.
Fuel pumps aren’t connected to the vehicle in the same way. Also, no private owner has a fuel pump on the wall of their house 😉
@hughM9 fuel pumps / systems fail. It starts fires 280 k Xs a yr.
Most houses do have a fuel pump/ system wired into their furnace.
If Wallbox took flaws so seriously, why did they rush to market with a cheap solution...
Addressing these cybersecurity challenges is key to ensuring the reliability and safety of our growing EV infrastructure. It's a call to action for all stakeholders in the technology ecosystem.
It would be much more secure if the charger electronics were inside the house and only an EV charger socket outside.
This is what can happen when you connect everything to the internet
Yet vast majority of Level 2 AC chargers are NOT connected to the internet.
"we take security very seriously " Whispers * as long as it doesnt affect out profit margins *
The fact toothbrushes were used for a DDOS attack should have been one of many more recent wakup calls.
This is why good network security is a good idea, Also props to Porsche offering PLC comms on their Connect products. VAG and other people please don’t go all wireless.
This is beyond laughable 😂😅😂😅😂😅😂 "thanks for the update" a criminal somewhere is saying
Criminals are reading specialized forums, not a mainstream media channel reporting outdated stuff.
When it comes to update haft of people don't even update their stuff at all.
Assumes everyone uses the same model of charger AND some dude goes and has physical access to half the citys chargers without getting caught. Then being able to figure out how to remotely control every device and account.
Yeah, never happening.
In California we have the option to buy vanity license plates with a digital display but it recently came to light that plates could be hacked and your identity, address, and the location of your vehicle could be tracked.
guess I have to change my PW now...thanks WSJ
the just use a : Raspberry Pi Compute Module 3 (CM3) : and the put a sticker on the Raspberry logo 🤣🤣🤣
Way too many thing are internet connected. And too much faith is put in the producers of new technologies that they can anticipate and prepare for adverse circumstances.
Also could get a VPN for Mobile device(s) that’s connected to EV charging accounts and protect that way. And also add multiple layers of verification to those accounts as well.
IoT is a disaster waiting to happen. Using hobbyist toys makes it even worse and I don't get what has Raspberry got to do wit it, it's like blaming Lego if a building made of its blocks came crashing down.
If that wasn't Pawel Czerwony words you won't know, but building technology is as so.
@WSJ 2:09 - The highlighted section where it says 'not recommended for new designs' (NRND) -- That's talking about sourcing/availability. It basically means they're getting ready to take that particular part out of production. It doesn't refer to the suitability for a particular application. I still agree with the overall argument that RPI's are unsuitable for this application though.
I don't think using a Raspberry Pi compute module is in itself a vulnerability. It depends how the module is set up.
Sensationalized for sure, but just soooo many rookie mistakes by companies rushing to get products to market.
If person not aware of inner working.. there is huge possibility to get screwed by manufacturers
China's 🇨🇳 "national security" laws require companies, including BYD, *to assist with intelligence gathering.*
- The Chinese government basically knows who is driving, and they can remotely control your car brake system from Beijing.
That's not true. The National Intelligence Law indeed forces any private organisation to provide the PRC government with any information they demand, but that doesn't mean that the companies need to create the capabilities to control every aspect of the products they provide. I doubt that many car manufacturers can be bothered to connect the brakes in the manner you purport.
It is true actually.
In many areas of China, Teslas have been banned because they pose a security risk to the Chinese gov. It's discussed in a lot of detail on the serpentza channel.
@@RokeJulianLockhart.s13ouq Every major Chinese company has a party representative sitting in each company building. I doubt he's just there for show.
@@LabGecko Where'd you learn that from?
As an electrician, I fail to believe this can take a grid down. These chargers require to be under a circuit breaker protection
It might stall the local transformer to a small street of houses but that ain't a big deal
air powered cars is the only way
Why are you not just using a 60 amp outlet ??!!
Why are you using a computer in the home charger ??!!
That is crazy
Makes me wonder if wifi inverters for home use on a solar system can also be hacked. Most run through the household modem.
Imagine a bad hacker and now they know to hack you ev
Yeah, so what does this cybersecurity shop use for security? Steel bars screwed on the insides of the windows to the walls. That's pretty old school. Steel bars work.
Connectivity & Complacency = Catastrophe.
You know these guys could earn in millions if they sold the critical bugs to potential buyers.....finding a bug is really challenging and time consuming. The companies should not get those bugs at that cheap a price.
I'd like to see if other brands of chargers are this vulnerable, as Wallbox is a low-end charger.
Vulnerabilities have continued to show up, and be swatted, by all companies involved. It's getting better, but there should have been minimum standards in place instead of this _"we'll fix it when someone finds a way in"_ mentality.
That's all good and all, but not everyone uses the charger to limit the charge. Many use the car with a "dumb" charger.
"pull out one of the hardware chips; and we can read it and find your personal your data" No sir that is a Raspberry Pi Compute Module 3... Very few chargers will be using them.
I’ll say these kinda things are pretty easy to overlook, but that’s the issue if we have fully autonomous cars then these kinds of issues can’t happen, they could take control of a car and steal it or who knows what else, so it’s up to these companies to put together engineering teams that can tackle all these issues extremely quickly and/or making sure that those issues never make it out the door. And I do believe companies are learning, especially from guys in the video and other white hack hackers, but it will take quite a long time and lot of computer engineer
I wish I was smart enough to do pen testing. New cyber security grad.
This is a bit far fetched, that raspberry pi compute module will save tons of e waste over a custom pcb. It’s like they are looking for flaws that aren’t really flaws.
is it though?
Indeed. The issues they're referring to are with the software, not hardware (except that the covers aren't locked).
The amount of e-waste created by using a custom PCB is essentially negligible. Did you ignore the board it's actually connected into?
@@Z0DI4CThat always depends upon the scale.
super this type of content is needed
Isn’t completely wrong, but as always the legacy media with their lack of knowledge in everything picked an “experts” to help them on a topic without fact checking, this has to be one for the cheapest and worst chargers out there, get him to hack some of the prenium chargers, not that it’s imposible, but want to see him do it.
Hehe, at 1:57 he points to the compute module (Raspberry Pi itself) mounted in an adapter board designed to provide easier access to the various I/O ports. Then as soon as he starts saying "this is the raspberry pi from the wallbox" they change shots and show a zoomed in shot to show it up close, but it's showing just the adapter board without the Raspberry Pi slotted into it. Quite obviously filmed or edited by someone not quite familiar with the technical side of things
5:07 "Multiple studies have found bugs that could allow hackers to connect to a charger remotely
This opens the door for an attacker to ... even take control of an entire vehicle.
attacker ---> three letter agencies
Why do they show Tesla chargers, but no pentest on them??
"and if I pick your door lock I can get it and read the password from your sticky notes!" What a joke
Hack the Planet! lol. Hackers movie reference
Kind of silly they decided to write these charger software in c and C++.
We can no longer afford a simple life, without being paranoid about constantly updating our computers, phones, cars, door locks, washing machine, fridge and home lights. Can anyone ever see the insanity or I am insane?