Cybersecurity

8626 readers

22 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

266

Norway discovers that its Chinese electric buses can be remotely disabled (cybernews.com)

submitted 2 weeks ago* (last edited 2 weeks ago) by slothrop@lemmy.ca to c/cybersecurity@sh.itjust.works

40 comments fedilink hide all child comments

different source (Danish)

It's no surprise, as kill switches are pretty much ubiquitous.

you are viewing a single comment's thread
view the rest of the comments

[–] HobbitFoot@thelemmy.club 21 points 2 weeks ago (2 children)

Similar backdoor control capabilities, usually at least officially frowned upon in Western tech companies, weren’t found in buses bought from Dutch company VDL.

Looks like that was discussed in the article.

[–] fort_burp@feddit.nl 7 points 2 weeks ago (2 children)

No I think floofloof meant that the article doesn't point out that Tesla and John Deere products have that same feature.

[–] SeptugenarianSenate@leminal.space 3 points 2 weeks ago

Common John Deere L

[–] stray@pawb.social 2 points 2 weeks ago* (last edited 2 weeks ago)

It specifically mentions Tesla and John Deere in the article.

[–] Alcoholicorn@mander.xyz 3 points 2 weeks ago (2 children)

I looked up the top 5 bus manufacturers in Europe, accounting for a combined 80-90% of new buses.

All of them use OTA updates.

The author picks a very unusual bus without telling the reader to make the reader believe this is a chinese problem and not standard practice in 2025.

[–] yetAnotherUser@discuss.tchncs.de 9 points 2 weeks ago (1 children)

There's a difference between consensual OTA updates (meaning the bus company would manually need to confirm the update) and non-consensual OTA updates (meaning it is done regardless of the bus company's wishes).

The Chinese buses are capable of the latter which is a gigantic security vulnerability. You do not want any operating system anywhere to update itself without consent.

[–] Alcoholicorn@mander.xyz 1 points 2 weeks ago (1 children)

Does Iveco(41%) or any other manufacturer with a meaningful market share do that?

[–] stray@pawb.social 3 points 2 weeks ago (1 children)

https://www.iveco.com/global/Press/PressReleases/2021/IVECO-Over-the-Air-Update-the-smart-timesaving-way-to-update-vehicle-software

The language used here suggests to me that the user initiates the update, but that's as far as I can guess.

[–] Alcoholicorn@mander.xyz 1 points 2 weeks ago

Operators of the chinese bus can pull the SIM card and reinsert it as desired as mentioned in the article, I'm not sure there is a meaningful difference if that is how the Iveco works.

[–] stray@pawb.social 1 points 2 weeks ago

You obviously didn't read the article because the author talks about non-Chinese products as well. They specifically describe a possible future where Trump disables all Danish iPhones. It has nothing to do with China and everything to do with the problem of "smart" devices and how little control we have over our own possessions.