Detroit man steals 800 gallons using Bluetooth to hack gas pumps at station::undefined

  • foggy@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    arrow-down
    5
    ·
    edit-2
    1 year ago

    Transport layer is absolutely a security vulnerability vector.

    TCP is absolutely low security if not configured correctly.

    I don’t know what it is you’re trying to say. I agree that this instance was probably security through obscurity failing, but to say that Bluetooth, TCP, and other transport layer protocols are not security considerations is absolutely ridiculous (see for example, heartbleed). It’s exactly the reason there are multiple versions of Bluetooth. It’s why FTP is (should be) all but deprecated and SFTP and FTPS are standard. It’s why Google doesn’t index webpages without an SSL certificate.

    USB is way safer

    • MeanEYE@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      4
      ·
      1 year ago

      Of course wired connection is inherently safer than wireless. There’s no question about it. And yes you can absolutely exploit at every layer of communication, but this here is not the case of exploiting Bluetooth as transport layer. It’s simply someone not configuring anything or adding any additional verification and just hoping no one finds out.