02-07-2015, 02:35 PM | #1 |
Second Lieutenant
29
Rep 209
Posts |
Disable the GSM modem
Hey folks,
In response to the recent Connectdrive vulnerability I decided it's just easier to disable GSM connectivity altogether. Does anybody know where the modem is located and what the easiest way of turning off that functionality is? Thanks Tom
__________________
--
1997 BMW M3 Single turbo 723whp GT42R 2000 BMW M5 - Daily 2014 BMW 335i xDrive 6spd loaded |
02-07-2015, 05:09 PM | #2 |
ghey
483
Rep 2,041
Posts |
BMW patched the issue. It was a vulnerability discovered; not that someone was hacked.. no damage was done and it's been resolved. It seems easier to leave it as is, patched, vs. trying to figure out what component to remove without screwing up other systems.
Potentially the car has a sim card, but if not, you'd need to unplug whatever device it is that houses the GSM communications, which is probably integrated into the combox and part of the fiber network within the car. If you wish to remove this completely you'll need to locate the MOST block and remove it from the fiber ring so that nothing tries to communicate with it. Additionally there are various systems [bluetooth, me thinks] that will be looking for it and no longer function, and you'll need to code them all out, if that's even possible. tl;dr leave it alone, it's fixed.
__________________
21 G05 > 20 G05 > 17 G30 > 14 F30 > 08 E90
|
Appreciate
0
|
02-07-2015, 05:31 PM | #3 |
Second Lieutenant
29
Rep 209
Posts |
I don't know if it's patched or not, but anybody that uses the same symmetric keys across all the encryption device is an idiot. I assume the same people are responsible for that designed the rest of the system; it's just that nobody yet bothered to explore the that aspect of the system.
I simply don't care for the BMW services, the realtime traffic is crap, Navtech is absolute garbage, data access is slow. I'm simply disabling the services I don't use that would otherwise be open to any kid with a BTS station. PS do you have any documentation as to what was patched?
__________________
--
1997 BMW M3 Single turbo 723whp GT42R 2000 BMW M5 - Daily 2014 BMW 335i xDrive 6spd loaded |
Appreciate
1
|
02-07-2015, 09:31 PM | #4 |
ghey
483
Rep 2,041
Posts |
Here is a site with all of the info pertaining to the issue: http://www.heise.de/ct/artikel/Beeme...e-2540957.html
As for what they did, I believe they modified it so that instead of just going via HTTP, it now goes via HTTPS between their servers and the car itself. "For its part, BMW says it hasn't seen any reports of compromises to vehicle security, and now it's using HTTPS to encrypt all data transmissions. Perhaps best of all? Owners of the 2.2 million affected vehicles didn't need to hit the dealership for this patch -- it was already delivered over the air. The update pushed automatically once the system connected to BMW's servers recently, but those who keep a car stored may want to hop in and hit the "Update Services" button. Good thing, because taking all three of your rides in for service (like they did in 2012 to fix a problem with the ODB port that thieves actually used to steal cars, and as of 2014 were still using on unpatched vehicles) would probably be kind of inconvenient."
__________________
21 G05 > 20 G05 > 17 G30 > 14 F30 > 08 E90
|
Appreciate
0
|
02-07-2015, 11:27 PM | #5 |
Major
568
Rep 1,035
Posts |
I don't know if this is what you are looking for, but i just happened to be working in my trunk tonight upgrading some audio equipment and i just happened to see a part that had on its label an IMEI identifier, when i came across your post. I looked up the part and it was the bluetooth module, but possibly BMW combined the cell radio along with the BT module in the same component?
|
Appreciate
0
|
Post Reply |
Bookmarks |
|
|