Detroit man steals 800 gallons using Bluetooth to hack gas pumps at station::undefined

  • foggy@lemmy.world
    link
    fedilink
    English
    arrow-up
    45
    arrow-down
    10
    ·
    1 year ago

    USB is way safer lol.

    Bluetooth is notoriously bad with security. Especially Bluetooth 4 and earlier. I’d put money on a gas station pumps Bluetooth to not be using the most up to date protocol.

    • MeanEYE@lemmy.world
      link
      fedilink
      English
      arrow-up
      58
      arrow-down
      7
      ·
      1 year ago

      It’s like saying TCP has bad security. That is to say, pointless comparison. Bluetooth is just transport layer and security is done on higher level. This is most likely the classic example of “security through obscurity”. Meaning they did nothing special and hoped no one will figure it out, just like recent TETRA vulnerability.

      • foggy@lemmy.world
        link
        fedilink
        English
        arrow-up
        23
        arrow-down
        5
        ·
        edit-2
        1 year ago

        Transport layer is absolutely a security vulnerability vector.

        TCP is absolutely low security if not configured correctly.

        I don’t know what it is you’re trying to say. I agree that this instance was probably security through obscurity failing, but to say that Bluetooth, TCP, and other transport layer protocols are not security considerations is absolutely ridiculous (see for example, heartbleed). It’s exactly the reason there are multiple versions of Bluetooth. It’s why FTP is (should be) all but deprecated and SFTP and FTPS are standard. It’s why Google doesn’t index webpages without an SSL certificate.

        USB is way safer