A peek into the future of cars I feel: OBD-II Condoms

Javier Vazquez Vidal https://github.com/fjvva/OBDCondom  has come up with an interesting idea. Personally, I don't think this will work as well in practical terms, but it's a great idea to start the discussion
Firstly WTF is an OBD-II port?

Think of it as a multi-connector for something to interface with your car's network (s). The standard allows for 5 signalling protocols
When you plug a capable device in, and if the bus allows for it, you'll see stuff like
Looks hectic but actually, it's relatively simple. I drew a picture to explain
There's plenty of docs and books on the above, @rndashm and I are making a Mercedes-Benz specific one https://github.com/rnd-ash/mercedes-hacking-docs so won't go into too much detail here.

Pero pero, this port is also open to abuse to some degree, hence the condom idea.
What Javier has proposed is a device to enable/disable CAN/KLINE or any low-speed (non-ethernet) communications from the OBD port to prevent undesired access (theft via OBD)

The way he's designed the circuit, it enables the CAN/KLINE lines when voltage is applied to + & - lines.
Sounds great but herein lies my concern:

if you are inside the car, you have full access. Many attempts have been made to protect this port, but they rely on a physical overlay device
Some even come with GPS but they stick out, they are easy to see and as such, trivial to bypass
So there's the problem. The port is meant to be accessible, it's a physical port, and as such overlay protection is trivial to bypass.

How one protects this is the ongoing debate many are having. Do you use a wakeup packet as Bosch does? Do you adopt legacy white-listing?
Javier's solution is interesting but I'd love to see how you'd attach it so that it still makes it easy to use and not vulnerable to attack too.
You can follow @dcuthbert.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: