Karamba Security Blog

RPI3 banner

How to build RPI3 ARMv8 aarch64 build

Alexei Sragovitch | November 2, 2017


Raspberry Pi 3 (RPi3) currently uses cortex A53, which contains ARMv8 architecture CPU. However, most available documented builds for RPi3 are based on ARMv7 rather than ARMv8. In this post, I’ll explain how to build an RPi3 ARMv8 using Yocto Project on an Ubuntu machine.

Read more

QNX banner

Extracting the content of a QNX IFS Image

Evgeny Dratva | October 19, 2017

How to approach dumping a QNX Image

While integrating Karamba protection into a QNX IFS image, I found that I first needed to extract the contents of a ready IFS image in order to inspect the binaries on the build machine for Karamba whitelisting purposes. I needed to know what those binaries would look like in their “final” form, after they’ve been stripped of debug symbols and otherwise modified by the IFS building utility.

Read more

Trend Micro CAN Protocol

Changing CAN Protocol Isn’t a Solution –– ECU Hardening Is

David Barzilai, Chairman and Co-Founder | September 12, 2017

CAN Protocol Vulnerability

Recently, Trend Micro published a technical brief discussing a vulnerability they found in the CAN protocol, which enabled denial of service (DoS) attacks to be invisible to CAN-based intrusion detection solutions. In the technical brief, they recommended that car manufacturers change CAN protocol in their vehicle, in order to make cars immune to such DoS attacks.

Read more

Car Driving banner

Snatching a Self-Driving Vehicle with an iPad

Karamba Security | August 31, 2017

Snatching a Self-Driving Vehicle with an iPad

An exposition participant for an annual conference event on robotics and new technologies (We’ll call them ICORP) convened with Karamba to create a joint demo presentation.

ICORP is an engineering service company that creates demos and custom projects for car manufacturers, 100% electric vehicles, and the self-driving vehicles sector. They also invest their efforts in automotive app integrations.

Karamba specializes in creating cyber security software that prevents cyber-attacks on IoT controllers by seamlessly hardening them according to factory settings, and blocking any deviation from those settings.

Read more

iboy banner

Netflix’s iBoy Shows the Dangerous Possibilities of Car Hacking

Karamba Security | August 24, 2017

Dangerous Possibilities of Car Hacking

iBoy is a sci-fi movie set in near-future London. A teen traveling to see his friend after school finds robbers in his friend’s house; he is shot in the head before he can escape. When he wakes, he discovers that part of his phone has been embedded in his brain, miraculously giving his brain connectivity abilities. He begins to listen to people’s calls and is able to see what they are doing on their smart devices. Later, he learns how to hack into phones, radios, cars, and the whole IoT. With his new abilities, he tries to find out who threatened his friend’s life; in one scene, he hacks into a car, trapping the people inside with the purpose of finding out which one is responsible for hurting his friend.

Read more

Test pic

Tokyo, Japan, Connected Car Security Seminar Summary

Karamba Security | July 16, 2017

The Connected Car Security Seminar

Asgent, Inc., Sumimoto’s SCSK Corporation, and Karamba Security hosted the Connected Car Security Seminar on Autonomous Security Products in Tokyo, Japan on July 3rd, 2017. The Seminar featured methodologies behind security protection of Autonomous Vehicles focused on Electronic Control Units (ECUs).

Read more

Test pic

What Happens When Car Scrapping Goes Wrong?

Karamba Security | July 13, 2017

While it’s nice to think that all cars go to Car Heaven, in reality they go through a scrap metal recycling process. In order to recycle the remains of your vehicle, you need to get a special permit and find an Authorized Treatment Facility (ATF).

Read more

Test pic

Karamba Security Steps up to Cross-industry Calls for Collaboration on Autonomous Car Security

David Barzilai, Chairman & Co-Founder | June 08, 2017

Implementations to Automotive Connectivity

Connected cars increasingly rely on computer processors and upwards of 100 million lines of computer code to operate. With the proliferation of processors and vehicle software the cyberattack surface and sophistication of hacks has grown.

The federal government has ramped up its response with FBI warnings to automakers and consumers to “maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles.” The National Highway Traffic Safety Administration has released guidelines to ensure automakers are designing cars to be safe against cyberattacks.

Read more

Ecomotion Logo

“Cyber for Cars” EcoMotion, Tel Aviv

Karamba Security | May 18, 2017

EcoMotion 2017

EcoMotion is a community with over 700 affiliated organizations related to the Smart Transportation sector. EcoMotion’s 2017 Main Event presented a showcase of vehicle technology companies and a variety of panels and presentations. Ami Dotan, CEO & Co-Founder of Karamba Security, was invited to participate at the “Cyber for Cars” panel to answer paramount questions that concern the automotive cyber security industry.

Read more

Test pic

A Different Auto Cyber Security

Assaf Harel, CTO & Co-Founder | May 16, 2017

Security bugs in the connected vehicle

In A hacker’s guide to fixing automotive cybersecurity, Charlie Miller puts in perspective which cyber security challenges exist for the automotive industry. The article’s conclusion is that all software -even the most reliable- contains security bugs. Even the ones coming from software mammoths such as Microsoft, Google and Apple. The ramifications of these vulnerabilities in cars, evidently, can be severe.

Read more