SlideShare une entreprise Scribd logo

Will Your Car Betray you

Télécharger en tant que PPT, PDF
Christie Dudley
Christie Dudley

This document discusses the privacy implications of proposed connected vehicle technology. It summarizes the Dedicated Short Range Communications (DSRC) technology, which would allow vehicles to transmit location and trajectory data to nearby vehicles via radio signals. However, it notes that aspects like addressing, certificate management, and the backend interface have not been fully defined, raising privacy concerns about how device and vehicle identities could be correlated. It also expresses worry about potential commercial and infrastructure integration on top of the DSRC network.

Technologie
1  sur  16
Will Your Car Betray You? Implications of proposed connected vehicle technology on privacy
whoami • BSEE, digital communications • Too many years as a network engineer • Santa Clara University Law student • Research assistant providing technical expertise on privacy audits and reviews • Contracted by auto consortium to review privacy of proposed vehicle to vehicle safety network
Standard Disclaimer IANAL (Yet!) Not that it matters anyway.
Non-Standard Disclaimer A current NDA covers some of my work here. Focus on published information and standards.
Dedicated Short Range Communications a safety network transmitting vehicle trajectory and function Alerting inattentive drivers will save lives!
Challenges of DSRC The National Highway Transportation Safety Board is • Density considering a mandate to achieve these. • Integrity Auto manufacturers are on board with this
What DSRC Is • IEEE 802.11p radio communications • IEEE 1609 • Basic Safety Message API-like interface • Data glob is a series of values for defined fields • Only BSM interface to be presented to vehicle
What DSRC Is Not • Connected to CAN bus OnStar or any other existing network • Routed* (a “proper” network) • Commercial
Basic Safety Message Fields • Position and positional accuracy • Transmission, speed, detailed acceleration data • Braking status, including stability control • Path history and prediction • Event flags
BSM Format What’s missing? Addressing. Open sourcing apps that access this interface does not matter.
Trust the radio? • “Why shouldn’t you?”
about these certificates... • Still haven’t nailed this down. • Vehicle maintains a store of certificates • Periodically changed • Proposals for update period/method still being debated • This includes updates for revoked
Where do Certificates come from? • Double-key system to isolate device ID from request location. • Can device IDs be correlated to people? • Who issues these certificates? • How does DSRC device request/receive certificates.
“Back-end interface” • This also has not been decided • Without infrastructure, models such as cellular, wifi how do you connect?
Worrisome Development efforts • Commercial apps that ride on top of DSRC network • Integration with public transit systems • Fixed infrastructure
contact info • Christie Dudley • cdudley@scu.edu • @longobord

Recommandé

Conditional Access System
Conditional Access SystemConditional Access System
Conditional Access SystemOECLIB Odisha Electronics Control Library
 
Legal Questions Surrounding Cell Phone Privacy
Legal Questions Surrounding Cell Phone PrivacyLegal Questions Surrounding Cell Phone Privacy
Legal Questions Surrounding Cell Phone PrivacyChristie Dudley
 
Citizen Oversight of Police
Citizen Oversight of PoliceCitizen Oversight of Police
Citizen Oversight of PoliceChristie Dudley
 
Cell Site Analysis Truths & Myths
Cell Site Analysis Truths & MythsCell Site Analysis Truths & Myths
Cell Site Analysis Truths & MythsTheCellSiteExperts
 
Connected vehicles
Connected vehiclesConnected vehicles
Connected vehiclesChristie Dudley
 
Secrets of Autonomous Car Design
Secrets of Autonomous Car DesignSecrets of Autonomous Car Design
Secrets of Autonomous Car DesignReal-Time Innovations (RTI)
 
Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010Iddan Halevy
 
Advancing Active Safety for Next-Gen Automotive
Advancing Active Safety for Next-Gen AutomotiveAdvancing Active Safety for Next-Gen Automotive
Advancing Active Safety for Next-Gen AutomotiveReal-Time Innovations (RTI)
 

Recommandé

Conditional Access System
Conditional Access SystemConditional Access System
Conditional Access SystemOECLIB Odisha Electronics Control Library
 
Legal Questions Surrounding Cell Phone Privacy
Legal Questions Surrounding Cell Phone PrivacyLegal Questions Surrounding Cell Phone Privacy
Legal Questions Surrounding Cell Phone PrivacyChristie Dudley
 
Citizen Oversight of Police
Citizen Oversight of PoliceCitizen Oversight of Police
Citizen Oversight of PoliceChristie Dudley
 
Cell Site Analysis Truths & Myths
Cell Site Analysis Truths & MythsCell Site Analysis Truths & Myths
Cell Site Analysis Truths & MythsTheCellSiteExperts
 
Connected vehicles
Connected vehiclesConnected vehicles
Connected vehiclesChristie Dudley
 
Secrets of Autonomous Car Design
Secrets of Autonomous Car DesignSecrets of Autonomous Car Design
Secrets of Autonomous Car DesignReal-Time Innovations (RTI)
 
Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010Iddan Halevy
 
Advancing Active Safety for Next-Gen Automotive
Advancing Active Safety for Next-Gen AutomotiveAdvancing Active Safety for Next-Gen Automotive
Advancing Active Safety for Next-Gen AutomotiveReal-Time Innovations (RTI)
 
Applicability of Machine learning in computer networks
Applicability of Machine learning in computer networksApplicability of Machine learning in computer networks
Applicability of Machine learning in computer networksChetan Kumar S
 
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Cisco Enterprise Networks
 
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...DellNMS
 
Adaptive Network Middleware CSC (Communication Service Concierge) - R Kawamura
Adaptive Network Middleware CSC (Communication Service Concierge) - R KawamuraAdaptive Network Middleware CSC (Communication Service Concierge) - R Kawamura
Adaptive Network Middleware CSC (Communication Service Concierge) - R Kawamuramfrancis
 
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...Dez Blanchfield
 
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsVisualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsCA Technologies
 
BreakingPoint Cloud and Virtualization Data Sheet
BreakingPoint Cloud and Virtualization Data SheetBreakingPoint Cloud and Virtualization Data Sheet
BreakingPoint Cloud and Virtualization Data SheetIxia
 
Zig bee based vehicle access control system
Zig bee based vehicle access control systemZig bee based vehicle access control system
Zig bee based vehicle access control systemRudra Pratap Singh
 
Innovations in Edge Computing and MEC
Innovations in Edge Computing and MECInnovations in Edge Computing and MEC
Innovations in Edge Computing and MECSabidur Rahman
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesCloudPassage
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSAmazon Web Services
 
Stop Wasting Energy on M2M
Stop Wasting Energy on M2MStop Wasting Energy on M2M
Stop Wasting Energy on M2MEurotech
 
Crexendo Services
Crexendo ServicesCrexendo Services
Crexendo Servicesdouggaylor
 
Is Your Network Ready?
Is Your Network Ready?Is Your Network Ready?
Is Your Network Ready?Brocade
 
The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesThe Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesReal-Time Innovations (RTI)
 
SD-WAN
SD-WANSD-WAN
SD-WANchetnaganatra
 
Basic Network Support Certification
Basic Network Support CertificationBasic Network Support Certification
Basic Network Support CertificationVskills
 
CAN2
CAN2CAN2
CAN2Jai Kumar Sharma
 
WiPAt
WiPAtWiPAt
WiPAtSaurabh Shanbhag
 
Cloud computing
Cloud computingCloud computing
Cloud computingRazib M
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Contenu connexe

Similaire à Will Your Car Betray you

Applicability of Machine learning in computer networks
Applicability of Machine learning in computer networksApplicability of Machine learning in computer networks
Applicability of Machine learning in computer networksChetan Kumar S
 
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Cisco Enterprise Networks
 
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...DellNMS
 
Adaptive Network Middleware CSC (Communication Service Concierge) - R Kawamura
Adaptive Network Middleware CSC (Communication Service Concierge) - R KawamuraAdaptive Network Middleware CSC (Communication Service Concierge) - R Kawamura
Adaptive Network Middleware CSC (Communication Service Concierge) - R Kawamuramfrancis
 
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...Dez Blanchfield
 
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsVisualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsCA Technologies
 
BreakingPoint Cloud and Virtualization Data Sheet
BreakingPoint Cloud and Virtualization Data SheetBreakingPoint Cloud and Virtualization Data Sheet
BreakingPoint Cloud and Virtualization Data SheetIxia
 
Zig bee based vehicle access control system
Zig bee based vehicle access control systemZig bee based vehicle access control system
Zig bee based vehicle access control systemRudra Pratap Singh
 
Innovations in Edge Computing and MEC
Innovations in Edge Computing and MECInnovations in Edge Computing and MEC
Innovations in Edge Computing and MECSabidur Rahman
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesCloudPassage
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSAmazon Web Services
 
Stop Wasting Energy on M2M
Stop Wasting Energy on M2MStop Wasting Energy on M2M
Stop Wasting Energy on M2MEurotech
 
Crexendo Services
Crexendo ServicesCrexendo Services
Crexendo Servicesdouggaylor
 
Is Your Network Ready?
Is Your Network Ready?Is Your Network Ready?
Is Your Network Ready?Brocade
 
The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesThe Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesReal-Time Innovations (RTI)
 
Basic Network Support Certification
Basic Network Support CertificationBasic Network Support Certification
Basic Network Support CertificationVskills
 
Cloud computing
Cloud computingCloud computing
Cloud computingRazib M
 

Similaire à Will Your Car Betray you (20)

Applicability of Machine learning in computer networks
Applicability of Machine learning in computer networksApplicability of Machine learning in computer networks
Applicability of Machine learning in computer networks
 
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
 
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
 
Adaptive Network Middleware CSC (Communication Service Concierge) - R Kawamura
Adaptive Network Middleware CSC (Communication Service Concierge) - R KawamuraAdaptive Network Middleware CSC (Communication Service Concierge) - R Kawamura
Adaptive Network Middleware CSC (Communication Service Concierge) - R Kawamura
 
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...
Health Data Management - Clear Data - 5 reasons hospital CIOs are extending t...
 
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsVisualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
 
BreakingPoint Cloud and Virtualization Data Sheet
BreakingPoint Cloud and Virtualization Data SheetBreakingPoint Cloud and Virtualization Data Sheet
BreakingPoint Cloud and Virtualization Data Sheet
 
Zig bee based vehicle access control system
Zig bee based vehicle access control systemZig bee based vehicle access control system
Zig bee based vehicle access control system
 
Innovations in Edge Computing and MEC
Innovations in Edge Computing and MECInnovations in Edge Computing and MEC
Innovations in Edge Computing and MEC
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWS
 
Stop Wasting Energy on M2M
Stop Wasting Energy on M2MStop Wasting Energy on M2M
Stop Wasting Energy on M2M
 
Crexendo Services
Crexendo ServicesCrexendo Services
Crexendo Services
 
Is Your Network Ready?
Is Your Network Ready?Is Your Network Ready?
Is Your Network Ready?
 
The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesThe Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car Architectures
 
SD-WAN
SD-WANSD-WAN
SD-WAN
 
Basic Network Support Certification
Basic Network Support CertificationBasic Network Support Certification
Basic Network Support Certification
 
CAN2
CAN2CAN2
CAN2
 
WiPAt
WiPAtWiPAt
WiPAt
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

Dernier

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 

Dernier (20)

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 

Will Your Car Betray you

  • 1. Will Your Car Betray You? Implications of proposed connected vehicle technology on privacy
  • 2. whoami • BSEE, digital communications • Too many years as a network engineer • Santa Clara University Law student • Research assistant providing technical expertise on privacy audits and reviews • Contracted by auto consortium to review privacy of proposed vehicle to vehicle safety network
  • 3. Standard Disclaimer IANAL (Yet!) Not that it matters anyway.
  • 4. Non-Standard Disclaimer A current NDA covers some of my work here. Focus on published information and standards.
  • 5. Dedicated Short Range Communications a safety network transmitting vehicle trajectory and function Alerting inattentive drivers will save lives!
  • 6. Challenges of DSRC The National Highway Transportation Safety Board is • Density considering a mandate to achieve these. • Integrity Auto manufacturers are on board with this
  • 7. What DSRC Is • IEEE 802.11p radio communications • IEEE 1609 • Basic Safety Message API-like interface • Data glob is a series of values for defined fields • Only BSM interface to be presented to vehicle
  • 8. What DSRC Is Not • Connected to CAN bus OnStar or any other existing network • Routed* (a “proper” network) • Commercial
  • 9. Basic Safety Message Fields • Position and positional accuracy • Transmission, speed, detailed acceleration data • Braking status, including stability control • Path history and prediction • Event flags
  • 10. BSM Format What’s missing? Addressing. Open sourcing apps that access this interface does not matter.
  • 11. Trust the radio? • “Why shouldn’t you?”
  • 12. about these certificates... • Still haven’t nailed this down. • Vehicle maintains a store of certificates • Periodically changed • Proposals for update period/method still being debated • This includes updates for revoked
  • 13. Where do Certificates come from? • Double-key system to isolate device ID from request location. • Can device IDs be correlated to people? • Who issues these certificates? • How does DSRC device request/receive certificates.
  • 14. “Back-end interface” • This also has not been decided • Without infrastructure, models such as cellular, wifi how do you connect?
  • 15. Worrisome Development efforts • Commercial apps that ride on top of DSRC network • Integration with public transit systems • Fixed infrastructure
  • 16. contact info • Christie Dudley • cdudley@scu.edu • @longobord