Gabriel Cirlig

Senior Software Engineer at Ixia, a Keysight business

Software developer turned rogue, went from developing apps for small businesses to 2M+ DAU Facebook games while keeping an eye for everything shiny and new. For about two years he’s been tinkering at Ixia’s threat intelligence system as his full time passion while playing around with whatever random hardware comes into his hands. With a background in electronics engineering and various programming languages, Gabriel likes to dismantle and hopefully put back whatever he gets his hands on.

Drive safely on the internet lane: how smart cars can leak your data

As “smart” is becoming the new standard for everything, malicious threat actors are quick to capitalize on the insecurity of IoT devices. Hackers getting into your computer and spying on you is not something new for the average internet user, but definitely an emerging threat in the world of cars. Given a relatively new car (2014) with an infotainment system completely decoupled from the car’s backbone (ignition, lights and such), we discovered sensitive personal information being stored completely in the clear. We were able to extract the call logs, text messages and phone agenda from all the connected mobile devices. More worryingly, the navigation system logs were left without any obfuscation, enabling a malicious attacker to track the position of the car in real time, when it’s near open wifi networks.
Presentation’s Co-Presenter is Stefan Tanase, Principal Security Researcher at Ixia, a Keysight business.

Presentation @DefCamp 2017