committing page revision 1

author: 46halbe <46halbe@berlin.ccc.de> 2017-12-27 07:19:45 +0000
committer: 46halbe <46halbe@berlin.ccc.de> 2020-05-23 13:40:10 +0000
commit: bec2451e4f92ffe60c2371145d408e6ca229cd62 (patch)
tree: 410365195f9de2fb08871bb3d3d7bce2da44f9c5 /updates/2017
parent: f4b3eda71e63de512663702806dde5c37260795f (diff)
1 files changed, 88 insertions, 0 deletions
diff --git a/updates/2017/e-motor.en.md b/updates/2017/e-motor.en.md
new file mode 100644
index 00000000..3b0aff81
--- /dev/null
+++ b/updates/2017/e-motor.en.md
@@ -0,0 +1,88 @@
+title: Chaos Computer Club hacks e-motor charging stations
+date: 2017-12-27 00:43:00 
+updated: 2017-12-27 07:19:45 
+author: 46halbe
+tags: update, pressemitteilung
+previewimage: /images/NFC-Karten-Analysewerkzeuge9.jpg
+Currently, the infrastructure for charging electronic vehicles is rolled out in Germany – once again without paying much attention to IT security. The convenient charging cards are currently so insecure that it is not advisable to use them. It is trivially possible to charge your car while having someone else unknowingly being forced to pay. Nearly all charging cards are affected by this vulnerability. Charging network providers that issue these cards have refused to fix the security problems, despite being given several months pre-warning. The details of the vulnerabilities will be presented in detail today at the 34th Chaos Communication Congress at 12:45 in Leipzig.
+<!-- TEASER_END -->
+Electric cars are recharged at an electric vehicle charging station
+instead of a gas pump. The stations usually offer a three-phase current
+connector, through which the necessary charging performance is achieved.
+In public spaces charging operations are sometimes deducted from
+charging cards by the operators. A number is stored on these charging
+cards, which the charging station uses to identify the customer.
+Unfortunately, this number is completely public and can be copied as
+often as desired. Therefore, it is possible to easily clone a charging
+card.
+„The operators have not implemented basic security mechanisms“, said CCC
+member Mathias Dalheimer who will explain the details of the hack today
+at 34C3. „This is as if I would pay with a photo copy of my debit card
+at the discounter − and the cashier accepts it.“
+The communication between charging stations and the billing back-end is
+not protected as well. The card number is transmitted without encryption
+directly to the provider. Little technical effort is necessary to
+intercept this communication to harvest customer card numbers. With
+these numbers it is possible to either forge charging cards or – even
+more simple – simulate charging events. Using this method a provider of
+charging stations can easily inflate its revenue.
+The charging stations themselves are also insecure. Most stations allow
+manipulations of their configuration and firmware updates via USB stick.
+Since this update mechanism is frequently insecure – like with KEBA
+models – arbitrary code can be inserted into the charging station. By
+this method an attacker for example can make charging free for all or
+can harvest customers' card numbers to make charges at their cost.
+Customers will have a hard time to proof these types of misuse.
+Especially when roaming, when their charging card is accepted at the
+station of a different provider, the settlement of fees happens much
+later. Weeks can pass before the misuse of their charge card number is
+noticed. The providers of the charging networks have acknowledged the
+problems but see no reason to take action. „New Motion“, for example,
+said that they do not know of misuse cases and that their customers
+should please take a look at their billing statement. \[0\] A change to
+a more suitable method of payment is not planned, so customers currently
+are forced to live with this inacceptable situation.
+We demand:
+-   The security of the charging stations has to be raised to the state
+    of the art.
+-   Charging station operators must offer secure payment methods to
+    their customers.
+-   The payment data has not only to be protected within one charging
+    cycle, but also when roaming between different charging operators as
+    well.
+ 
+**Links**:
+\[0\] [Statement of „New
+Motion“](https://www.goingelectric.de/forum/oeffentliche-ladeinfrastruktur/ladekarten-sind-unsicher-wie-man-auf-fremde-rechnung-laedt-t27590-50.html#p628169)
+(German)
+\[1\] More technical details and
+videos: <https://schwarzladen.gonium.net/> (German)
+\[2\] Electric car
+simulator: [https://evsim.gonium.net](https://evsim.gonium.net/)
+\[3\] Videos on Youtube:
+<https://youtu.be/0-AjgT8oqt8>
+<https://youtu.be/HWfHfctN66U>
+<https://youtu.be/nL3cDfzAIC0>
+<https://youtu.be/pUEp3uWAWqY>
+\[4\] Live-Streaming: [Information on streams and
+videos](https://events.ccc.de/congress/2017/wiki/index.php/Static:Streams)
author	46halbe <46halbe@berlin.ccc.de>	2017-12-27 07:19:45 +0000
committer	46halbe <46halbe@berlin.ccc.de>	2020-05-23 13:40:10 +0000
commit	bec2451e4f92ffe60c2371145d408e6ca229cd62 (patch)
tree	410365195f9de2fb08871bb3d3d7bce2da44f9c5 /updates/2017
parent	f4b3eda71e63de512663702806dde5c37260795f (diff)

diff --git a/updates/2017/e-motor.en.md b/updates/2017/e-motor.en.md new file mode 100644 index 00000000..3b0aff81 --- /dev/null +++ b/updates/2017/e-motor.en.md
@@ -0,0 +1,88 @@
	1	title: Chaos Computer Club hacks e-motor charging stations
	2	date: 2017-12-27 00:43:00
	3	updated: 2017-12-27 07:19:45
	4	author: 46halbe
	5	tags: update, pressemitteilung
	6	previewimage: /images/NFC-Karten-Analysewerkzeuge9.jpg
	7
	8	Currently, the infrastructure for charging electronic vehicles is rolled out in Germany – once again without paying much attention to IT security. The convenient charging cards are currently so insecure that it is not advisable to use them. It is trivially possible to charge your car while having someone else unknowingly being forced to pay. Nearly all charging cards are affected by this vulnerability. Charging network providers that issue these cards have refused to fix the security problems, despite being given several months pre-warning. The details of the vulnerabilities will be presented in detail today at the 34th Chaos Communication Congress at 12:45 in Leipzig.
	9
	10	<!-- TEASER_END -->
	11
	12	Electric cars are recharged at an electric vehicle charging station
	13	instead of a gas pump. The stations usually offer a three-phase current
	14	connector, through which the necessary charging performance is achieved.
	15	In public spaces charging operations are sometimes deducted from
	16	charging cards by the operators. A number is stored on these charging
	17	cards, which the charging station uses to identify the customer.
	18	Unfortunately, this number is completely public and can be copied as
	19	often as desired. Therefore, it is possible to easily clone a charging
	20	card.
	21
	22	„The operators have not implemented basic security mechanisms“, said CCC
	23	member Mathias Dalheimer who will explain the details of the hack today
	24	at 34C3. „This is as if I would pay with a photo copy of my debit card
	25	at the discounter − and the cashier accepts it.“
	26
	27	The communication between charging stations and the billing back-end is
	28	not protected as well. The card number is transmitted without encryption
	29	directly to the provider. Little technical effort is necessary to
	30	intercept this communication to harvest customer card numbers. With
	31	these numbers it is possible to either forge charging cards or – even
	32	more simple – simulate charging events. Using this method a provider of
	33	charging stations can easily inflate its revenue.
	34
	35	The charging stations themselves are also insecure. Most stations allow
	36	manipulations of their configuration and firmware updates via USB stick.
	37	Since this update mechanism is frequently insecure – like with KEBA
	38	models – arbitrary code can be inserted into the charging station. By
	39	this method an attacker for example can make charging free for all or
	40	can harvest customers' card numbers to make charges at their cost.
	41
	42	Customers will have a hard time to proof these types of misuse.
	43	Especially when roaming, when their charging card is accepted at the
	44	station of a different provider, the settlement of fees happens much
	45	later. Weeks can pass before the misuse of their charge card number is
	46	noticed. The providers of the charging networks have acknowledged the
	47	problems but see no reason to take action. „New Motion“, for example,
	48	said that they do not know of misuse cases and that their customers
	49	should please take a look at their billing statement. \[0\] A change to
	50	a more suitable method of payment is not planned, so customers currently
	51	are forced to live with this inacceptable situation.
	52
	53	We demand:
	54
	55	- The security of the charging stations has to be raised to the state
	56	of the art.
	57	- Charging station operators must offer secure payment methods to
	58	their customers.
	59	- The payment data has not only to be protected within one charging
	60	cycle, but also when roaming between different charging operators as
	61	well.
	62
	63
	64
	65	Links:
	66
	67	\[0\] [Statement of „New
	68	Motion“](https://www.goingelectric.de/forum/oeffentliche-ladeinfrastruktur/ladekarten-sind-unsicher-wie-man-auf-fremde-rechnung-laedt-t27590-50.html#p628169)
	69	(German)
	70
	71	\[1\] More technical details and
	72	videos: <https://schwarzladen.gonium.net/> (German)
	73
	74	\[2\] Electric car
	75	simulator: [https://evsim.gonium.net](https://evsim.gonium.net/)
	76
	77	\[3\] Videos on Youtube:
	78
	79	<https://youtu.be/0-AjgT8oqt8>
	80
	81	<https://youtu.be/HWfHfctN66U>
	82
	83	<https://youtu.be/nL3cDfzAIC0>
	84
	85	<https://youtu.be/pUEp3uWAWqY>
	86
	87	\[4\] Live-Streaming: [Information on streams and
	88	videos](https://events.ccc.de/congress/2017/wiki/index.php/Static:Streams)