Chevy Bolt EV Forum banner

1 - 14 of 14 Posts

·
Registered
Joined
·
579 Posts
Discussion Starter #1
Auto manufacturers seem to have woken up a bit to the downside of networked cars, but all the same I gave nmap a whirl against our Bolt while it was associated to the local network and it appears to be entirely hermetic-- no ports are listening (or at least talking to a port scanner). Presumably the car's networking gear is firewalled as a client.

In case anybody was wondering.

Would be interesting to see if it's robust against DNS poisoning etc. but life is too short.
 

·
Registered
Joined
·
1,084 Posts
Thanks for checking this, I would not have expected it do produce anything but you never know especially considering that the WiFi hotspot is an OnStar product that the developers over at OnStar don't seem to be the most skilled programmers.

As for wireshark, likewise I wouldn't expect to see anything there because I suspect all the communication with GM happens over the cellular network.
 

·
Registered
Joined
·
786 Posts
No open ports for external communications means that the Chevy Bolt cannot be externally hacked. I read how someone did hack a Chevy Malibu but he was connected through the OB2 port inside.
 

·
Registered
Joined
·
1,084 Posts
No open ports for external communications means that the Chevy Bolt cannot be externally hacked. I read how someone did hack a Chevy Malibu but he was connected through the OB2 port inside.
I think that's how we might be able to eventually hack our cars, either through the OBDII port or maybe the USB port.
 

·
Registered
Joined
·
579 Posts
Discussion Starter #7 (Edited)
As for wireshark, likewise I wouldn't expect to see anything there because I suspect all the communication with GM happens over the cellular network.
According to the manual the car will use an internet connection from a secure local area network (wifi) to pull updates, if available. A good thing, as the 4G service at our home only a stone's throw from downtown Seattle sucks (combination of always-tricky hilly terrain and too much regulatory freedumb).

But even a car manufacturer wouldn't skip ssl or a tunnel, presumably. :)
 

·
Registered
Joined
·
12 Posts
What scan tools did you use? I might throw a hail mary Armitage attack at mine unless that's what you did already.
 

·
Registered
Joined
·
505 Posts
I've got a 2019, I have scanned it regularly and have logging on for any sign of life from it. In 10 months, it hasn't sent so much as a bit versus a byte outside via my WiFi which, as I type it's connected to. It doesn't stay connected long. It grabs an IP from my DHCP pool, but doesn't even say boo to my DNS server. I have Ubiquiti WAP's and camera's and the Gen2 CK. I have a dedicated camera and WAP for the car ironically. Behind that I have a Fortigate 51E and a FortiAnalyzer and the rule for the car logs EVERYTHING. For what it's worth, here's screen shots from right now;


UBNT.JPG

fgt.JPG

fortianalyzer.JPG
@dbostrom @Pigwich @raitchison

As mentioned above by I believe raitchison, everything must be going through the cellular network. I don't pay for or use the OEM WiFi onboard. I renamed it, and left it 'on' so to speak. I do precondition my car every day via Alexa, seldomly do I use the Chevy App but I have.
 

·
Registered
Joined
·
505 Posts
I played around a bit and dug deeper. My FortiAnalyzer logs go back a full year, longer than I've owned the car. So I searched the full period for traffic....nothing.
But while digging through the menu on an unrelated matter (looking for WiFi phone # for a different post here), I discovered the forgotten software update button. Mine is set to update automatically, but I hit the check for new software button. The car was still connected to my WiFi network and for the first time, ever, I actually saw data move. It was less than 10 seconds, 11 packets and a total of about 2kb of encrypted HTTPS traffic. I have all the data, as useless as it is, and some more equally useless data but here's a high level overview of the traffic.
chevroletdata.JPG
 

·
Registered
Joined
·
204 Posts
Auto manufacturers seem to have woken up a bit to the downside of networked cars, but all the same I gave nmap a whirl against our Bolt while it was associated to the local network and it appears to be entirely hermetic-- no ports are listening (or at least talking to a port scanner). Presumably the car's networking gear is firewalled as a client.

In case anybody was wondering.

Would be interesting to see if it's robust against DNS poisoning etc. but life is too short.
I truly seek your indulgence...
...captn it's the dilithium crystals they canna take no more
Feel better now
 

·
Registered
Joined
·
12 Posts
Maybe it only talks to WiFi if the cell network is down? Makes no sense. A more likely explanation I want to suggest is that Chevy just put the menu item in the interface to say that they had that feature. I don't know if any OTA updates have happened to any of these cars - I did mine over USB from whatever software got leaked a few years ago. I can say this - If I keep the car after my lease, I'm disconnecting the SIM card. The way they did it on the SparkEV was thus:

An onboard, soldered SIM card and a spot on the PCB for a SIM socket, and a set of SMD zero ohm resistors that could get placed on one set of pads or another set of pads to select between internal and external. If this is the case with the Bolt as well, and I assume GM supplies the Onstar modules, so it probably is, there's some hot air rework in my future.
 

·
Registered
Joined
·
12 Posts
You're braver than most! 👍
27157


There's the little SOB right there. I posted this somewhere else on this site, but I can't find it :p
CN401 is the SIM card socket, and IC402 is the onboard SIM. There's a set of jumpers (and a few capacitors) next to the CN401 silkscreen that, depending on placement, will select between the two. Given how keen GM is to sell my driving habits to the insurance company....
 
1 - 14 of 14 Posts
About this Discussion
13 Replies
8 Participants
Pigwich
Chevy Bolt EV Forum
We’re the Largest Chevy Bolt EV Online Community and Owner's Club. Join to discuss sport mode, reviews, battery range and charging!
Full Forum Listing
Top