Rivian brings wrapped R1T & EDV to the DEF CON hacker convention

[Electric Rivilution]

Posted by Wassym

Our Rivian cybersecurity team is back to Defcon to reconnect with the community. Love this year's wrap!!​

​

​

DEF CON is the annual hacker convention in Las Vegas.

Sponsored

 

[COdogman]

Rivian’s CISO, Mike Johnson is a well regarded guy in the security community. They are one of the companies trying to do things the right way. Glad to see them sponsor events like this.

 

[McLovin]

For those of us who had no idea what “CTF” was…from Google AI:

DEF CON CTF is a premier hacking and cybersecurity competition held annually at the DEF CON security conference, featuring attack-defense and Jeopardy-style formats to test participants' skills in exploiting vulnerabilities and defending systems. Originating in 1996, it's the oldest continuously running CTF and serves as a benchmark for cybersecurity skill, with challenges ranging from cryptography to radio frequency hacking. The competition attracts a global community of hackers, security professionals, and enthusiasts.

 

[Donald Stanfield]

I like that wrap.

 

[godfodder0901]

For those of us who had no idea what “CTF” was…from Google AI:

DEF CON CTF is a premier hacking and cybersecurity competition held annually at the DEF CON security conference, featuring attack-defense and Jeopardy-style formats to test participants' skills in exploiting vulnerabilities and defending systems. Originating in 1996, it's the oldest continuously running CTF and serves as a benchmark for cybersecurity skill, with challenges ranging from cryptography to radio frequency hacking. The competition attracts a global community of hackers, security professionals, and enthusiasts.

That's a shite definition. CTF stands for "Capture the Flag". Vendors set up a vulnerable system and embed 'flags' - just encoded strings - in specific locations that hackers get in order to prove access to certain systems or locations.

 

[McLovin]

That's a shite definition. CTF stands for "Capture the Flag". Vendors set up a vulnerable system and embed 'flags' - just encoded strings - in specific locations that hackers get in order to prove access to certain systems or locations.

lol…I just noticed that Google AI left out the actual definition of “CTF”, which I found in other hits. I just assumed it had the definition in there.

Proof that AI isn’t all it’s cracked up to be at this point. If it can’t provide a simple definition of an acronym…

 

[CharonPDX]

Dang, sad I'm missing it this year! (I usually go to DEFCON, but had multiple previous commitments this weekend.)

 

[Wat5]

Ahh I missed this. Would have loved to poke around but the venue was huge and there's always more things to do than there is time.

 

[usulio]

Rivian’s CISO, Mike Johnson is a well regarded guy in the security community. They are one of the companies trying to do things the right way. Glad to see them sponsor events like this.

I appreciate him trying ... but given this is the company that keeps a database of video footage of you and your children and a log of everywhere you go ... I think his definition of security is different than mine.

 

[COdogman]

I appreciate him trying ... but given this is the company that keeps a database of video footage of you and your children and a log of everywhere you go ... I think his definition of security is different than mine.

You are referring to privacy, not security. Privacy is a component of security (confidentiality), but consumers are given choices about how their personal data is handled, which they don't technically have to offer. They could just say that in buying this vehicle you are agreeing to ALL these policies. So that is what I mean by "trying to do things the right way". Rivian is telling you what data they collect, what they do with it, and allowing you to opt out if you want.

For example, you can opt out of the GPS if you are that worried about it. But if that is true I would think you wouldn't use GPS navigation on your phone either. So it's a question of each person's tolerance, which Rivian is attempting to account for by providing options. Google Maps in this case is not connected to your Google account, or even your specific Rivian.

The “security“ part of this is more about protection of your data, which they do:
https://rivian.com/support/article/...a-both-on-the-vehicle-and-in-the-rivian-cloud

They are not ”keeping footage of you and your children” Gear Guard footage is only stored in the vehicle.
https://rivian.com/support/article/...deos-can-rivian-provide-a-copy-of-a-video-fro

They even give you the option to turn off ALL data collection if you desire:
https://rivian.com/support/article/can-i-disable-all-data-collection-from-my-vehicle

 

[Dark-Fx]

They are not ”keeping footage of you and your children” Gear Guard footage is only stored in the vehicle.
https://rivian.com/support/article/...deos-can-rivian-provide-a-copy-of-a-video-fro

The interior image sharing has nothing to do with gear guard.

https://rivian.com/support/article/what-choices-do-i-have-regarding-my-vehicle-cameras

 

[COdogman]

The interior image sharing has nothing to do with gear guard.

https://rivian.com/support/article/what-choices-do-i-have-regarding-my-vehicle-cameras

Right. But you do still have the choice whether to enable it or not and I believe that only applies to 2025 and newer since older models it was disabled by Rivian.

 

[usulio]

They are not ”keeping footage of you and your children” Gear Guard footage is only stored in the vehicle.
https://rivian.com/support/article/...deos-can-rivian-provide-a-copy-of-a-video-fro

I seem to have been wrong about footage, but they do upload still images from the cameras for "product improvement". You are also right that one can opt out.
https://rivian.com/support/article/faq-what-choices-do-i-have-regarding-my-vehicle-cameras

 

[COdogman]

I seem to have been wrong about footage, but they do upload still images from the cameras for "product improvement". You are also right that one can opt out.
https://rivian.com/support/article/faq-what-choices-do-i-have-regarding-my-vehicle-cameras

I should have added that you are right to be protective of your data and privacy. Our Rivians are like big data vacuums and if we ignored the potential risks, we would all be pretty ignorant. I have spent more time than I care to admit reading through all the privacy policies

 

[usulio]

You are referring to privacy, not security. Privacy is a component of security (confidentiality), but consumers are given choices about how their personal data is handled, which they don't technically have to offer. They could just say that in buying this vehicle you are agreeing to ALL these policies. So that is what I mean by "trying to do things the right way". Rivian is telling you what data they collect, what they do with it, and allowing you to opt out if you want.

Yeah, privacy is a component of security, not all of security.

I do generally opt out of location services. There is no technical need for Rivian to store a history of my precise location in order to offer GPS navigation. They do store it, and say they may share my data with advertisers and with law enforcement even when not legally required to do so.

With the new map update, Rivian also makes you agree to Google TOS.

I know Rivian isn't the worst company out there, but they follow lots of "industry standard" shady anti-consumer practices with regard to privacy.

Sponsored