Category Archives: Uncategorized

There Are Patches to Protect from the PerfektBlue Automotive Vulnerability

(Imagen 4)

Why is the “PerfektBlue” (with a K) automotive vulnerability in the news?

And why are people more likely to read the cyber press alarms that emphasize the vulnerability, then the reports that emphasize the fix?

Unlike the cyber press, I will report the fix first.

OpenSynergy 

For example, OpenSynergy, author of the Blue SDK for remote Bluetooth access to automobiles, issued this statement on July 9, 2025:

“OpenSynergy was notified In May 2024 by PCA Cyber Security (formerly PCAutomotive) about a couple of potential vulnerabilities (named PerfektBlue) in Blue SDK. 

“We are pleased to confirm that corrections were applied and fixed the potential vulnerabilities, and relative patches were supplied to our customers in September 2024.”

PCA Cyber Security

Why was OpenSynergy addressing a 2024 vulnerability in 2025? Because the cybersecurity press is just now reporting on the vulnerability…because PCA Cyber Security intentionally refrained from publicizing it.

“[W]e reported all the findings to OpenSynergy in May, 2024. They acknowledged, and rolled out patches to the customers of BlueSDK in September, 2024. It was decided to wait until all of OpenSynergy customers applied the patches before this publication.

“To protect against PerfektBlue, you can update your system or disable the Bluetooth functionality entirely.”

CyberScoop

What can happen if you don’t patch your car? Here is what CyberScoop said:

“Successful exploitation of the infotainment system could theoretically provide attackers with access to GPS tracking, audio recording capabilities, and contact information. Researchers also note that weak network segmentation could potentially allow attackers to access other vehicle systems, though this would depend on additional vulnerabilities and the specific architecture of each vehicle.”

CyberScoop also clarified why the vulnerability wasn’t revealed back in September 2024 when the patches were released:

“[T]he complex nature of automotive supply chains has created challenges in patch distribution. Some original equipment manufacturers had not received the necessary updates as late as June 2025, nearly a year after the initial disclosure. This delay prompted the researchers to proceed with public disclosure while withholding the identity of the fourth manufacturer.”

The three identified manufacturers and systems are Mercedes-Benz’s NTG6 system, Volkswagen’s MEB ICAS3 unit, and Skoda’s MIB3 system.

Mercedes-Benz, Skoda, and Volkswagen

Oddly enough, I can’t find any statements from the three known manufacturers. You would think they would jump in front and say “here’s how to apply the patches”…or better still, “we have already applied the patches.”

But so far I haven’t found any manufacturer statements.

From https://www.vw.com/en.html

A missed opportunity.

Why?

People are more likely to read the cyber press alarms that emphasize the vulnerability, then the reports that emphasize the fix.

After all, gotta get those clicks.

Returning to Misspellings in AI-generated Images

There is a LinkedIn user who writes and titles posts on various technical topics…and then ruins the posts by illustrating them with an AI image generator and including the post title in the image.

Why are they ruined? Because some I mage generators can’t spell. For example, one of the images includes the so-called word CYBERCEERITYY.

If you want your AI-generated images to include correctly-spelled words, either use short simple words or use large multimodal model (LMM) image-text generators. See my earlier post, “Text Generation in Images? Use an LMM” at the https://bredemarket.com/2024/07/30/text-generation-in-images-use-an-lmm/ URL.

Apparently Google Gemini’s Imagen 4 incorporates LMM capabilities; I fed it a complex textual title and it was spelled correctly in the resulting image.

(Imagen 4)

The Joy of Spreadsheets

Spreadsheets are wonderful things. Not just for numbers people (the real CPAs). But also for words people (the content-proposal-analysis folks).

Whether you use Microsoft Excel, Google Sheets, or something else, the ability to sort the data in multiple ways is a godsend.

I am gathering requirements for a Bredemarket client, and my spreadsheet allows me to logically sort and group the requirements.

Better than taking time to cut and paste blocks of text to order them properly.

Crypto Transfers Without KYC

(Imagen 4)

Have you ever played a smartphone game that gives you a teeny bit of crypto?

So little crypto that it’s not measured in Bitcoin, but in satoshis (where 100 million satoshis equals one bitcoin)?

If so, you probably didn’t have to undergo a Know Your Customer (KYC) check to verify your financial identity.

Renno and Company explains why not:

“If a virtual currency transfer of $1,000 or more occurs, the client’s identity must be verified. This step is critical in the digital currency world, where anonymity can lead to misuse.

“If there is a virtual currency exchange of $1,000 or more, identity verification is also required. This helps ensure that all exchanges are transparent and not used for illegal purposes.”

If you find a smartphone game that pays more than $1,000 a pop…let me know.

And if you want to transact crypto, StealthEX supports no-KYC transactions:

“Thanks to StealthEX you can now purchase an amount of crypto without KYC if it’s less than $700 or the equivalent of this amount in other currencies. As long as your total purchases don’t exceed $700, you don’t have to verify your identity. You can make one big purchase or several small $20, $50 or $100 transactions. StealthEX allows users to seamlessly exchange their assets across chains in minutes without the need to verify their identity.”

Yeah, $700 rather than $1,000. StealthEX is…um…playing it safe.

My Latest Writings on Content and Proposals

Bredemarket’s latest writings on

If you can use my services in any of these areas, book a free 30 minute content needs assessment and talk to Bredemarket. https://bredemarket.com/mark/

Working With Your Customers on Case Studies

On Tuesday I published a LinkedIn article as part of Bredemarket’s “The Wildebeest Speaks” series. The title: “Does Word-of-Mouth Eliminate the Need for Bredemarket?

Once I answered that question (I think you can guess my answer), I talked about how you can effectively combine word-of-mouth and corporate efforts via “casetimonials“—either case studies or testimonials that allow the happy customer to have their say, while your company helps to shape the message.

Focusing on case studies, I said the following:

Case studies require more collaboration, as I found out when I wrote a dozen case studies for a firm.

So yes, much has changed over the last few years, but the need for you to communicate with your prospects remains.

Which is why you should solicit Bredemarket’s assistance. I can help create content for tech marketers. Contact me.

Stop losing prospects! Use Bredemarket content for tech marketers
Content for tech marketers.