SoylentNews is people
SoylentNews
An electronic dongle used to connect to the onboard diagnostic systems of more than two million cars and trucks contains few defenses against hacking, an omission that makes them vulnerable to wireless attacks that take control of a vehicle, according to published reports.
US-based Progressive Insurance said it has used the SnapShot device in more than two million vehicles since 2008. The dongle tracks users' driving to help determine if they qualify for lower rates. According to security researcher Corey Thuen, it performs no validation or signing of firmware updates, has no secure boot mechanism, no cellular communications authentication, and uses no secure communications protocols. SnapShot connects to the OBDII port of Thuen's 2013 Toyota Tundra pickup truck, according to Forbes ( http://www.forbes.com/sites/thomasbrewster/2015/01/15/researcher-says-progressive-insurance-dongle-totally-insecure/ ). From there, it runs on the CANbus networks that control braking, park assist and steering, and other sensitive functions.
http://arstechnica.com/security/2015/01/wireless-device-in-two-million-cars-wide-open-to-hacking/
(Score: 3, Insightful) by GungnirSniper on Thursday January 22 2015, @03:40AM
How very progressive of them. How long will it take before we're given the "choice" of using these devices or paying double or worse? Then the working poor will have to take the privacy violation just to drive.
Tips for better submissions to help our site grow. [soylentnews.org]
(Score: 3, Interesting) by bob_super on Thursday January 22 2015, @05:06PM
It won't be long before you can't drive without one of these, and the cops will just send you tickets automatically.
Why bother with radars and speed traps when you can mandate self-reporting?