SoylentNews is people
SoylentNews
An electronic dongle used to connect to the onboard diagnostic systems of more than two million cars and trucks contains few defenses against hacking, an omission that makes them vulnerable to wireless attacks that take control of a vehicle, according to published reports.
US-based Progressive Insurance said it has used the SnapShot device in more than two million vehicles since 2008. The dongle tracks users' driving to help determine if they qualify for lower rates. According to security researcher Corey Thuen, it performs no validation or signing of firmware updates, has no secure boot mechanism, no cellular communications authentication, and uses no secure communications protocols. SnapShot connects to the OBDII port of Thuen's 2013 Toyota Tundra pickup truck, according to Forbes ( http://www.forbes.com/sites/thomasbrewster/2015/01/15/researcher-says-progressive-insurance-dongle-totally-insecure/ ). From there, it runs on the CANbus networks that control braking, park assist and steering, and other sensitive functions.
http://arstechnica.com/security/2015/01/wireless-device-in-two-million-cars-wide-open-to-hacking/
(Score: 2) by dyingtolive on Thursday January 22 2015, @04:07AM
It's all fun and games until some misanthrope sends someone else's car barreling into a ditch with their phone, I guess.
...well, okay, that damn near happens all the time already, I guess.
Don't blame me, I voted for moose wang!
(Score: 1) by tftp on Thursday January 22 2015, @07:12AM
Yes, but with the driver's own phone.