Securelist's report on the security vulnerabilities in Android-based "connected cars" describes how custom Android apps could be used to find out where the car is, follow it around, unlock its doors, start its engine, and drive it away.
They reported their findings yesterday at the RSA conference. It's a timely reminder that cars are just computers we put our bodies into.
"The main conclusion of our research is that, in their current state, applications for connected cars are not ready to withstand malware attacks," said Chebyshev.
"We expect that car manufacturers will have to go down the same road that banks have already gone down with their applications. Initially, apps for online banking did not have all the security features listed in our research," the expert added. "Now, after multiple cases of attacks against banking apps, many banks have improved the security of their products."
"Luckily, we have not yet detected any cases of attacks against car applications, which means that car vendors still have time to do things right," Chebyshev noted. "The attack surface is really vast here."
Mobile apps and stealing a connected car [Mikhail Kuzin and Victor Chebyshev/Securelist]
Millions of Smart Cars Vulnerable Due to Insecure Android Apps
[Catalin Cimpanu/Bleeping Computer]
We’ve seen Disneyland-scented candles before but now there are new contenders in the category of “Things that smell like something you’d find in a Disney resort.” While the Magic Candle Company in Kissimmee, Florida is not affiliated with Disney in any official way, they have made an entire line of candles, wax melts, and spray-on […]
Steven Melendez discovered some public domain government documents in Google Books that the service wouldn't let him download because they had been misclassified as copyrighted; he filled in an online form and less than a week later, a human had reviewed the documents, agreed that they had been misclassified and removed all restrictions.
The EU is mooting a new copyright regime for the largest market in the world, and the Commissioners who are drafting the new rules are completely captured by the entertainment industry, to the extent that they have ignored their own experts and produced a farcical Big Content wishlist that includes the most extensive internet censorship […]
You probably remember the Twisty Glass Blunt since we love to write about it. And you may also remember its little buddy, the Twisty Glass Mini. Well, today we’ve got a fun surprise that isn’t so little. Less isn’t always more, and on those days when you need to decompress with a good smoke, the Twisty XL […]
Another year, another iteration of Samsung’s Galaxy smartphone—except this time around Samsung sought to redefine what a smartphone can do completely. Boasting a 6.2″ Quad HD+ Super AMOLED (2960×1440) infinity display, and an elite 10nm 64-bit Octa-Core Processor with 6GB RAM, the S9+ is an absolute powerhouse with a price tag to match. However, you […]
Competition in the job market is getting stiff, and while experience and a four-year degree can put you on the map, most employers prefer applicants versed in the tools that power their industry. To this end, certifying your skills with Salesforce is a smart move. The world’s #1 Customer Relationship Management (CRM) platform, Salesforce is […]