It's not just that smart cars' Android apps are sloppily designed and thus horribly insecure; they are also deliberately designed with extremely poor security choices: even if you factory-reset a car after it is sold as used, the original owner can still locate it, honk its horn, and unlock its doors.
Again, this is by design: because auto-makers are worried about lockout and hacks (for example, a valet resetting your car to lock out your app), only the original dealer can sever the car's connection with the cloud accounts of the original owner.
Charles Henderson, the leader of IBM's X-Force Red security division presented on this risk at last week's RSA conference in San Francisco (you can read his essay on the subject here). His ultimate recommendation is this counsel of despair: unless you are very technologically savvy, you should only buy new cars, not used ones.
It's not just cars, either -- the problem extends to smart appliances, thermostats, and other devices. Renting a house, staying in a hotel room, or buying a house without replacing its appliances and HVAC systems also exposes you to risks from the previous users of the devices in it.
When Henderson approached car makers about letting car owners wipe apps, companies were concerned about people not being able to do it properly.
“The explanation we were given was fear of user error,” he said. “But a pin system for reset or an authentication-required reset system would be my suggestion.”
Reselling connected devices causes problems beyond the used car lot. Selling homes with connected devices can be a security issue, too. Security cameras, smart fridges, and smart lights can all retain the previous owner’s data.
An IoT Love Story: Always Apart, Never Disconnected
Why buying used cars could put your safety at risk [CNN]
From the Open Markets Institute's Mat Stoller and Austin Frederick, who analyzed the FTC's panel, "The Current Economic Understanding of Multi-Sided Platforms," in which economic experts told the regulator that Big Tech's monopoly power just isn't a problem: "every single economist testifying on the issue of corporate concentration derived income, directly or indirectly, from large […]
Google [Alphabet Inc.] will soon charge hardware companies up to $40 per device to use Google apps, under a new licensing plan that will replace one struck down by the EU earlier this year as anti-competitive, reports Reuters.
A batch of internal Harvard admission-related emails have come into the public domain as part of a lawsuit alleging that Harvard discriminates against Asian applicants, and they reveal that the admissions process is tilted in favor of members of families who are major donors to Harvard.
Speed reading isn’t just an innate skill possessed by a lucky few. Anyone can learn to speed read, and the benefits are endless. The brain can process more information than most people have time to soak up, but you can make that time now with the 2018 Award-Winning Speed Reading Bundle. The first half of […]
Sure, you could use the same old PowerPoint templates for your next business presentation. It’s not like you have bosses or investors to impress. Oh wait, you do? Time to augment that slideshow with Slideshop – the presentation tool that can individualize your pitch while saving you time. Compatible with PowerPoint, Keynote and Google Slides, […]
Multinational companies have used the no-nonsense methodologies of Six Sigma and Lean Six Sigma to oil a smooth-running operation for years. What is it? Six Sigma (and its offshoot, Lean Six Sigma) apply the principles of science to business, teaching managers to methodically target waste, maximize output and streamline the flow from producer to consumer. […]