Wired recently reported that a Hacker Disabled More Than 100 Cars Remotely. The “Hacker”, not to be confused with Angelina Jolie in the movie of the same name, obtained a password and managed to abuse a no start function in the cars. This time the system in question is canned Webtech Plus, a way for car branches to repo vehicles that haven’t been paid for by making them unusable.
Take this as a warning people. Any machine once connected to a network is inherently vulnerable. You can code tight as you can, run every type of security measure you want in front of and behind the connection. But as so many sci fi writers have written, Information Wants to be free. I would never want a no start feature in my car. You can sell as many OnStar vehicular recovery features that you want but if it means someone can either maliciously or mistakenly cause my car to do things i don’t command it to then i’m against it. This was just the first publicized example of the system being abused.
Have to say the Pay Technologies little black box under the hood is quite reminiscent of a loan shark coming around to rough you up a bit and “remind you” to pay I wonder how you check to see if this system is installed, or if the car buyers are made aware of it when they purchase?