Connect with us

Hacker Exposes OnStar Security Hole

(Credit: General Motors )

Car Safety

Hacker Exposes OnStar Security Hole

OnStar RemoteLink App

OnStar RemoteLink App (Credit: General Motors )

This past week or so hasn’t been kind to American automakers and digital security. The bad news keeps rolling, this time for GM after a hacker exposed a big security hole in OnStar. The good news is the hacker is a white hat, meaning he didn’t make a bunch of GM owners crash or lock them out of their cars while demanding wads of cash. That doesn’t mean something like that can’t happen in the near future.

CNET broke the story of security researcher Samy Kamkar creating a device he calls OwnStar. It’s a cute name, but the hardware has the ability to see and intercept communications between any vehicle with OnStar and the OnStar RemoteLInk app.

Fortunately, GM took the information seriously, creating a patch to fix the problem quickly. Unfortunately, it wasn’t enough. Kamar and GM have both found that there’s still a vulnerability in any OnStar-equipped vehicle that won’t make anyone feel warm and fuzzy about having the technology.

Kamar posted a video on YouTube of OwnStar in action. He was able to start up a GM vehicle’s engine remotely, activate the door locks and even pinpoint exactly where it was located. These aren’t things anyone wants an anonymous person who could be thousands of miles away doing.

People often are fearful of change, and this news along with the Fiat Chrysler hack is stirring up a lot of concern. Some are suggesting that having computers in cars is a mistake, although they probably don’t realize that would mean ditching fuel injection and other conveniences we take for granted these days. The real problem is that automakers have been too lax about cybersecurity. Cars are now part of the Internet of Things, and so they need the same kinds of protections found on iPhones, tablets and other devices.

Having someone hack your car while driving down the highway at 75 mph is more concerning than your phone. The fact is that there were limits to what Kamar could do. He couldn’t shut off the engine with the transmission is gear. He couldn’t drive the vehicle remotely. Still, he’s exposed yet another big security risk associated with connected cars, demonstrating the need for better security in the immediate future.

Continue Reading
1 Comment

You must be logged in to post a comment Login

Leave a Reply

More in Car Safety

SPONSORED

Newsletter

Get Our StoriesIn Your Inbox

Subscribe for our latest news, reviews, and lists.

Popular Stories

Recent Posts

SPONSORED
To Top