With Cars Connected to the Internet, What about Privacy? | Computerworld

Paul Roberts

10 years ago

Lucas Mearian has a long and quite thorough article over at Computerworld weighing the possible security and privacy risks posed by connected vehicles.

Risks to connected vehicles are growing as automakers add connectivity features without clear guidelines on how to manage security and risk.

Among other things, Mearian weighs the recent past and likely future of connected vehicles, noting that, “once mobile devices are connected to car infotainment systems and cars are connected to the Internet, vehicles will become a rich source of data for manufacturers, marketers, insurance providers and the government.”

They’ll also be a target for hackers.

The problem is that, unlike mobile phones, cars have useful lives that are measured in decades, not years – or even months. That makes it difficult for manufacturers, who want to make their vehicles state of the art, but also must deal with the reality of much longer development cycles and complex interactions between non-critical and critical on board systems.

[Read more Security Ledger coverage of connected vehicles here.]

A couple issues worth noting:

There’s a real lack of federal oversight of the quantity and type of data vehicle makers can collect from drivers and how it can be used and sold to downstream partners. That has left it up to each car maker to follow their own star when it comes to disclosure and use of that data. Best practices are emerging, but without clear laws and regulations, there’s no guarantee that every car maker will adhere to them.
A headlong rush within the automotive industry to add new, interactive features without a clear idea of the possible risks posed by those features. That’s especially true when you consider interactions between cars and a new line of wearable technology, as well as future interactions between cars (V2V), smart infrastructure (V2I), and smart home (V2H).
The end of security through obscurity. The telematics space has long been an island unto itself. That may soon change. Mearian quotes ABI Research in observing that proprietary technologies that CAN (controller area networking) may soon be replaced by more ubiquitous alternatives like Ethernet. Greater interoperability will be great for connecting cars to the outside world and new devices. It will also make hacking cars – currently a specialized discipline – not dissimilar from hacking other, more common endpoints like PCs. That will drastically expand the “threat landscape” for connected vehicles.

Check out the full article: Once your car’s connected to the Internet, who guards your privacy? | Computerworld.

Share this: