A now-patched flaw in Subaru’s STARLINK connected vehicle service exposed location information and driver data for millions of vehicles with nothing more than the vehicle’s license plate number – the latest jaw dropping smart vehicle security flaw discovered by the researcher Sam Curry.
Automakers swear that the security of their connected vehicles is their top priority. So how come researchers just found dozens of software flaws that could give hackers access to millions of cars?
In this episode of Security Ledger Podcast (#164): your car is spying on you. But who owns the data it collects? Also: LastPass’s Dan DeMichele joins us to talk about why password security is still so hard.
In-brief: Carnegie Mellon CERT warned drivers that a popular aftermarket product for vehicles could leave them open to potentially “life threatening” wireless attacks. Update: added info on recommended remediation. PFR 4/8/2016
In-brief: the Department of Homeland Security is putting $4 million towards to research projects aimed at securing connected cars. (Updated to add comments from Dan Massey of DHS. – PFR 11/10/2015)
