Researcher Says Can Hack GM’s OnStar App, Open Vehicle, Start Engine

31 Jul 2015 | Author: | No comments yet »

GM says its cars are already protected against the OnStar hack.

BOSTON/DETROIT (Reuters) – A researcher is advising drivers not to use a mobile app for the General Motors OnStar vehicle communications system, saying hackers can exploit a security flaw in the product to unlock cars and start engines remotely. “White-hat” hacker Samy Kamkar posted a video on Thursday saying he had figured out a way to “locate, unlock and remote-start” vehicles by intercepting communications between the OnStar RemoteLink mobile app and the OnStar service.

Kamkar said he plans to provide technical details on the hack next week in Las Vegas at the Def Con conference, where tens of thousands of hacking aficionados will gather to learn about new cybersecurity vulnerabilities. According to a General Motors representative, a fix was implemented last night in the servers that communicate with the OnStar app, instituting stronger certificate controls and effectively locking out remote attacks like the one detailed by Wired. “We did consider the option of an app update,” the representative said, “but focused primarily on a path that would allow us to make changes on the back-end that would allow the fix to be immediate, without the need for customer action.” As a result, drivers won’t need to update their phones, and the changes can take immediate effect. Kamkar released the video a week after Fiat Chrysler Automobiles recalled some 1.4 million vehicles after hacking experts demonstrated a more serious vulnerability in the Jeep Cherokee.

GM spokesman Terrence Rhadigan told Reuters via email that the company was preparing an update to the RemoteLink app that would address the vulnerability. “It’s days away,” Rhadigan said. When asked via email if it was safe to use the app before an update is released, Rhadigan said: “We believe the chances of replicating this demonstration in the real world are unlikely.

Here you can write a commentary on the recording "Researcher Says Can Hack GM’s OnStar App, Open Vehicle, Start Engine".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site