BMW pushes security patch to hackable connected cars


Connecting stuff to the internet can sometimes introduce fun new vulnerabilities, and so it has proven in the case of millions of BMW cars.

On Friday the German auto outfit announced it was sending an over-the-air update to cars featuring its SIM-based ConnectedDrive module. This allows drivers to remotely unlock their car, but the German automobile club ADAC had reverse-engineered the telematics software and warned [company]BMW[/company] that a flaw made it possible for third parties to unlock vehicles.

In a statement, BMW stressed that there wasn’t a flaw in its hardware, nor would any driving-related functions have been affected. The update, which introduces HTTPS encryption to the car’s connection with BMW’s servers, is automatically downloaded as soon as the car module talks to that system.

Hackers were in theory able to dupe the car into unlocking by creating a fake mobile network, according to Reuters. There is…

View original post 81 more words


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s