New research has found a major vulnerability in one automakers vehicle’s connectivity meaning previous owners can still gain access to their cars through IoT. With owners having the ability to heat their cars from the touch of their phones using a mobile app, it has been found that previous owners can still have the same type of access. Art Swift, President at the prpl Foundation commented below.
Art Swift, President at prpl Foundation:
“Provisioning and revoking services with connected devices has the potential to become a much bigger problem as consumers look to sell their old IoT devices in favour of newer ones. It’s an age old problem with a new twist that could put people at risk. If this is not addressed by industry satisfactorily, regulators could step in and potentially limit the innovation of connected car technology.
“The solution that prpl has successfully demonstrated is a security by separation approach that relies on hardware virtualisation as a way to deploy or provision new services or revoke old ones – and it does it in a trusted way that doesn’t impact on the core functionality of the device. This approach also means regulators can control what they need to for public safety without infringing on innovation.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.