BMW has remotely patched a security flaw in 2.2 million cars. The flaw meant that hackers could use a cellphone to open doors and a $30 tool clone keys for many BMWs, MINIs and Rolls Royces. Attackers could set up fake wireless networks to intercept and transmit the clear-text data to the cars but could not have impacted vehicle acceleration or braking systems.
They also updated the cars’s remote interfaces to use https instead of http.
Tesla have also released over-the-air fixes for their cars: it was discovered that in certain Model S collisions, ground clearance at high speeds was a factor, so they sent out a software tweak to all cars overnight to raise the suspension very slightly.
Personally I’m a little concerned by the implications of this. I’m all for technology, I love gadgets and I love some of the high tech features found in modern cars. But the fact that over two million cars had an open plain-text communications system that could easily be intercepted and hacked is a concern. Also that cars now have this connectivity and the manufacturer has the power to make changes to your car without prior notice, or even your knowledge.
This technology can save the manufacturer a lot of time and money in recall situations. But should we be concerned about Big Brother style remote updating and possibly monitoring? Or can we assume that systems like this will only be used to benefit the consumer?
