Yeah… fuck this shit. This is part of the reason I still drive a nearly 20 year old vehicle. It has features I want, and can’t be stolen via fucking API calls. Absolute insanity.
I think Hyundai/Kia group has done unfathomable damage to their brands. Kia, despite being a budget brand, wants to be seen as a legit competitor to Toyota or at least Nissan. Their corner cutting with the immobilizers and the resulting “USB” theft shit was bad enough. Now this exploit.
dumb cars will be worth their weight in gold soon
My car got dumbed for me because they killed the 3g network it was running on
Just because you can’t use it doesn’t mean a hacker can’t. If someone discovered a vulnerability in the 3g handshake or encryption protocol, it could be an avenue for an RCE.
Just like how manual cars became anti theft.
You could just find and disable the wireless modems.
Cool just like trying to replace a blower motor in a modern car feel free to rip the entire dash out only to find out it has a second antenna all the way in the back underneath the spare tire also behind a tail light which somehow requires you to remove the muffler to get to…
You’d probably have more luck installing a signal jammer in your car.
The best you can hope for is a rootkit and some Linux-based OS for cars to be developed so you can take full control.
FWIW there is a cottage industry for OnStar disable/delete mods for GM vehicles. It can be done, usually without breaking too much else of the car’s electronic functionality.
I’d rather poke the GSM modem with a screwdriver.
Not only what that other person said but it would probably void the warranty too.
Happy to have my 2012 civic. One of the last gens without a telemetry unit I think.
I’ve noticed a lot of issues showing up for the Kia and Hyundai cars security wise. I wonder if they’re having issues because there’s more focus on those cars or if their security is really that bad.
The Kia/Hyundai “challenge” where people were stealing their cars with a USB cord is because they opted not to include an immobilizer in US models for a decade. Every other car brand had them as standard. Kia even had them as standard in non US cars, but because the USA stupidly does not have a law about it, they opted to drastically reduce car security to save a few dollars per car.
This has made them prime targets, as people know they make bad security choices whenever they can save a buck.
So a bit of both, I expect.
Both probably. I’m sure a lot of cars have problems like this, but they just haven’t been found and there are already known vulnerabilities to focus on.
Let the fucking hacking begin. Fuck these assholes. They are milking people out of their last penny, and on top of that they’re selling people’s driving data to data brokers who sell it to insurance companies that jack up prices.
Nice writeup
There’s just no good reason to have anything beyond the radio/nav etc in a car connected to the Internet. Remote start can be done with just the key.
You know what fuck builtin nav. Connect it to my phone and let that be it for navigation.
And same for music. What year is this 2010?
That’s a very subjective take. My friends and family that live in hot climates love the ability to remotely turn on and pre-cool their vehicles. I appreciate being able to check if I remembered to lock the doors.
Both of those functions have been available via key fob for at least a decade, no internet required. Though yes the range on that can be limited.
Some of us still remember Wise Guys and want that range! ;-)
Thats precisely what I’m referring to- these things being possible when you’re inside of a store, restaurant, or an extreme case like you parked at the airport for a trip.
And by using that internet connected feature you’re 100% handing out your driving info to your car manufacturer, who in turn will sell it to LexisNexis, who in turn will sell it to insurance companies, who in turn will jack up your insurance prices.
Sure, that sucks. But I’m not saying there are zero downsides, I’m specifically countering the argument that there are “no good reasons” with my personal good reasons.
As I said in my comment, that can be done with the key, no Internet connection needed.
As for the lock thing, I just need to look if my mirrors are folded in or not.
The fob won’t work if you’re deep inside a store, will it? Same for checking the mirrors.
A) you can survive without precooling or set it to start before getting deep into the store.
B)if you want that feature fine, but leave it off everyone else’s car! No cell connections should be installed by default like this. It’s a walking cve list waiting to happen.
😭
I mean, there are plenty of very good reasons.
My car reminds me if the doors are unlocked or left open. I can adjust the charging speed at any time. I can turn on the HVAC and seat heaters before I leave. I can see my current state of charge. I can see exactly what is happening when my alarm goes off. I can see exactly where it is if it’s stolen. Etc.
You can argue that those are not important to you, personally but I don’t think you can argue that they aren’t good reasons.
I think there are certainly other wireless technologies that are superior in many ways and can supplement or replace the need for internet access in your immediate area.
I think the point is that there isn’t a good enough reason to put internet in a car that negates the risk of it.
It is like adding lead to food. It’s a cheap sweetener with no calories. You can argue that cheap sweeteners aren’t important to you, but I don’t think you can argue that it isn’t a good reason. It just isn’t a good enough reason to negate the risk.
I think the point is that there isn’t a good enough reason
OK but that’s not what they said.
None of those features require the Internet to work properly. Manufacturers can implement them (and have in the past) without it.
None of those features require the Internet to work
Yes? They do?