timetalk uses cookies to ensure that we give you the best experience on our site. If you continue without changing your browser settings, we'll assume that you are agreeing to our use of cookies. Find out more by reading our cookies policy.

x

Car Hacker



US security expert has created a tool that allows him to intercept and capture the unlock signals sent to luxury cars from their smartphone apps.

20:15 17 August 2015

Categories : News


A crafty, sneaky US security expert built the “OwnStar” which mimics a wi-fi hotspot that can be used to hijack the signal from the popular OnStar RemoteLink app that is used by General Motors.

 

Sammy Kamkar, a security researcher from Los Angeles, has tweaked the code that allow him to locate, unlock, and start BMW and Mercedes cars without their owners’ knowledge.

 

He said: "The issue itself is the same exact SSL certificate issue that affected OnStar/GM (which they've resolved two weeks ago).”

 

"It was barely any tweaking of the original system - a few lines of code to add support per vehicle."

 

Meanwhile, a Mercedes spokesperson said: "The vulnerability that the researcher claims to be able to exploit relates to the mbrace app which is unique to the U.S,"

 

"That said, according to our U.S. colleagues access to this app allows a user to operate certain convenience features, it does not allow operation of the vehicle itself.

 

"We know of no real-world instances where there was a breach and we are constantly monitoring and making improvements to our connected services to make them more customer friendly, feature rich, and secure."

 

BMW is yet to comment on the issue.

 
Next » « Prev
Latest News

Poll

Would you pay more for an ultra-efficient new eco-home?

Previous vote
Poll Details

© Supatel Limited 2024