I’ve written before on the issues surrounding the “Internet of things” and security. With more devices connected to the world, more potential attack vectors surface.
I read recently that connected vehicles now have a potential issue. The mobile app used to connect to a vehicle may not be secure. When one sells a car with a connected app, the information stored on that vehicle does not get removed automatically. In this story, an IBM researcher realized this, when he noticed that he still had access to a car he sold. The current owner would have no idea he still had this access. Also, there was no method for the current owner to remove the access without dealer intervention.
I also have a car with a connected app. My 2016 Malibu has the OnStar application loaded on my mobile device. I recently used it to help locate it in a city parking garage, when I wasn’t sure which entrance I’d used.
In this case, the app requires me to register my phone and log in. However, I’m not certain the app would stop working were I to sell the vehicle. The article and resulting information bring up a bigger issue: Now that our devices are becoming more connected, how vulnerable are we? My house has two wireless routers, an Internet connected DVR and television, a home security system, and a video surveillance system. All of these devices were exposed just this past October when several thousands (millions?) of these devices were hijacked and took town the servers running traffic on the Internet. While convenient, there needs to be some work done to ensure security is ensured.