The New York Times references a new report by computer scientists from the University of California, San Diego and the University of Washington regarding the susceptibility of new internet-based car computer systems:
For example, services like General Motors’ OnStar system, Toyota’s Safety Connect, Lexus’s Enform, Ford’s Sync, BMW’s Assist and Mercedes Benz’s Mbrace all use a cellular connection embedded in the vehicle to provide a variety of automated and call center support services to a driver. These subscription services make it possible to track a car’s location, unlock doors remotely and control other functions.
In their remote experiment, the researchers were able to undermine the security protecting the cellular phone in the vehicle they bought and then insert malicious software. This allowed them to send commands to the car’s electronic control unit — the nerve center of a vehicle’s electronics system — which in turn made it possible to override various vehicle controls.
