Your Car Can Be Hacked via SMS

Scary fact of the day: Your car can get hacked. Not with an axe or something, but via SMS. Security researchers Don Bailey and Mathew Solnik at iSec Partners(lucky for all of us that this isn’t a different [x]Sec) have figured out a way to hack cars with SMS by essentially sneaking into the series of communications that allow smartphone apps to unlock car doors or even start the engines. Apparently, it isn’t even that hard.

The pair have reported that they were able to figure out how to intercept the messages that come from a car-starter mobile app and then spoof them with a laptop in about 2 hours time. Bailey is scheduled to talk about his findings at the Black Hat conference in Las Vegas, and luckily for car owners and car companies, he’s a nice enough guy not to mention the pair of products they hacked or any technical details about the process until the software makers can patch up these insecurities.

With these vulnerabilities now laid bare, it’s amazing to think that we didn’t realize this extremely dangerous possibility as soon as these kind of apps came out. Or maybe you did, but I certainly didn’t. The potential applications of war-texting, as it has been dubbed, are far reaching and mark one of the first times that hacking is not just something one does to steal data, but also something someone can use to steal pieces of personal property that are designed to go placesand cost on the order of tens, sometimes hundreds of thousands of dollars.

Fortunately, you aren’t at risk if your car was born before the Internet sunk its teeth into everything. No one is going to hack open the doors of your ’98 Toyota Camry with anything short of a crowbar. The targets here would mainly be higher-end Mercedes and BMWs that are starting to feature this kind of mobile technology as a relatively standard feature. Of course, as this kind of hacking becomes more widely-known, security to combat it will become more ubiquitous, but as we’ve seen with conventional computer security, that doesn’tnecessarily mean you will be safe.

And that is why I will continue to use public transit. That’s definitely the only reason. Yup.

(via ComputerWorldUK)