October 09, 2007

Stalling Cars Via OnStar: A Hacker's Dream Come True?

Greetings. Ready to turn over the keys of your vehicle to the cops, or that clever hacker in the next lane? How about that creepy guy following you on a lonely country road?

GM apparently plans to perhaps make this all possible. It's been announced that they'll be equipping nearly two million of their 2009 model vehicles (that have OnStar installed), with the capability to be remotely shut down to idle via OnStar commands at the request of law enforcement.

The claim is that owners will have to give permission first for this capability to be enabled. Bull. I don't care what OnStar's privacy policy says, if the technical capability for this function is present, OnStar will have no practical choice but to comply when faced with a law enforcement demand or court order, whether or not owner "permission" was ever granted.

This new capability will also create an irresistible challenge to the hacker community -- and perhaps criminal organizations -- to try find ways into the OnStar system for triggering this fun -- one way or another. It's impossible to hack OnStar? Would you bet your life on that?

Unfortunately, this is yet another laudable idea that's being "driven" into the marketplace before all of the negative ramifications have been thought through or fully understood. And how long will it be before such systems are mandated, one might wonder?

OnStar has long been the subject of various privacy concerns. This new capability appears to be the most serious privacy-related issue for OnStar to date.

--Lauren--

Posted by Lauren at October 9, 2007 11:57 AM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein