{"id":78430,"date":"2015-10-27T18:08:38","date_gmt":"2015-10-27T22:08:38","guid":{"rendered":"http:\/\/rbach.net\/blog\/index.php\/"},"modified":"2021-08-01T12:06:23","modified_gmt":"2021-08-01T16:06:23","slug":"online-security-in-era-of-connected-cars","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/online-security-in-era-of-connected-cars\/","title":{"rendered":"Online Security in Era of Connected Cars"},"content":{"rendered":"

\"Online<\/a>Karl-Thomas Neumann<\/a>, CEO of General Motors<\/strong>‘<\/a> (GM<\/a>) European Opel brand<\/a> announced that GM would launch OnStar<\/strong><\/a> telematics<\/strong> service<\/a>\u00a0in vehicles sold in Europe in late 2015. The Opel CEO declared the new technology, \u201ctransforms the car into a true part of the Internet of things<\/a><\/strong>.\u201d The Detroit Bureau<\/em><\/a> says<\/a> it raises some of the same concerns consumers face on the Internet, including how to protect their privacy in highly connected cars.<\/p>\n

\"App<\/a>Even though a growing number of consumers have embraced the idea of having mobile access to smartphone apps, built-in Wi-Fi,<\/strong> and the safety and security promised by systems like OnStar issues loom that consumers, manufacturers, and regulators need to address. At the 2014 Consumer Electronics Show<\/a>, Jim Farley<\/a>,\u00a0 then the top marketing executive at Ford Motor Company<\/a> (F<\/a>),\u00a0 told an audience that the automaker \u201cknow(s) everyone who breaks the law, we know when you\u2019re doing it<\/strong>,\u201d thanks to the data collected by its OnBoard Sync technology system.<\/p>\n

Despite a quick backtrack<\/a> by Mr. Farley, the article says he was being truthful. The fact is, the onboard black boxes in most cars are now equipped with two-way capabilities<\/strong>. Privacy has become \u201ca big issue,\u201d according to Jon Allen<\/a>, a principal with consulting firm Booz Allen Hamilton<\/a> who focuses on security issues. Precisely what makes such technology so compelling is why it is also so worrisome. Mr. Allen told The Detroit Bureau<\/em>,<\/p>\n

Connected products provide customization and convenience because of the data they track. Part of the great opportunity to improve the customer experience is producing a vehicle that \u2018learns\u2019 your habits and preferences. But that information must be protected.<\/em><\/p>\n

\"Data<\/a>The EU<\/a> takes privacy seriously and these types of tracking technology have drawn the attention of regulators in Europe<\/strong> and to a lesser extent, in the U.S. The article describes a measure of just how strongly Europeans feel about the issue that came during Opel chief Neumann\u2019s news conference. Unlike the U.S.<\/strong> version of OnStar, the European system will include a \u201cPrivacy\u201d button to let a user \u201cchoose whether they want to provide location information or not.\u201d<\/p>\n

That choice would only be over-ridden after a crash severe enough to trigger OnStar\u2019s emergency call system, CEO Neumann explained. It\u2019s designed to call rescue crews in the event of an accident severe enough passengers might be disabled.<\/p>\n

\"Don't<\/a>There have been experiments with marketing that could target motorists much as Google today can toss ads at a web viewer based on information revealed by hidden \u201ccookies.\u201d Imagine, they suggest, being able to send a McDonald\u2019s ad and virtual coupon to a car driving near one of its restaurants around lunchtime.<\/p>\n

While some drivers might embrace that possibility, others are appalled. The Detroit Bureau<\/em> reports the potential to reveal more detailed personal information,<\/strong> as well as allowing a vehicle to be tracked, is raising flags on both sides of the Atlantic.<\/p>\n

\"Digtal<\/a>In the U.S., an auto industry alliance recently agreed on an approach called \u201cPrivacy Principles for Vehicle Technologies and Services<\/a>.\u201d (rb-<\/strong> Which I covered here<\/a><\/em>) Meanwhile, both the U.S. Federal Trade Commission<\/a> and the National Highway Traffic Safety Administration<\/a> are exploring the issues \u2013 though in some cases, they are actually encouraging greater access, noted analyst Allen.<\/p>\n

The issue is further complicated by the threat of cyber-criminals exploiting vulnerabilities<\/strong> in-vehicle communications systems.<\/p>\n

rb-<\/strong> <\/em><\/p>\n

I first covered this threat in 2011 here<\/a> and here<\/a><\/em>. And the theoretical became real in 2015 when researchers demonstrated<\/a> they could use online systems to take over a Jeep Grand Cherokee.<\/p>\n

The threat to personal freedom and privacy in your car has accelerated as Apple<\/a> (AAPL<\/a>) and Google<\/a> (GOOG<\/a>) join Microsoft<\/a> (MSFT<\/a>) in the battle to rule the car. Apple\u2019s automotive ambition does not stop at CarPlay<\/a>, they are also focused on developing an iCar<\/a>. Google’s Autonomous Cars<\/a> ambitions are well known, but their efforts to take over the car cockpit are also taking off with Android<\/span>\u00a0Auto<\/a>.<\/em><\/p>\n

The government is contributing to the connected car\u00a0conundrum. The Feds are\u00a0abetting the Autos by trying to prevent security researchers from doing testing and reverse engineering that could improve security and safety for all of us according to Naked Security<\/a>.<\/em><\/p>\n

 <\/p>\n

Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn<\/a>,\u00a0Facebook<\/a>,\u00a0and\u00a0Twitter<\/a>. Email the Bach Seat\u00a0here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Connected cars are security and privacy risks with more connections like Wi-Fi, 4G, 5G, Bluetooth Apple, Google, GM and Ford<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24],"tags":[3277,310,2571,420,202,101,1189,2546,1035,2021,2310,241,536,92,944,82,421,2570,2569,185],"class_list":["post-78430","post","type-post","status-publish","format-standard","hentry","category-cars","tag-3277","tag-4g","tag-5g","tag-aapl","tag-android","tag-apple","tag-bluetooth","tag-dmca","tag-f","tag-ford","tag-ftc","tag-gm","tag-goog","tag-google","tag-iot","tag-microsoft","tag-msft","tag-ntsc","tag-opel","tag-privacy"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/78430","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=78430"}],"version-history":[{"count":9,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/78430\/revisions"}],"predecessor-version":[{"id":130018,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/78430\/revisions\/130018"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=78430"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=78430"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=78430"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}