OnStar Hack Remotely Starts GM Cars

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Not wanting to be upstaged by Chrysler, GM has announced that its cars are hackable too. Wow, the competition in the auto industry really is fierce. :D

Simply place the box somewhere in an OnStar-connected car and wait for the driver to start up the RemoteLink app within range of the vehicle. The driver's smartphone should automatically connect to OwnStar's network and, voila, the hacker now has all of the car owner's information (email, home address, final four digits on a credit card plus expiration date), and control of the car.
 
This is like having a picnic on the beach and complaining when the seagulls show up.
 
First thing I did when I bought my Silverado was to rip out the stock stereo with OnStar.
 
I am so glad the automakers have finally gotten around to adding lots of electronic junk to cars. I mean, who wants to pay hundreds or thousands less for a car that is simpler and not exploitable?
 
Budzman said:
First thing I did when I bought my Silverado was to rip out the stock stereo with OnStar.
Click to expand...

OnStar isnt only in the radio. OnStar is part of the CANBus system on newer vehicles, 2006 and up and removal of the modual will prevent the vehicle from operating.

Removing the radio does nothing but remove the ability to actually use it.. It is still functional.
 
So lately about all the news of security hacks and weaknesses in technologically-infused cars and everything in computer systems in the real world (Anthem, US government, etc) ... basically ... we as a humanity are perpetually doomed unless inhuman terminator machines take over and send humanity to extinction, rite?
 
First they couldn't keep them from shutting off while driving, now they can't keep them from turning on while parked. :D
 
I thought Chrysler was part of GM? If so wouldn't they all probably use similar systems?
 
Simply place the box somewhere in an OnStar-connected car and wait for the driver to start up the RemoteLink app within range of the vehicle. The driver's smartphone should automatically connect to OwnStar's network and, voila, the hacker now has all of the car owner's information (email, home address, final four digits on a credit card plus expiration date), and control of the car.
Click to expand...

So you have to use onstars remote link app to be vulnerable? Man in the middle.
 
auntjemima said:
I was sure I edited a post yesterday on my phone. Now on my desktop I didnt see the option. Maybe I am missing something. Oh well.
Click to expand...

Can't in front page news. You can everywhere else.

kreno said:
I thought Chrysler was part of GM? If so wouldn't they all probably use similar systems?
Click to expand...

Ha, no, Chrysler and GM have been competitors for about the last 90 years.
 
/goes out and hugs 20-year-old car

Makes me want to buy a motorcycle. Unless those are vulnerable too...?
 
why don't they just make a switch that is read only or write mode and if any thing needs updating the shop can pop the hood and slide the switch and do there thing and put it back to read only mode.
 
So while placing this "Box inside the car" while not simply steal the radar detector, high end sun glasses, laptop in back seat and other valuables in said car.

In other news, houses with glass windows can easily be broken into.....
 
Just wait till our microwaves and refrigerators require a firewall and anti-virus software.
 
kreno said:
I thought Chrysler was part of GM? If so wouldn't they all probably use similar systems?
Click to expand...

No, separate companies.
But I understand the confusion, as both companies have hackable systems, poor reliability and bad overall designs :)
 
Ehren8879 said:
Lol, internet of things here we come
Click to expand...

I'm waiting for the story when someone's internet connected thermostat gets hacked and they come home and the house is either 55 or 120 degrees inside :)

Or the Fridge is hacked and all the food goes bad, or the internet connect garage door is hacked so someone can get into the house and rob it, etc.
 
rudedog said:
So while placing this "Box inside the car" while not simply steal the radar detector, high end sun glasses, laptop in back seat and other valuables in said car.
Click to expand...

Doesn't have to actually be IN the car. It can be duct taped under the car, or behind the bumper for example.
 
The general consensus in the community is that if you don't want OnStar interfering with your car the best policy is to disconnect the antenna. It works great and doesn't cause any problems with the car's electronics.
 
nutzo said:
Doesn't have to actually be IN the car. It can be duct taped under the car, or behind the bumper for example.
Click to expand...

And fortunately, it's only an issue with the mobile app and not OnStar itself. Don't use the mobile app and there's no issue.
 
Parja said:
And fortunately, it's only an issue with the mobile app and not OnStar itself. Don't use the mobile app and there's no issue.
Click to expand...

For now, until someone finds some other way to exploit whatever OnStar is to do dumb stuff to your car. It's only a matter of time before that happens so this being just a mobile app issue kinda ignores the inevitable future.
 
The app has already been patched just updated and received a email from onstar stating the fix.
 
Quix said:
The general consensus in the community is that if you don't want OnStar interfering with your car the best policy is to disconnect the antenna. It works great and doesn't cause any problems with the car's electronics.
Click to expand...

will you SHUT UP!

this is my bread and butter
 
You must log in or register to reply here.
Back
Top