Previous Owners of Used "Smart" Cars can Still Control Them via the Cars' Apps

[Zarathustra[H]]

As we have covered countless times before, there are many security problems in the world of connected cars. Now there is a new one to worry about.

Apparently for fear of owners getting locked out of their cars by valet's or others accidentally resetting the cars connections, car makers have, by and large, omitted any user accessible option to reset connections to connected devices. While dealers usually have the ability to perform this reset, they do not appear to have this on their trade-in checklist as of yet, resulting in many cars being resold, and new owners unknowingly being spied on by previous owners. The researcher goes on to note, that this is not limited to cars, but is a common theme among IoT devices.

This will be a good thing to keep in mind, as I go shopping for a replacement car this summer.


Charles Henderson, the leader of IBM's X-Force Red security division presented on this risk at last week's RSA conference in San Francisco (you can read his essay on the subject here). His ultimate recommendation is this counsel of despair: unless you are very technologically savvy, you should only buy new cars, not used ones.

It's not just cars, either -- the problem extends to smart appliances, thermostats, and other devices. Renting a house, staying in a hotel room, or buying a house without replacing its appliances and HVAC systems also exposes you to risks from the previous users of the devices in it.

 

[86 5.0L]

I was wondering about this yesterday, I'm installing a smart hub and devices and wondered how the process would go if I sold the house, good to know about this, I'll sell to a hot lesbian couple

 

[Gweenz]

This would be hilarious if we weren't all going to be forced into it at one point.

 

[EODetroit]

I'm a massive IoT skeptic. I don't plug them into the internet, and if they can't be used like a regular device, if they won't work without the "cloud", then I return them or preferably don't get them in the first place.

Although, that said, I'm going to break my rule for the Tesla Model 3. But as I'll be the original owner of the vehicle, I'll be on the advantaged side. Plus I think Tesla is ahead of this issue instead of behind it like most other vehicle manufacturers.

 

[thesmokingman]

IoT FTW!!!?

 

[Dead Parrot]

I wonder how many used phones still have apps that point to the former phone owner's currently owned car? Or house? Thinking the whole Cox home security thing.

 

[Dekoth-E-]

Dear Stupid Consumer,

Not every damn device you own needs to be connected to the internet and your phone. If you actually believe any of that and especially your "smart phone" is secure on any level, I have some swamp land that is guaranteed to be the next Disney World to sell you.

Signed,

Someone who is not Stupid.

 

[Gweenz]

But as I'll be the original owner of the vehicle

Sorry hoss, but you won't "own" it, at least not in the traditional sense.

http://www.latimes.com/opinion/op-e...-tesla-software-ownership-20161104-story.html

 

[Zarathustra[H]]

But as I'll be the original owner of the vehicle, I'll be on the advantaged side.

When I bought my brand new 2011 Saab 9-5, it already had two phones paired to the entertainment system.

Never trust a dealer.

With Tesla this will be less likely, as you are getting it straight from the manufacturer.

 

[nutzo]

My AC system came with a smart thermostat, and I have my phone setup to it. I also have a couple Nest smoke alarms.

When I sell the house, I'll just setup an new, free email account and switch them all to the new email account. Then just provide the email and password to the new home owner.

Of course that assumes the Thermostat is still working, and the Nest smoke alarms haven't expired. Smoke alarms are only good for 10 years.
If it's after that, I'll just buy some cheap ones from Costco or Amazon and install them, since you can't sell without meeting the current codes.

 

[collegeboy69us]

I was wondering about this yesterday, I'm installing a smart hub and devices and wondered how the process would go if I sold the house, good to know about this, I'll sell to a hot lesbian couple

I installed a Samsung Full 1080p surveillance system in my house (for when I was traveling a lot for work) and even though it was pretty pricey (amazing quality) it's one of those things that will kind of stay with the house if I ever sell it. Of course I'd give the new owners all the info about the system and logins/setup stuff, but I know for probably a good long while I'd be able to log in via my phone app and check out whats happening live in and out of the house.

 

[Krazy925]

Someone call my boss who wants wifi sterilization.

 

[Deathroned]

IoT FTW!!!?

IOT= Internet Of Things.
It is the internetworking of physical devices, vehicles (also referred to as "connected devices" and "smart devices "), buildings, and other items—embedded with
electronics , software , sensors, actuators, and
network connectivity that enable these objects to collect and exchange data

 

[auntjemima]

IOT= Internet Of Things.
It is the internetworking of physical devices, vehicles (also referred to as "connected devices" and "smart devices "), buildings, and other items—embedded with
electronics , software , sensors, actuators, and
network connectivity that enable these objects to collect and exchange data

FTW = For The Win.

No explanation necessary.