Are things moving a bit too fast with connected cars?
A recent CNBC report finds that hacking connected cars is child’s play. And it identifies two readily available hacking devices that it says sell for around $30. One of the devices amplifies the signal of a key-less remote to open a car’s doors or trunk and the other, RollJam, intercepts rolling codes, stores them, and then uses them later.
Forbes says that “[t]he RollJam takes advantage of a design flaw in the protocol that determines how keys communicate with cars. It intercepts ‘rolling codes’, the one-time authentication codes exchanged by car and key that change with each lock and unlock. Because there’s no timeout on the codes, RollJam can intercept them to ensure they never reach the car, and so can be used later on.” The devices may also be used to open garage doors, potentially allowing access to peoples’ homes.
Do the risks associated with key-less technologies outweigh the benefits? Is convenience compromising security? Is enough being done to identify and try and eliminate the risks new technology brings with it? Once design vulnerabilities are exposed, are product makers acting responsibly to correct them? Either way, do the design vulnerabilities expose manufacturers to liability risk?
These are all questions that product must grapple with and they move forward with introducing and expanding connected technology use. More on this topic shortly.