General Motors OnStar Adds Remote Kill Switch


Still_Small_Voice
 Share

Recommended Posts

This is older news but I just heard about it recently. This makes me like OnStar even less.

Some will take comfort in knowing that GM’s OnStar system can slow a vehicle's speed in the event of a chase, but others, like me take fear in knowing that Big Brother or perhaps even a 2k bug could render my vehicle powerless (that is if I owned a GM) . Adding to their Stolen Vehicle Assistance services, OnStar launched Ignition block, a remote kill switch that can disable the vehicle’s ignition by working in concert with the system’s built-in GPS. The service is available on select 2009 and 2010 GM vehicles.

Full release after the ‘leap’

*edited due to copyright:

l content © 2005 - 2010, Gadgetreview, All Rights Reserved

Read more: GM Adds Remote Kill Switch To OnStar Vehicles | GadgetReview

Edited by pam
Link to comment
Share on other sites

This is older news but I just heard about it recently. This makes me like OnStar even less.

Some will take comfort in knowing that GM’s OnStar system can slow a vehicle's speed in the event of a chase, but others, like me take fear in knowing that Big Brother or perhaps even a 2k bug could render my vehicle powerless (that is if I owned a GM) . Adding to their Stolen Vehicle Assistance services, OnStar launched Ignition block, a remote kill switch that can disable the vehicle’s ignition by working in concert with the system’s built-in GPS. The service is available on select 2009 and 2010 GM vehicles.

Full release after the ‘leap’

*edited due to copyright:

l content © 2005 - 2010, Gadgetreview, All Rights Reserved

Read more: GM Adds Remote Kill Switch To OnStar Vehicles | GadgetReview

Very sensible idea.... but now is not the time to implement it. Personally something like that should be from a professional third party, installed at the owners expense and will.

Link to comment
Share on other sites

Give me a break. This system can onyl be activated if the vehicle is reported stolen and if the police spot the vehicle. Then there are a series of test to make sure that it is the correct vehicle, then the shut down code is sent. They do not constantly monitor what you are doing. The Onstar system is only activated when you push that little blue button.

BTW - They are coming out with a new system that you can purchase at Best Buy and have it installed on any vehicle.

Link to comment
Share on other sites

Give me a break. This system can onyl be activated if the vehicle is reported stolen and if the police spot the vehicle. Then there are a series of test to make sure that it is the correct vehicle, then the shut down code is sent. They do not constantly monitor what you are doing. The Onstar system is only activated when you push that little blue button.

BTW - They are coming out with a new system that you can purchase at Best Buy and have it installed on any vehicle.

I'm not particularly worried that authorities will abuse those features, I'm more worried that those features aren't adequately secured and tech savvy trouble makers will take advantage of those features and publish exploits so that any script kiddie with google and access to a radio shack can take control of your vehicle.

In my professional experience, companies who don't have to fend off already established lines of attack put very little time and engineering into security to the point where it's almost trivial for someone with experience in the field to bypass them.

Link to comment
Share on other sites

I guess I'm not as concerned as I should be. When I look at the overall picture, I think to myself, who's going to want to override my vehicle? Maybe if I were the President and someone was planning some sort of ambush? But otherwise I'm not paranoid or worried really.

Link to comment
Share on other sites

I'm not particularly worried that authorities will abuse those features, I'm more worried that those features aren't adequately secured and tech savvy trouble makers will take advantage of those features and publish exploits so that any script kiddie with google and access to a radio shack can take control of your vehicle.

In my professional experience, companies who don't have to fend off already established lines of attack put very little time and engineering into security to the point where it's almost trivial for someone with experience in the field to bypass them.

My line of thought exactly. Systems like this would be a major advantage to any cyber warfare.

A lot of people still think of cyber attacks as kids sitting in their garage and causing minor to intermediate disruption to networks which don't have much of an impact of the general population. However this last year a virus in the wild proved how much damage a virus can cause when the people who wrote it have a very specific target, specalist knowlege of the systems they are attacking, and the appropriate funding behind them. The suspected creator of the stuxnet virus is the government of Israel, and it was specifically designed to attack Irans nucear program (and succeeded). More info is here: Stuxnet - Wikipedia, the free encyclopedia

Stuxnet is a Windows-specific computer worm[Notes 1] first discovered in July 2010 by VirusBlokAda, a security firm based in Belarus. While it is not the first time that hackers have targeted industrial systems,[1] it is the first discovered worm that spies on and reprograms industrial systems,[2] and the first to include a programmable logic controller (PLC) rootkit.[3][4] It was specifically written to attack Supervisory Control And Data Acquisition (SCADA) systems used to control and monitor industrial processes.[5] Stuxnet includes the capability to reprogram the PLCs and hide its changes.[6]

The worm's probable target is said to have been high value infrastructures in Iran using Siemens control systems.[7][8] According to news reports the infestation by this worm might have damaged Iran's nuclear facilities in Natanz[9][10] and eventually delayed the start up of Iran's Bushehr Nuclear Power Plant.[11] Although Siemens has stated that the worm has not caused any damage,[12] on November 29, Iran confirmed that its nuclear program had indeed been damaged by Stuxnet.[13]

Russian digital security company Kaspersky Labs released a statement that described Stuxnet as "a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world." Kevin Hogan, Senior Director of Security Response at Symantec, noted that 60% of the infected computers worldwide were in Iran, suggesting its industrial plants were the target.[14] Kaspersky Labs concluded that the attacks could only have been conducted "with nation-state support", making Iran the first target of real cyberwarfare.[15][16][17]

No system is 100% secure - so lets put GM's onstar system in place of Irans high value infrastructures. Imagine a rootkit virus being planted onto the inbuilt computer systems on all GM onstar cars, as happened with stuxnet. No-one would know until the creator actually send out commands to them. There is no difference between stuxnet and that scenario. All it takes is a group who has a good enough reason to spend the time and money on doing so.

Edited by Mahone
Link to comment
Share on other sites

:tinfoil::tinfoil::tinfoil:

It's not a case of "is my government/next door neighbour spying on me", it's a case of increasing the ability for cyber warfare. I've given a proof of concept example - it's the first known case, but it sure as heck won't be the last. The more cars that have systems like this built in, the more attractive it will be to hackers.

Link to comment
Share on other sites

Give me a break. This system can onyl be activated if the vehicle is reported stolen and if the police spot the vehicle. Then there are a series of test to make sure that it is the correct vehicle, then the shut down code is sent. They do not constantly monitor what you are doing. The Onstar system is only activated when you push that little blue button.

BTW - They are coming out with a new system that you can purchase at Best Buy and have it installed on any vehicle.

I saw an article where a research team hacked a car, so they could hijack it remotely without the drivers input or notice... In this case they needed physical contact with car to "jailbreak" it, but the potential is out there.

And I seem to recall an incident with some car company where someone goofed up on some database but temporarily inconvenienced a bunch of cars because they were electronically linked to it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share