There’s a trend that has taken shape through the 2010s. Everything is now connected. Your washing machine? It has an app! Your doorbell? There are several options available that let you see who’s in front of your door from your smartphone. This app frenzy gives us the possibility of making our lives immeasurably more convenient, but what role does security play in all of this?
And when we’re talking about something as valuable and crucial as a vehicle, the question is no longer casual. You can start, locate, and even summon your car using your phone, which raises a question very few people ask when blinded by the glare of instant satisfaction and convenience: just how safe is this?!
A Little Background
Back in 2013 we discussed built-in mobile software installed in vehicles. At that point we could only conceive of dangers to the driver while texting and driving and how this evolution would affect the trend. Since then the possibilities have expanded, raising many more concerns.
We live in a world that allows someone the ability to perform many functions otherwise done with a physical key using a phone. The shift from ignition key to mobile device puts even more of a burden on our phones, making them responsible for yet another crucial function of our daily lives. We must begin to ask ourselves whether this reliance is healthy and whether it is safer than the previous way of doing things.
The reality is that hackers can and do present challenges to the implementation of remote vehicle access technology.
How Hackers Ruin the Party
A recent piece published on Wired shows us that researchers at Kaspersky have discovered some ways that hackers can definitely compromise remote ignition applications installed on smartphones. They’ve concluded that this can be done in one of three ways:
- A hacker can simply grab the authentication data from the phone. In most cases the app doesn’t even bother to encrypt it.
- A hacker could install a fake version of the app that would grab the user’s login credentials when they try entering.
- A hacker could infect the phone with malware that hooks onto the real app and stores whatever input the user types in.
The first method is the easiest (and the one I am most concerned about) since it doesn’t require a hacker to manipulate his victim into downloading anything. Installing malware on a phone with its default settings is much more cumbersome. One of the first rules of hacking is to find the path of least resistance!
Prevention
I’m going to go out on a limb here and say that using a key in your car isn’t the most inconvenient thing in the world. Your best method of prevention is just to use your car the same way people have been using theirs since before we ever had computers in our homes. Other than that, your best bet is to exercise as much prudence as possible with what you download and ensure that your phone’s screen cannot be unlocked with a simple slide of the finger.
Nothing will keep you one-hundred percent safe from a hacker siphoning your data. For example, aside from the three methods stated above, a hacker can also compromise your data by sniffing your WiFi traffic. Unlocking your car through your phone might just prove more of a hurdle than it’s worth.
It’s time to tell us what you think. Are we going too far by connecting literally everything we own to our smartphones? Let us know your opinion in a comment!
