I hesitate to even bring this up after recent history in this forum. But if you use the OnStar app on your phone, look for an update soon to fix a security vulnerability. Not a huge risk at this stage, just something to be fixed.I'll just leave it at that. No offense taken if mods would prefer to delete this.Researcher says can hack GM's OnStar app, open vehicle, start engineA researcher is advising drivers not to use a mobile app for General Motors Co's (GM.N) OnStar vehicle communications system, saying hackers can exploit a security flaw in the product to unlock cars and start engines remotely."White-hat" hacker Samy Kamkar posted a video on Thursday saying he had figured out a way to "locate, unlock and remote-start" vehicles by intercepting communications between the OnStar RemoteLink mobile app and the OnStar service.Kamkar said he plans to provide technical details on the hack next week in Las Vegas at the Def Con conference, where tens of thousands of hacking aficionados will gather to learn about new cybersecurity vulnerabilities.

Hackers may be able to remotely start the vehicle. They may also be able to unlock the door. If they unlock the door they may take something from inside that I have left laying there. But they are welcome to collect the cookie and cracker crumbs from my 2 and 1/2 year old grandson any time! (we keep nothing inside the car or truck.... ever).So they can start the engine! No problem there. It will run for 10 minutes and shut itself off. So they start the engine a second time? It will run the engine another 10 minutes. No biggie there.... they won't be able to drive it anyway. Without the key ... the stearing is locked, the gear shifter is locked, the heat-air conditioning is locked to a pre-set setting (depending upon what the last setting was when the key was in). The electric windows don't work, the radio does not work, and that vehicle is not moving unless it's picked up and put on tow wheels.... in which case, why bother hacking the remote start to begin with if it's not driveable anyway. I'd rather have the doors opened remotely, than a window smashed any day!The app only does 4 things. Turn the engine on and off. Blow the horn, and unlock the doors. Not very threatening in my opinion!Oh... and yes ... on-star will give a read out of your mileage and oil life left percentage ... duh! Does a hacker really care how much oil life you have left? Maybe they are looking to steel the engine oil! No ... I'm not concerned.

I go on the premise, that if it's computerized and connected in any way to a remote system via hardwire, Wi-Fi, satellite, etc., it can be hacked. ANYTHING! Do I think about it? Sometimes. Do I worry about it? No. We cannot avoid the modern world of technology and the hazards that go with it. About all we can do is take precautions.

3oaks wrote:I go on the premise, that if it's computerized and connected in any way to a remote system via hardwire, Wi-Fi, satellite, etc., it can be hacked. ANYTHING! Do I think about it? Sometimes. Do I worry about it? No. We cannot avoid the modern world of technology and the hazards that go with it. About all we can do is take precautions.^This..

I predict a burgeoning future market in vehicle protection. Firewalls, malware protection, intrusion protection.Sound familiar?

This is not the same hack that the FCA 8.4 Uconnect suffered. The hack is through the users app on the cell phone. The hack on the Uconnect was though the radio itself via the internet. That has been addressed and the backdoor they used closed. The real question is, is GM's 4G internet radios protected? That is how a hacker can take control over your vehicle not an app!Don

Researcher says can hack GM's OnStar app | Good Sam Community

DutchmenSport
Explorer
Jul 31, 2015
Hackers may be able to remotely start the vehicle. They may also be able to unlock the door. If they unlock the door they may take something from inside that I have left laying there. But they are welcome to collect the cookie and cracker crumbs from my 2 and 1/2 year old grandson any time! (we keep nothing inside the car or truck.... ever).

So they can start the engine! No problem there. It will run for 10 minutes and shut itself off. So they start the engine a second time? It will run the engine another 10 minutes. No biggie there.... they won't be able to drive it anyway. Without the key ... the stearing is locked, the gear shifter is locked, the heat-air conditioning is locked to a pre-set setting (depending upon what the last setting was when the key was in). The electric windows don't work, the radio does not work, and that vehicle is not moving unless it's picked up and put on tow wheels.... in which case, why bother hacking the remote start to begin with if it's not driveable anyway. I'd rather have the doors opened remotely, than a window smashed any day!

The app only does 4 things. Turn the engine on and off. Blow the horn, and unlock the doors. Not very threatening in my opinion!

Oh... and yes ... on-star will give a read out of your mileage and oil life left percentage ... duh! Does a hacker really care how much oil life you have left? Maybe they are looking to steel the engine oil! No ... I'm not concerned.

Forum Discussion

Researcher says can hack GM's OnStar app

About Travel Trailer Group

Related Content

OnStar Question

researchitis

Rear racks Research

Would you say anything?

Researching Class C Motorhomes