Yeah… fuck this shit. This is part of the reason I still drive a nearly 20 year old vehicle. It has features I want, and can’t be stolen via fucking API calls. Absolute insanity.
I think Hyundai/Kia group has done unfathomable damage to their brands. Kia, despite being a budget brand, wants to be seen as a legit competitor to Toyota or at least Nissan. Their corner cutting with the immobilizers and the resulting “USB” theft shit was bad enough. Now this exploit.
They’re just terrible cars. I’ve had two…they were great until they weren’t. I literally had a screw fall out of the headliner the other day bringing it home from a nearly 1000$ exhaust patch/repair. It’s not 10 years old yet and only has 60k miles.
The other one has had the engine replaced already (under warranty thank god).
We are likely replacing both of them next year. I’m never buying a Kia again.
dumb cars will be worth their weight in gold soon
My car got dumbed for me because they killed the 3g network it was running on
Just because you can’t use it doesn’t mean a hacker can’t. If someone discovered a vulnerability in the 3g handshake or encryption protocol, it could be an avenue for an RCE.
Especially when there are no security updates anymore. They should just rip out any possible receiver there is for mobile communication
Just like how manual cars became anti theft.
That’s if you can find one for an affordable price.
You could just find and disable the wireless modems.
Cool just like trying to replace a blower motor in a modern car feel free to rip the entire dash out only to find out it has a second antenna all the way in the back underneath the spare tire also behind a tail light which somehow requires you to remove the muffler to get to…
You’d probably have more luck installing a signal jammer in your car.
The best you can hope for is a rootkit and some Linux-based OS for cars to be developed so you can take full control.
Also, jammers are illegal pretty much everywhere.
FWIW there is a cottage industry for OnStar disable/delete mods for GM vehicles. It can be done, usually without breaking too much else of the car’s electronic functionality.
I’d rather poke the GSM modem with a screwdriver.
if you can find it, and all it’s backups…
Not only what that other person said but it would probably void the warranty too.
Happy to have my 2012 civic. One of the last gens without a telemetry unit I think.
I’ve noticed a lot of issues showing up for the Kia and Hyundai cars security wise. I wonder if they’re having issues because there’s more focus on those cars or if their security is really that bad.
The Kia/Hyundai “challenge” where people were stealing their cars with a USB cord is because they opted not to include an immobilizer in US models for a decade. Every other car brand had them as standard. Kia even had them as standard in non US cars, but because the USA stupidly does not have a law about it, they opted to drastically reduce car security to save a few dollars per car.
This has made them prime targets, as people know they make bad security choices whenever they can save a buck.
So a bit of both, I expect.
Both probably. I’m sure a lot of cars have problems like this, but they just haven’t been found and there are already known vulnerabilities to focus on.
Let the fucking hacking begin. Fuck these assholes. They are milking people out of their last penny, and on top of that they’re selling people’s driving data to data brokers who sell it to insurance companies that jack up prices.
There’s just no good reason to have anything beyond the radio/nav etc in a car connected to the Internet. Remote start can be done with just the key.
You know what fuck builtin nav. Connect it to my phone and let that be it for navigation.
And same for music. What year is this 2010?
That’s a very subjective take. My friends and family that live in hot climates love the ability to remotely turn on and pre-cool their vehicles. I appreciate being able to check if I remembered to lock the doors.
Both of those functions have been available via key fob for at least a decade, no internet required. Though yes the range on that can be limited.
Some of us still remember Wise Guys and want that range! ;-)
Thats precisely what I’m referring to- these things being possible when you’re inside of a store, restaurant, or an extreme case like you parked at the airport for a trip.
And by using that internet connected feature you’re 100% handing out your driving info to your car manufacturer, who in turn will sell it to LexisNexis, who in turn will sell it to insurance companies, who in turn will jack up your insurance prices.
Sure, that sucks. But I’m not saying there are zero downsides, I’m specifically countering the argument that there are “no good reasons” with my personal good reasons.
it really depends whether that counts as a good reason. for us the downsides highly outweigh the upsides.
and yes, I know what it’s like to sit in a hot car when I just got back to it on the hot summer day. but I can really wait 2 minutes outside the car when it’s that badMan, I’ll never understand this “car is too hot for me to sit in” to be honest. Lmao. Sounds to me like people are too spoiled and this is something kids say. Come one, you really think of this is as an issue? I don’t even have an ac in my car. It broke over 4 years ago and I never fixed it. But for each their own I guess.
As I said in my comment, that can be done with the key, no Internet connection needed.
As for the lock thing, I just need to look if my mirrors are folded in or not.
The fob won’t work if you’re deep inside a store, will it? Same for checking the mirrors.
A) you can survive without precooling or set it to start before getting deep into the store.
B)if you want that feature fine, but leave it off everyone else’s car! No cell connections should be installed by default like this. It’s a walking cve list waiting to happen.
😭
I mean, there are plenty of very good reasons.
My car reminds me if the doors are unlocked or left open. I can adjust the charging speed at any time. I can turn on the HVAC and seat heaters before I leave. I can see my current state of charge. I can see exactly what is happening when my alarm goes off. I can see exactly where it is if it’s stolen. Etc.
You can argue that those are not important to you, personally but I don’t think you can argue that they aren’t good reasons.
I think there are certainly other wireless technologies that are superior in many ways and can supplement or replace the need for internet access in your immediate area.
frankly they aren’t good reasons.
the first bunch provides info and abilities that are only relevant when you are in the car. this is like wanting to know your house’s temperature when you are in the store, or on vacation. what the fuck you do with that information?
the remaining about the alarm and it being stolen, what are you going to do with this? go after them with your 4th car and a shotgun? let’s hope they did not disconnect the batteries…
if you absolutely cannot live without these, you should by an extension that does this, instead of forcing this shit on everyone
I think the point is that there isn’t a good enough reason to put internet in a car that negates the risk of it.
It is like adding lead to food. It’s a cheap sweetener with no calories. You can argue that cheap sweeteners aren’t important to you, but I don’t think you can argue that it isn’t a good reason. It just isn’t a good enough reason to negate the risk.
I think the point is that there isn’t a good enough reason
OK but that’s not what they said.
if its not a good enough reason, that’s literally not a good reason
None of those features require the Internet to work properly. Manufacturers can implement them (and have in the past) without it.
None of those features require the Internet to work
Yes? They do?
Lol, okay. Which one? Remember that car manufacturers have the ability to put a SIM card in cars.
once again, no, they don’t
Nice writeup
