Gadgets for your car
More and more devices, from smart dash cams to head-up displays to Bluetooth-enabled diagnostics dongles, are looking to tap your car’s built-in diagnostic (or OBD-II) port for power and data.
The problem: this port… really wasn’t built to be used like that. Primarily designed to be tapped occasionally to better explain that oh-so-vague “Check Engine” light, it certainly wasn’t built to be connected to an always-attached device blasting out all sorts of different wireless protocols whenever the vehicle is on.
Example A: Researchers at Argus Security have found a flaw in a commercially available Bluetooth-enabled diagnostics dongle that let them turn off the vehicle’s engine while the car was moving, as long as they were within Bluetooth range.
The dongle in question is the Bosch Drivelog Connect, a device meant to shed insight on your driving behaviors and send diagnostic information to a companion smartphone app via Bluetooth. To Bosch’s credit, the company began addressing the issue within a day of being alerted, and publicly acknowledged and outlined their fix for the issue here.
“Who cares? I’ve never even heard of that device, ” you might say.
It’s a fair stance, but one that assumes that this is the only device that has this sort of flaw. Similar flaws have been found in other devices. Meanwhile, more gadgets are tapping the OBD-II port than ever — I see a new one hit my inbox every few weeks. Many of the ones I check out have obvious user-facing bugs… so it’s probably safe to assume that all the workings behind the scenes aren’t exactly flawless.
So do you need to go rip that shiny new dash cam or smart display out of your car? Probably not — but be mindful of the attack vector you’re introducing to the 4, 000-pound metal box you’re cruising around in. It’s the owner’s responsibility to stay up to date on reports regarding the device’s security, and to keep the device itself up to date (a lot of these things are easy to set up and then completely forget).
More crucially, it’s up to the device makers to test the hell out of their devices, hire external firms to try to crack them and patch bugs as quickly as they responsibly can. Consider building a “red alert” notice/mandatory update into apps for the worst stuff.
Car Charger: Lumsing 48W/9.6A 4-Port USB Car Charger for iPhone 7 /6s / 6 / 6 plus, iPad Air 2, Samsung Galaxy S7/ S6, Nexus, HTC, Motorola, Smartphones, Tablets and More (Black) Wireless (Lumsing)
|
Stander HandyBar - Automotive Standing Aid Car Assist Handle + Vehicle Emergency Escape Tools with Window Breaker and Seat Belt Cutter + Lifetime Guarantee Health and Beauty (Standers)
|
Air Vent Car Mount Cell Phone Holder, JEBSENS CA02 Magnetic Air Vent Car Mount, Portable Universal Car GPS Smartphone Holder Mount, Apple iPhone 6 / 6 PLUS (5.5"), 3 Metal Plates & Protection Film Wireless (JEBSENS)
|
|
![]() |
Mpow Bluetooth FM Transmitter, MP3 Player & Hands-free Calling & Radio Car Kit with TF Card Slot CE (Mpow)
|
Car Holder, Marchpower Cellphone Car Mount, Universal Air Vent Car Mount Holder Cradle for iPhone SE 7 7 Plus 6s 6 Plus 6 5s 5 4s 4 Samsung Galaxy S6 S5 S4 LG Nexus Sony Nokia and More (Black) GPS or Navigation System (Marchpower)
|
Related posts: