Skip to main content
  1. Home
  2. Cars
  3. News

OnStar hacking issue resolved, General Motors says

By

onstar hacking issue resolved general motors says remotelink03 medium
Image used with permission by copyright holder
About two weeks ago, a hacker exposed a vulnerability in General Motors’ OnStar telematics system that could allow ne’er-do-wells to remotely seize control of vehicles. GM has been implementing a fix to the problem, is now certain it is under control.

“We’re confident the issue is closed,” Terry Inch, GM’s OnStar chief, said in an interview with WardsAuto at a recent OnStar press event. GM began deploying its software fix almost immediately after the issue became public, and now believes the vulnerability has been completely eradicated.

Recommended Videos

Uncovered by researcher Sammy Kamkar, the vulnerability allowed hackers to break into a car’s onboard systems using the OnStar RemoteLink smartphone app. Chamber used a device positioned on the victim car to harvest credentials, and then use those credentials to mimic the app.

Related

Since the app allows drivers to do things like remotely lock and unlock doors, or start the engine, those powers would be conferred to the hacker. GM has since added a patch that allows the OnStar system to check for fake access certificates, something it wasn’t programmed to do before.

“We feel the vulnerability is taken care of by downloading the new RemoteLink app,” GM’s Inch said. However, he cautioned that future hacking episodes are still possible, saying that “we can’t say something like this will never happen again.”

Inch said GM is always looking into ways to improve the system, including working with universities and government agencies to identify additional possible weak points, and to pre-empt any future hacker attacks.

The OnStar hack came hot on the heels of a vulnerability in Chrysler’s Connect infotainment system that allowed researchers Charlie Miller and Chris Valasek to remotely take control of a Jeep Cherokee. Fiat Chrysler Automobiles is recalling 1.4 million vehicles to implement a software fix.

Perhaps the most tech-heavy car on the market, the Tesla Model S, also became a victim recently. At the recent DefCon convention in Las Vegas, hackers Kevin Mahaffey and Marc Rogers claimed they were able to break into a Model S and control certain functions, including remotely shutting the car down.

As cars become increasingly connected and computerized, it seems the same vulnerabilities that plague smaller-scale electronic devices are creeping into dashboards. Consumers may soon have to decide if connectivity is worth the price of safety.

Editors' Recommendations

Topics
Stephen Edelstein
Stephen Edelstein
Contributing Editor
Stephen is a freelance automotive journalist covering all things cars. He likes anything with four wheels, from classic cars…
General Motors and Volkswagen are ignoring hybrids to go full electric
A 2019 Chevrolet Volt on the road.

It's always important to know when to pick your battles. Automakers are working to lower emissions in order to meet stricter regulations, but they're not all following the same strategy. While many automakers plan to use a mix of hybrids and all-electric cars, General Motors and Volkswagen will skip hybrids in order to focus on going fully electric, according to The Wall Street Journal.

That's largely due to the massive amounts of money GM and VW plan on investing in all-electric cars. GM has said it will launch 20 all-electric models by 2023, including U.S.-market models for Chevrolet and Cadillac. VW has planned a family of electric cars based on its new MEB platform, including a reincarnated Microbus that's due in 2022. The German automaker is also launching numerous electric cars under its other brands, including Audi and Porsche.

Read more
Tuners may have a big problem with Chevy’s mid-engine Corvette, report says
2020 mid-engined Chevrolet Corvette

The upcoming mid-engine 2020 Chevrolet Corvette C8 promises a new level of performance, but the aftermarket might hate it.

The next-generation Corvette will be the first to place its engine behind the driver, and that engine will be controlled by a "unique encrypted ECU system," according to Muscle Cars & Trucks (via Motor Authority). The encryption will prevent changes to the ECU software in pursuit of more horsepower, according to the report.

Read more
Rivian R2 vs R1S: How will Rivian’s cheaper SUV compare?
The front three-quarter view of a 2022 Rivian against a rocky backdrop.

Rivian has finally unveiled the R2, its long-awaited attempt at a more affordable electric SUV. The new vehicle may not be available just yet, but fans of Rivian's design aesthetics and feature set are already looking forward to being able to order the new car. The R2 is targeted at being a more affordable take on the electric SUV and will sit alongside the flagship-tier R1S.

Let's get this out of the way right now: The R1S is most likely going to be a better vehicle than the R2. Rivian isn't replacing the R1S with the R2 — it's releasing the R2 as a more affordable alternative, and there will be some compromises when buying the R2 over the R1S.

Read more