Nissan owners who want to remotely connect to their electric vehicles’ climate control systems are out of juice for the time being. Nissan has announced it has taken the NissanConnect EV app offline after a team of security researchers discovered a potentially serious flaw in the software’s security.
NissanConnect EV is an app that enables owners of the company’s Leaf and e-NV200 van models to gain remote access to climate control systems, such as the air-conditioning and heated seating. The app also allows users to access such functions as battery charging. It does not provide access to driving elements, but the potential for identity theft and performance tampering attached to the hack was enough to prompt Nissan to pull the app until its security measures could be improved.
Security researchers Troy Hunt and Scott Helme discovered the flaw during a recent software workshop in Oslo. A workshop attendee took Hunt’s advice to “hack himself first” and found he was able to connect to his own Leaf over the Internet and control its features independently of what Nissan had intended, Hunt wrote on his blog. Most alarming, he discovered he could “control other people’s Leafs,” Hunt wrote, because access only required a Vehicle Identification Number (VIN). For the full article click here
from hacker samurai http://ift.tt/1nIVnKo
via IFTTT
No comments:
Post a Comment