Weekly Brief: UBI devices next target for cyber hackers

In this week’s Brief: University of California at San Diego, Corvette, Metromile, Uber, Progressive Snapshot, Zubie, Mojio, Def Con Hackers Conference, GM OnStar, Sammy Kamkar, RollJam, OwnStar, BMW Remote, Chrysler Uconnect, Mercedes-Benz mbrace, Tesla, Honda, Apple CarPlay, Android Auto, Spotify, Tunedeck and MAN Truck & Bus.

Add insurance telematics devices to the list.

A spate of embarrassing episodes in recent months has revealed that the drive toward connectivity has left cars broadly susceptible to cyber hacking. Infotainment units, smartphones connected to infotainment units, auto lock/unlock apps — wherever the mobile revolution overlaps with cars is a potential point of entry for hackers.

Turns out that on-board diagnostic devices, the kind often used in usage-based-insurance plans, are just one more example. Researchers from the University of California at San Diego demonstrated wirelessly hacking into a Corvette via a dongle from insurance firm Metromile and taking control of its windshield wipers and its brakes. Among the companies that use Metromile: Uber.

Metromile says that it’s already sent out a security patch, and Uber says that it has put the update into place, but yet again we question why the industry is continuously responding after the fact, rather than coming up with devices that are impervious to cyber hackers in the first place. Progressive’s Snapshot, Zubie and Mojio are three more of the many examples of OBDII devices on the market.

The UBI-device hack was just the start of things last week, as hackers were in full reveal mode around the Def Con Hackers Conference in Las Vegas. Sammy Kamkar, the Lebron James of the cyber hacking world, revealed a device called RollJam that hacks into keyless entry systems. The device blocks the systems from working when drivers use them, then saves the codes for later use once the driver is gone.

Kamkar also used the same OwnStar device that he used to hack into GM OnStar to take shots at smartphones running apps connected to BMW Remote, Chrysler Uconnect and mbrace from Mercedes-Benz. Kamkar says that a simple security patch will fix the software flaws.

Tesla fixed software vulnerabilities in the Model S with an over-the-air update. The vulnerability allowed hackers to open doors, display faulty information on the dashboard, and turn the engine off.

In other news, Mojio launched Mojio Drive, a marketplace of more than 20 connected car apps and services that aim to bring connectivity to almost any car on the road. Apps range from Gauge for vehicle diagnostics to UBI offering Onsurance to RepairLync, a digital interface between drivers and repair shops. The device retails for $149 and works with any car manufactured after 1996.

On the infotainment front, Mercedes-Benz USA unveiled the new mbrace Connect for its 2016 line of vehicles. The suite includes remote start, remote diagnostics and roadside assistance services, plus three optional packages: mbrace Secure (emergency crash notification, stolen vehicle location), mbrace Concierge (24/7 personal assistant) and mbrace Entertain (streaming apps like iHeartRadio). Free three- or six-month pilots are available with new purchases.

Honda launched the 2016 Accord with an infotainment platform that includes Apple CarPlay and Android Auto, a first for Honda. Features range from navigation via Apple Maps or Google Maps, audio streaming, voice-controlled SMS text messaging and bluetooth for calling.

Popular music streaming service Spotify launched a new interface designed specifically for drivers. Tunedeck allows for easy search based on the first three letters of any genre or song title. Results are displayed in large, swipable cards that minimize distraction and improve speed. Another cool feature: eyes-free tap gestures for volume. Check the video here.

Finally in fleet news, MAN Truck & Bus introduced an automatic emergency braking system that uses both a front-end radar sensor and a windscreen-mounted camera. The twin sensors allow the advanced driver assistance system (ADAS) to discern moving vehicles and stationary obstructions more accurately and faster. The emergency braking system and a new lane guard system will be integrated into the vast majority of MAN trucks come November 2015.

The Weekly Brief is a round-up of the week’s top telematics news, combining TU analysis with information from industry press releases.

Andrew Tolve is a regular TU contributor.

Leave a comment

Your email address will not be published. Required fields are marked *