четверг, 8 октября 2015 г.

uGM Wants Your Help To Figure Out How Hackers Could Take Over Its Carsr


4 4 4 9
  • (frankieleon)

    Following the very public hacking of Jeep that eventually led to the recall of more 1.4 million Fiat Chrysler vehicles, rival General Motors is trying to take a proactive stance to potential hack attacks, asking vehicle owners and hackers to give them a heads-up if they discover a vulnerability in the company’s cars. 

    In its request, GM asked consumers to provide any and all information about possible software issues that could allow a ne’er-do-well access to the vehicle’s takeover, Mashable reports.

    “If a researcher has facts related to any vulnerability in one of our products or services,” a GM representative said, “we want them to report those to us.”

    Anyone who finds a susceptible area in a GM vehicle can contact the company via email at cybersecurity@gm.com.

    GM’s request comes just three months after a hacker claimed to have commandeered any of the company’s vehicles as long as they come with the OnStar system.

    In that incident, the hacker named Samy created a gadget – he called “OwnStar” – that allows anyone to locate, unlock, and start a car using the OnStar system.

    Samy points out in the video that the vulnerability actually lies in the mobile software utilized by the service and not the actual General Motors vehicle.

    Additionally, he noted that both General Motors and OnStar have been receptive of his concerns and have already started working on a resolution.

    A spokesperson for the carmaker said at the time that a remedy had already been put in place.

    “GM Product Cybersecurity representatives have reviewed the potential vulnerability recently identified by [Samy], and a fix has already been implemented to address this concern. No additional action is required by our customers,” the spokesperson said.

    Companies have increasingly been asking for the public’s help in identifying hack vulnerabilities in their products.

    Back in May, United Airlines unveiled a Bug Bounty program that rewards independent researchers with airline miles for discovering and reporting issues that affect United’s websites, mobile apps and online portals in a way that could put customer data at risk.

    Two months later, the company handed out its first bounty of one million miles – worth about $25,000 – after a researcher found an issue that would have allowed someone to execute code remotely on one of the company’s systems. He was unable to provide additional details on the bug.

    GM wants hackers to report any ‘vulnerabilities’ they might discover [Mashable]



ribbi
  • by Ashlee Kieler
  • via Consumerist


Комментариев нет:

Отправить комментарий