cross-posted from: https://infosec.pub/post/21710275
Volkswagen has inadvertently exposed the personal information of 800,000 electric vehicle owners, including their location data and contact details. The breach, which occurred due to a misconfiguration in the systems of Cariad, VW’s software subsidiary, left sensitive data stored on Amazon Cloud publicly accessible for months. The exposed information included precise GPS data, which allowed […] The post Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked appeared first on Cyber Security News.
I’m no cyber security expert, but couldn’t a dumb car whose console occasionally hooks up to your phone to provide navigation data work just as fine with fewer security holes?
You can, but now you’ve built a car that depends on something else for a core feature people want.
There’s nothing stopping them from building a car with an LTE connection that only connects to the display for navigation as well with it’s own CPU and everything 100% air gapped from the rest of the car system, but you limit your functionality when you do that as well.