Security holes found in big brand car alarms


Security flaws in three specialist car alarms have left vehicles vulnerable to being stolen or hijacked, say researchers.
The bugs were found in alarm apps by Clifford, Viper, and Pandora. The alarms are on three million vehicles.
The security researchers exploited the bugs to activate car alarms, unlock a vehicle's doors and start the engine via an insecure app.
The expose has prompted the firms to upgrade security to remove the flaws.
Alarms 'unhackable'
An organization focused on two well-known firms that produce alarms that can be accessed and controlled via smartphone apps - Pandora and Clifford (known in the US as Viper).
The research found that Pandora, which had advertised its system as "unhackable", allowed a user to reset account passwords for any account.
Pandora now no longer makes the claim that its system is unhackable.
The password flaw allowed researchers significant access to the app. They could:
§  to take control of the smart alarm remote access app
§  track any vehicle in real time
§  remotely activate the alarm
§  open the door locks
§  start a vehicle's engine




https://www.bbc.com/news/technology-47485731

Post a Comment

0 Comments