As we’ve noted before, Ars readers are extremely skeptical about the whole “connected car” thing. That’s not because Ars is a technology site for luddites—the sad truth is that the car industry’s approach to security lags far behind its desire to expose the inner thoughts of our cars to us via the cloud.
As the tech and auto industries collide, the tech crowd is hoping that its more farsighted approach to ensuring secure hardware and code will start to rub off on its new bedfellow. On Wednesday and Thursday this week, the two have come together in Michigan for TU-Automotive Detroit, a conference that’s focusing in part on this very topic. And tech firms—from established players like Symantec to startups like Karamba Security—want to help the automakers find their way.
The glaring lack of connected security for our cars got mainstream attention last year when Fiat Chrysler had to recall 1.4 million vehicles, but despite the FBI’s plea to motorists to remain aware of security issues in cars, the driving public doesn’t seem too concerned. Earlier this week, research firm Forrester announced that more than one in three Americans wants their next car to have better Internet connectivity. Meanwhile, the hacks keep happening. Nissan’s API for its Leaf electric vehicle allowed completely anonymous requests to cars. Mitsubishi might have decided to enable connected car services for its Outlander via the vehicle’s Wi-Fi in part to safeguard against attacks in the cloud, but it forgot that Wi-Fi needs some common sense security protections, too.