Ed, I meant "kill" in the software sense - that is, just stop the care working as in an "off" switch. I don't think the security person giving the presentation I was at anticipated explosives being inserted in cars. I believe most cars now probably upload data including geolocation to their manufacturer (I seem to recall there's also something in the Zipcar T&C's about this, and insurance black boxes would use it to determine speeds, when you're driving, etc). VW's mistake seems to be that they let some developers put in on an AWS server that wasn't secured. I'm not sure who discovered the lapse - an organisation called the Computer Chaos Club seems to have notified the VW development subsidiary of the lapse, and also Der Spiegel. The article I skimmed seemed to imply it was mainly German politicians etc affected.In practice, there are so many leaks and vulnerabilities these days I doubt whether many security services have the resources to scan for these unsecured - or stolen data - around the internet. In practice, the UK and US security agencies often work with commercial security companies with regard to security matters - that mirrors the way Russian security services often work with criminal hackers to break into systems. I think the Chinese and North Koreans (and I'd guess the Iranians), keep it more under state control, whilst it appears the Israeli security services of set up layers of commercial companies to engineer and mask their activities. There's also a lot of freelances looking for vulnerabilities - either so they can notify organisations affected in the hope of going a legitimate bounty for their efforts or dishonest hackers who want to profit from exploiting a vulnerability.Anyway, if you've got a fairly recent car it's probably watching your every move!
Michael Ixer ● 69d