I don't want my car to be connected to the fucking internet
this post was submitted on 23 Jan 2025
43 points (100.0% liked)
Privacy
456 readers
400 users here now
Protect your privacy in the digital world
Welcome! This is a community for all those who are interested in protecting their privacy.
Rules
This includes the instance rules of dbzer0, which can be tl;dr'd to: this is a libertarian socialist space, no right wing nutjobs or tankies are allowed. As for the community rules:
- Be nice
- No bigotry/prejudice
- No tankies/right wingers
- Don't promote proprietary software
- Stay on topic
- No crypto
- Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!
- If you post news exclusive to a country please name it. (This isn't a bannable rule, but just a recommendation :) )
founded 2 months ago
MODERATORS
Here's the actual write-up. TLDR: The issue is not with the Starlink app itself, but the Starlink Admin system that was vulnerable due to poor coding practices. The pentester was able to take over a Subaru Starlink admin's account and apparently Starlink retains a TON of information about your vehicle and driving history that is easily viewable by any "admin". The tester was also able to add himself to the vehicle's authorized users and could trigger the remote features (i.e. lock/unlock, remote start) from the admin panel. Subaru was notified of this and they claim to have patched it. I'm not sure if opting out of the data collection and sharing would've helped keeping all that information from being retained there.
apparently Starlink retains a TON of information about your vehicle and driving history that is easily viewable by any "admin"
EST