[tubedreamer]

Given the security holes in cars that have been coming to light, I'd really want to get a car that is not connected to the cellular network at all. Even wifi capability is risky. Does anyone know if all 2 series cars are internet connected or if only certain options have wireless hardware installed?

Can you rip out any wireless modules if they are there?

If there are wireless computers on board I sure hope they aren't networked to the ECU and other drive control computers.

The only secure computer is an unplugged one and there really is no "good" reason an entire car needs to be connected to the internet. The damage that can be done with a hacked car is so much more imminent than what can be done with a hacked phone or computer, especially with cars that have lane/parking assist, collision avoidance, and adaptive cruise control. They just need a brain to be fully self driving and out of your control.

[Cyberdemon]

The car without the tech package should be completely "unplugged". The tech package adds the cellular modem in order to enable the connected drive features, nav updates, etc.

The whole Chrysler thing is a bit crazy. My wife's Jeep was affected and I agree, I have no idea why the navigation system should have hardware ties to the steering rack, brakes, or any other actual system.

[MikeT]

Quote:

Originally Posted by Cyberdemon

The car without the tech package should be completely "unplugged". The tech package adds the cellular modem in order to enable the connected drive features, nav updates, etc.

I tend to agree. Without the tech package, it's probably fairly 'unplugged.'

Bluetooth (which is on all the cars) could still be a potential vulnerability, but the hacker would have to be at pretty close range.

The parking assistant option would be a little worrisome to me, since, when activated, it apparently assumes control of the steering wheel and brakes. Hate to see what a hacker might be able to do with that.

[configt]

My car has no options other than EBII paint. They are still receiving diag messages via the cellular radio built into the car as the dealer has been calling me when my battery is low. I don't believe there is a way around this.

[isthar]

unless you are very important... don't worry, nobody cares to hack you... (i say this in a good way!)

[3PedalMINI]

dad has a base model 228i and his is connected via cellular.

The easiest way would be to find the sim card and pull it, I would imagine it is burried somewhere.

My car was ED and I was connected to their network as everything worked, however I imagine that when it gets to VDC they must replace the sim card or module....

That whole chrysler thing is very scary...Since im in the Tech field I know how they are controlling it since every device in the car is connected via canbus, in the wired video they said they were controlling everything though the bus (meaning canbus) Think of it as a vehicles network just as your office is networked.

You would think they would be able to separate the two completely and im sure they can but then you lose all ability to see what your car is doing in the infotainment system (TPMS-Oil Level Etc) which is what consumers want..an easy way to defeat this is by only showing those things in the dash and leaving the infotainment system completely separate but again the market dictates what consumers want to see in their fancy "7" screen"

As consumers want more in their day to day lives it unfortunately makes it harder and harder to be less connected, and unfortunately these surveys etc and the manufactures caving to the market hurts those of us that would prefer to have "dumb cars and devices" Unfortunately I think this video taking over a jeep means car manufactures will have have to become data security companies first then car manufactures

[Pyewacket69]

I spent my entire working life in the data on/computer industry (I'm 60 and retired now), so I have some understanding of how things in this environment perform...

Since any automated system can be manipulated (that's the entire point of an automated system, to be "programmed" to do a/several task(s) by the programmer), it's not really a question of a system being "hack-able", but how easy/difficult it is to hack the system.

The question people should be asking is how easy is a system can be hacked, not can a system be hacked... Every system can be hacked given enough knowledge of the system, time, money, and some form of access.

Everything from your cellphone to the jetliner you occasionally ride on offer the possibility of access, but few people worry about someone taking control of either one. It's a complex problem that requires a lot of knowledge and motivation for someone to succeed in an attempt.

The problem today is that the threat of being hacked is only going to rise. Just like the atomic bomb, there's little chance that threat is going to disappear.

Like credit card theft, which is sensationalized when someone hacks into a store's database and steals millions of numbers, the fact is that you're far more likely to have your number stolen AND USED FOR THEFT by someone with your card in their possession (waiter at a restaurant when you pay your bill from your table, sales clerk, etc.) than a hacked database. It's easier, simpler and cheaper to get your number that way.

That's not to say we shouldn't be concerned about these issues, but connected life is the way of the future. Unless one wishes to move to an Amish community or the like, there isn't going to be a way to avoid it. EVERY code can be broken.

We as consumers need to be vocal in demanding that companies and manufacturers do everything in their power to provide reasonable security, not absolute security.

Absolute security isn't possible in any programmable environment.

[bluemeanie]

I wonder if all new cars may actually be required to have this sort of vulnerability as a backdoor entry point for national "security" aka Big Brother.

When I suggested putting a tin foil hat over the shark fin everybody laughed. Who's laughing now?! Stupid Earthlings!

[Pyewacket69]

Quote:

Originally Posted by bluemeanie

I wonder if all new cars may actually be required to have this sort of vulnerability as a backdoor entry point for national "security" aka Big Brother.

When I suggested putting a tin foil hat over the shark fin everybody laughed. Who's laughing now?! Stupid Earthlings!

The time when we should really be worried is when we see a news crew take a hacker to a car lot containing dozens of cars, have the reporter point to a random car and say "Hack that car and drive it away", and then see the hacker do it in a matter of minutes in real-time.

That's the point when I'll be concerned...

[alz0rz]

The sim is in the module by the battery underneath the trunk liner.

[Kiwi]

I'll believe this when I see a BMW hacked sim card.

I can understand Jeep getting hack as it's not like they have top rated vehicles and I've own a few. They are just a cheap run around with good 4x4 driving, it's a shame their is only the Wrangler left which is a true Jeep.

[Cyberdemon]

Quote:

Originally Posted by Kiwi

I'll believe this when I see a BMW hacked sim card.

I can understand Jeep getting hack as it's not like they have top rated vehicles and I've own a few. They are just a cheap run around with good 4x4 driving, it's a shame their is only the Wrangler left which is a true Jeep.

The quality of the vehicle has little to nothing to do with the code sitting on the car.

Vulnerabilities will always exist, you have to decide of the millions of cars on the road what will make someone want to hack yours. Once these vulnerabilities are discovered, they can be patched, and then it's a non issue, at least until the next one.

Everything has a computer in it these days, and part of the hacker ethic is to simply try to discover these things, not to use it to kill millions of people. That's why they came out public with the Jeep hack to use it as a discussion point at a conference and to light a fire under Chryslers ass for a fix (Which was already released).

[nike001]

Just responding to the OP:

You're not going to get any BMW that isn't connected to a network in the US. They all have BMW Assist which in the case of en emergency, transmit your location to emergency services, as well as send a signal when your airbags are deployed.

[Cyberdemon]

By an E46 M3, save money for repairs, profit.

[krhodes1]

Quote:

Originally Posted by isthar

unless you are very important... don't worry, nobody cares to hack you... (i say this in a good way!)

Security by obscurity. I'm sure not losing any sleep about it.

[Cyberdemon]

If you read more into the Jeep hack, they also point out that in order to hack the vehicle they need the IP address of your specific car. So unless your license plate is "192.168.1.7" you are probably quite alright, the hacker would need physical access or some elaborate car based phishing scheme to get the IP and then load the hacked firmware. Possible yes, but again these are people who's job is to find security vulnerabilities.

At least be glad you have airbags.

[Pyewacket69]

As I understand the issue, there's virtually no way for a remote hacker to identify a specific vehicle without some sort of assistance and cooperation from the person inside the vehicle or precise knowledge of where the vehicle is sitting at the time of the attempted hack.

A far more likely scenario would be for a hacker to simply "brick" a wide range of vehicles at once, either to extort money from the manufacturer or to make some kind of statement about their "superior" abilities to cause havoc.

People sometimes don't comprehend the difference between the possibility of being hacked and the probability of being hacked. It's night and day difference.

Again, I'll be concerned when a reporting crew goes to a parking lot, points out a specific vehicle (one the hacker has never seen before), and the hacker taps into the cars electronics as they watch.

[Kiwi]

Quote:

Originally Posted by Cyberdemon

If you read more into the Jeep hack, they also point out that in order to hack the vehicle they need the IP address of your specific car. So unless your license plate is "192.168.1.7" you are probably quite alright, the hacker would need physical access or some elaborate car based phishing scheme to get the IP and then load the hacked firmware. Possible yes, but again these are people who's job is to find security vulnerabilities.

At least be glad you have airbags.

1.4 million Jeep vehicles in the United States recalled due to requiring new software to prevent hackers.

This is just like Jeeps 9 speed auto was so bad they had to stop production and stop delivery. Jeep is lacking BMW's pre-produtcion testing.

2017/18 new Wrangler is getting BMW's 8 speed auto.

[Pyewacket69]

Quote:

Originally Posted by Kiwi

Quote:

1.4 million Jeep vehicles in the United States recalled due to requiring new software to prevent hackers.

This is just like Jeeps 9 speed auto was so bad they had to stop production and stop delivery. Jeep is lacking BMW's pre-produtcion testing.

2017/18 new Wrangler is getting BMW's 8 speed auto.

You mean the nine speed auto made for Chrysler by ZF, who also makes the eight speed auto for BMW?

[Cyberdemon]

Quote:

Originally Posted by Pyewacket69

You mean the nine speed auto made for Chrysler by ZF, who also makes the eight speed auto for BMW?

My wife owns the Jeep, and the 9 speed isn't even in the same league.

Don't ask me how they got it so wrong when the ZF8 is so right.

The 9 speed shifts brutally hard, never goes into 9th gear, and is as predictive as Stevie Wonder.

The 9 speed drives like an auto did in 2002, just with more speeds. The ZF8 drives better than most DSG gearboxes.

So maybe while they're in there hacking, they can fix the transmission software.

[david.orr]

Like the OBD position issue, this will boil over and we continue to enjoy our cars. Don't worry about it, if it happens it happens.

[Kiwi]

Quote:

Originally Posted by Pyewacket69

You mean the nine speed auto made for Chrysler by ZF, who also makes the eight speed auto for BMW?

BMW's 8 speed is built to BMW's standards and as you know there is always the discount seconds factory to any manufacturing company and ZF's seconds factory is called Jeep.��

Apple and BMW have been talking for years but now Apple has hired Doug Betts, former Senior Vice President of Chrysler so who knows what kind of car that may turn up if any.

Enjoy your 2 series and drive it like you stole it.