I’ve already expressed concerns about the IoT and what commitment manufacturers will have in the long term for security of the device they sold in an earlier article.
From cameras to childrens toys we’re seeing a large increase in products that are internet connected which in the short term offer attractive features but we really need to question the track record of the manufacturer in firstly producing secure software that stands up to independent testing but also shows long term their awareness of exploits and vulnerabilities that affect their products.
This article I’ve found asks the same questions of the automotive industry which sees products with lifetimes far in excess of what our mobile phones, TV’s and other consumer products would have (say up to 5 years). My own car is 7 years old and while mechanically sound is out of warranty with the manufacturer – if it were connected to the IoT then I’d likely have stopped receiving updates 4 years ago and be at a higher risk of theft, privacy breaches or even death from hacked safety features.
High end cars have been on the market now for a few years with features that allow remote locking via an app and more. Given the computer systems on board cars also have minimal foresight to security and the doctrine has been a single CANBUS network to handle everything there is a real risk of an attack against something so simple as a wireless hotspot put out from the car for the occupants that then can be hacked in some way years beyond the warranty period of the car.
I’m hoping I’m proven wrong, but I’d be looking for my next car to have the option to disable and IoT connections to give me the choice whether to trust the manufacturer in their security commitment.