Summary:
Security researchers Sam Curry and Shubham Shah identified critical vulnerabilities in Subaru’s web portal that allowed unauthorized access to vehicles’ internet-connected features. Through these flaws, they could remotely unlock doors, start the engine, and access detailed location histories spanning at least a year. These vulnerabilities potentially affected millions of Subaru vehicles equipped with the Starlink system in the U.S., Canada, and Japan. Upon being informed, Subaru promptly addressed and patched the issues. However, concerns remain about the extensive location data accessible to Subaru employees, highlighting broader privacy implications regarding the data modern vehicles collect.
Just tossing this on these threads at this point:
Subaru data opt out page from the eff:
No idea if they respect it, but its a good idea regardless.
Without the paywall https://archive.ph/JBe4A
Direct link to the write-up: https://samcurry.net/hacking-subaru
I’ll never stop downvoting these BS paywall posts. There’s almost always better source articles that are not paywalled too which makes me feel sad for the poor saps subscribing to these rags.
Andy Greenberg is a great security journalist and Wired is not a rag. It’s a legendary technology magazine with a lot of great coverage. Journalists deserve to get paid. The article has a lot of broader context and interviews with the security researchers, Subaru and other experts. Plus, it’s not even a hard paywall. Delete your cookies or find one of the myriad other ways to read it such as the link above. Or don’t. Your loss
If you enjoy it by all means subscribe. It’s really nothing more than advertising though posting links to paywalled sites on social platforms when there are other alternatives. What percentage of people on here do you think subscriber to your favorite paywall site?
Good call, let’s discourage deep thought and long form discussion. More clickbait and exploitation please!
Subaru is under the microscope, but every car manufacturer does the same dumb shit these days.
Yeah, the article discusses it. It was unique here, though, that everyday Subaru employees have a way to see at least a year of location history for all customers, with no restrictions
deleted by creator
