>> It doesn't have to be a "trusted admin" -- putting my "evil" cap on,
it
>> could certainly be someone who impersonates a "trusted admin" or
>> "interested party".
> Right. So now we have an existence proof that OnStar has this
capability,
> and the problem reduces to figuring out how to exploit it.
>
> I wonder if anyone there has considered the consequences that would
> ensue should someone penetrate their security and send out the signal
> to shut them *all* down.
This type of capability with OnStar (and the company's willingness to
work with law enforcement) is nothing new:
http://yro.slashdot.org/article.pl?sid=06/12/02/0415209
Question: Is this capability in YOUR cell phone? How do you know? What
protections does your cell have to prevent someone from penetrating its
security?
--Keith
Keith Young, Security Official
Department of Technology Services
Montgomery County, Maryland
phone - (240) 777-2955
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
