A lively thread started today by Wayne Yan on our discussion group. He posted the results of his team’s research into the security of OBD II adapters. You can go to the thread and engage in the discussion, as well as grab the research paper. More videos and information are available from Visual Threat.
The OBD II port is a diagnostic connection to the computer on your car’s engine. Mechanics use this to determine what has been going wrong with the car. When going for your emission’s check, this is the port that gives engine information. Rental car agencies and insurance companies use this to log driving habits.
Several adapters are now coming to market which will enable this diagnostic information transfer to happen over Bluetooth, rather than through a wired connection. That’s a nice feature for long-term use cases, such as logging driving behavior. Except that some of these adapters allow instructions to be transmitted to the car from a remote device. In other words, if you’re driving a rental car with one of these devices, someone else could kill the engine, unlock the doors, open the trunk, etc. It’s only a limited set of instructions, but that should still be enough to make people take notice.
The video below demonstrates some of the research.