BMW releases Microsoft-like patches to plug ConnectedDrive system holes

I’m sure mechanics who plied their trade in the mid-Seventies didn’t have a clue about computing or hackers for that matter, but we’re faced with more practical matters, like clogged carburetors, dead spark plugs and the traditional starter motor annoyance. But now, car technicians have all sorts of issues to worry about. Take BMW’s latest press release for example.

The company (yes, the car company BMW) has released a patch (yes, a software patch) for its ConnectedDrive in-car infotainment and management system that, if left unchecked, could orchestrate the remote unlocking and opening of a BMW’s doors. It should be noted that these holes weren’t reported to be exploited in any manner even though 2.2-million cars were affected, but was patched as a precaution.

And here I thought an alternator that won’t turn over is the biggest worry. It’s simply ridiculous reading.

The ConnectedDrive system though, is what one could understand as the operating system (à la Windows) of the car. It manages everything from air-conditioning, to the door locks, but thankfully doesn’t control the innate hardware driving systems of steering, throttle input and the like. That could be a potential industry ending issue.

Essentially, once hackers gain access to the system via the car’s on board SIM card, the system can be bended at will, letting the attacker open door locks and adjust the air-conditioning temperature all the way up. Extremely inconvenient.

BMW has however fixed the issue but it leaves the question: how secure will connected and (more scarily) autonomous cars be in the future?

We hope manufacturers take future precautions to preventing exploits of this kind in the future, but it’s incredible to think that software engineers will find a place next to grubby-handed mechanics under the same roof working on the same car some day.