Nissan Leaf app deactivated because it's hackable
L33tdawg: Interested in automobile security? Check out CANsee: An Automobile Intrusion Detection System set to be presented at #HITB2016AMS in May.
Nissan on Wednesday disabled an app that allowed owners of its electric LEAF car to control their cars' heating and cooling from their phones, after an Australian researcher showed he could use it to control others' cars as well.
The NissanConnect EV app, formerly called CarWings, enabled a remote hacker to access the Leaf's temperature controls and review its driving record, merely by knowing the car's VIN (vehicle identification number).
Computer security researcher Troy Hunt published a blog post Wednesday describing how he discovered the flaw and initially reported it to Nissan on Jan. 23. He contacted the company multiple times and only posted his blog after the issue began to be discussed on security forums online, he wrote.