So with all the hacking and viruses going around the internet, how safe are our Jaguars from hacking? I started her up yesterday and the clock had adjusted automatically to daylight savings time and it got me thinking....
1. What happens if I get a virus or ransom ware when brousing the internet thru the infotainment system?
2. Jaguar sees where we are and tracks us through Journeys. How safe is that info on Jaguar's server?
3. Same goes for remote start and control.

I saw some discussion of this a year or two ago when some white hat hackers took control of "connected" cars through the net but have heard very little since and there is nothing about any of this in the manuals or Jaguar's website.

 

Find out how the various modules interconnect (consult circuits) and see what you think.

The ones that were hacked (Fiat, I think, but not Jaguar) had particularly stupid designs where non-safety critical systems were connected to safety-critical systems. Well, duh. Any virus then has a path from the big bad world right into the vital stuff.

Hard to believe anyone would do that but hey there's always someone uber-stupid.

I wonder if the driverless vehicles will be better or will just be waiting for a mass virus that when in control kills thousands...

 

JagV8 has some good points.

I do carry a regular concern about that. I know that the best and strongest security not only ENDS with me in the palm of my hand, but also STARTS with me in how much I embrace extraneous or unnecessary technology in my everyday gear.
The companies that market the software, the apps, and the connectivity seldom give us those things for our security (even if they say that’s what it’s for). They sell it to us based on our addiction to convenience, and the more convenient the item, the more it tends (only tends) to leave open your security for any numb-skull thief to engage.

I think the best we can do to protect ourselves is DON’T make EVERYTHING in your life so “convenient”:

I had the chance to take the incontrol remote-app add-on… I decided to survive without it—Jaguar’s Journeys tracker account is enough for me.

--I had the chance to upgrade to the car with autonomous braking and autonomous lane-keeping functions---I decided my driving history has already proven me as an enormously good driver on the road, and I will survive by paying my own attention as I drive; skip the “autono” stuff for now.

--I had the chance to have remote start on the car---I decided I don’t REALLY mind walking to my car when it’s cold. And I LIKE the sound of the car when I start it up from my driver’s seat.

--I do have the XE with the garage-opener learning button in the rear-view mirror---but I have to be honest that I DON’T really need to use it… so why program my info into it? Just for the entertainment of it? Yawn,…nah.

Eventually, everything is “hackable”, not because of some fault of the software, but because the company that runs it for you, is going to have at least one dopey employee who will leave the door open for infiltration and theft.
The thieves really don’t need to be super-clever hackers. LOL, the lower-intelligent thief can get into your accounts with just one class-5 dopey employee around.

 

Doesn't even take a low level employee. Just leave a corrupt USB stick in the parking lot or on the reception table and 9 times out of 10 you are in.

But for me the big question is how do we deal with a virus or ransom ware? Jaguar tracks your vehicle and has the ability to download updates to the software, so there is a way in no matter what you have.

If I get in the car and the ICT says "send me a bitcoin or I won't start", who would you even call? Jaguar?

My car came with the hotspot, so how big a possibility is this? Can't drive by the strip club with the free WIFI anymore for fear a getting a virus off the ping?

 

Can it download updates to safety-critical parts over the air? I hope not.

If it can, I'd say it's designed wrong.

If it can't do those kinds of updates, then the worst that happens is something annoying/embarrassing or the like. Bad enough but safe.

 

I work in the infosec industry. Particularly stupid design is the norm. Don't connect your car to the internet. If not today, then sometime within car's lifetime it will get hacked.

Just think of a desktop computer. Do you think one could be safe without regular patches for many years? No, they get patched every other week. Most of these patches is just to stay on top of really bad stuff. Your car? At most, it would get patched on your yearly visit to the dealer. If that.

 

The point here is that some car makers are connecting the car to the internet and even worse on some/mnay you cannot disconnect it (without rather weird effort and it may not work if you do).