Hacking Nissan remote link for vehicles.

caddo mancaddo man Failure is success in progress!Posts: 21,439 ✭✭✭✭✭

Nissan has disabled its NissanConnect EV smartphone app, which allowed users some degree of control over their Leaf electric vehicles from their phones, after one security researcher discovered that he could send random commands to random Leafs with nothing more than a Web browser and knowledge of a vehicle identification number (VIN).

Popularized by security researcher Troy Hunt after remotely accessing a British Leaf from all the way in Australia and posting the results to YouTube, the security flaw is made possible because the connection between the remote user and the Leaf's systems was not authenticated. Thus, anyone with knowledge of how to send commands could do so, because Nissan's side didn't bother to determine that the commands were coming from verified sources.


Sign In or Register to comment.