Slashdot Mirror

← Back to Stories (view on slashdot.org)

Disgruntled Ex-Employee Remotely Disables 100 Cars

Posted by samzenpus on from the I-think-I-saw-this-movie dept.

hansamurai writes "Over one hundred cars equipped with a Webtech Plus blackbox were remotely disabled when a former employee of dealership Texas Auto Center got hold of his employer's database of users. Webtech Plus is repossession software that allows the dealership to disable a car's ignition or trigger the horn to honk when a payment is due. Owners had to remove the battery to stop the incessant honking. After the dealership began fielding an unusually high number of calls from upset car owners, they changed the passwords to the Webtech Plus software and then traced the IP address used to access the client to its former employee."

9 of 384 comments (clear)

  1. Re:So... by tomhudson · · Score: 5, Informative

    How long until the police/feds/intelligence/etc get to start using this on civilians?

    They already are. See the latest OnStar commercials. If they're chasing you and you don't stop, they can either slow your car down, kill it, and/or make it start honking and flashing lights. And they can keep you locked in your car.

    They've also been caught using it to spy on people by activating the voice channel.

    Never buy a vehicle with OnStar.

  2. Re:I don't understand by tomhudson · · Score: 5, Informative

    To be fair, there are plenty of used car dealers who don't overcharge but do sell to not-terribly-reliable clients. They need a way to get their vehicle back when those clients quit paying.

    Here, let me fix that for you:

    "To be fair, there are plenty of used car dealers who overcharge when they sell not-terribly-reliable cars to not-terribly-reliable clients. They need a way to get their vehicle back when those clients quit paying so they can flip them to the next sucker."

    40% or more a year interest, extra fees, inflated "deposits" that are inevitably forfeited as soon as the sucker is one day late, the car repoed and the customer STILL owes the full amount as damages, "it's not a sale, it's a lease - at the end you can buy it for $100.00" - when at the end it's $100 + fees.

    It's the auto equivalent of pay-day loans.

  3. It's for people with crap credit by Sycraft-fu · · Score: 4, Informative

    They don't ask for it, the bank makes it a requirement of the loan. This way if a payment isn't on time, they can turn the car off to force the issue. You aren't going to find it on a car from a dealer, financed by a normal bank. It is for high risk situations.

    1. Re:It's for people with crap credit by compro01 · · Score: 4, Informative

      Or for people who own cars from GM. Onstar has this same kind of functionality.

      --
      upon the advice of my lawyer, i have no sig at this time
  4. Re:Back door? by Jah-Wren+Ryel · · Score: 4, Informative

    The real question is, why is there *one* password for all the cars? Shouldn't it be one password for each employee who has access to log into the "car disabling" server which then sends the lockdown signal using a trusted certificate?

    They shouldn't have to change the passwords at all, just delete the employee's user account.

    No. That's not the real question. It's a stupid ass question because it was answered in article.
    Each employee does have an account. His account was even disabled. He used another employee's account.

    Man, you got a +5 for "I didn't read the article" - I can understand no one bothering to mod you down, but +5 stupid? Come on...

    --
    When information is power, privacy is freedom.
  5. Re:So... by YrWrstNtmr · · Score: 5, Informative

    And do you have any evidence that those things have been used when the owner is driving the car (even if wanted by the police) or only when the car is reported stolen?

    Sure. Case in Las Vegas. Note that the FBI's use was not deemed illegal/inappropriate, but rather that it denied the user/owner of use during that time.

  6. Re:I don't understand by sodul · · Score: 5, Informative

    I suppose you are trolling but I'll answer your question: it is because there is a higher risk they will never see their money back. If you lend money to 100 people and 10% of them will not repay you, you cannot expect to gain anything if the loan rate is under 10% do you ? If you take an other set of 100 people where you expect only 1% of non payment then you can give them a much better rate.
    It just happen that people with large disposable income are less likely to default on a loan.

  7. Re:and by hansamurai · · Score: 4, Informative

    When I submitted it I made a particular point to remove the references to "hacking".

    --
    Reviewing just the first hour of video games.
  8. Re:I don't understand by tomhudson · · Score: 5, Informative

    They were pulling numbers out of their asses. The Harvard study says it's a lot worse. http://content.healthaffairs.org/cgi/content/full/hlthaff.w5.63/DC1

    Among those whose illnesses led to bankruptcy, out-of-pocket costs averaged $11,854 since the start of illness; 75.7 percent had insurance at the onset of illness. Medical debtors were 42 percent more likely than other debtors to experience lapses in coverage. Even middle-class insured families often fall prey to financial catastrophe when sick.

    and

    Debtors with private insurance at the onset of their illnesses had even higher out-of-pocket costs than those with no insurance (Exhibit 5). This paradox is explained by the very high costs--$18,005--incurred by patients who initially had private insurance but lost i

    Just look at the "out-of-pocket" expenses - and keep in mind that this doesn't include having to continue to pay insurance premiums while losing revenue because you're ill ,,, url:http://content.healthaffairs.org/content/vol0/issue2005/images/data/hlthaff.w5.63/DC1/Himmelstein_Ex5.gif?