via Dan Goodin – Security Editor at Ars Technica – comes this extraordinary piece detailing security incompetence (with both information and physical security components). Plus, a healthy dollop – if you will – of simple, homegrown, stupidity in the car rental space.
‘”All it took was me downloading the app and entering the VIN, then confirming connectivity through the infotainment system,” Sinclair said late last week. “There MIGHT be a way to disassociate my phone from the car itself, but that hasn’t happened yet, and it’s crazy to put the onus on renters to have to do that. I have had no problems at all and have even unlocked the doors and started the engine when I could see that the vehicle was in the Missoula airport rental car parking lot.”‘ – via Dan Goodin writing at Ars Technica
*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://www.infosecurity.us/blog/2019/11/4/expedition-into-vulnerability