When your phone pairs with a car’s computer system, the evidence can remain long after the joyride.
That’s what a group of Baltimore thieves may be about to find out. Ars Technica IT Editor Sean Gallagher, who lives in Baltimore, has the story of a car theft that turned into a crowdsourced infosec investigation.
Read the full story
A systems administrator who goes by @BaconIsFruit had his house broken into and his Jeep stolen in November. The car was found after an apparent joyride, but the suspects weren’t. The thieves were caught on a webcam, which led to one of the suspects. Clues about the others didn’t emerge until he got the car back, Ars reports:
It was then that he noticed three new device names on the Jeep’s UConnect system paired device list. Since he happens to work in IT at a Baltimore-based cyber-security firm, he showed a coworker the list—launching an open source intelligence gathering operation to identify more of the culprits.
One matching name was found on Instagram, and now Baltimore police are now looking into the case.
Maybe the connected car isn’t just a hacking trap after all.
