When your phone pairs with a car’s computer system, the evidence can remain long after the joyride.
That’s what a group of Baltimore thieves may be about to find out. Ars Technica IT Editor Sean Gallagher, who lives in Baltimore, has the story of a car theft that turned into a crowdsourced infosec investigation.
Read the full story
A systems administrator who goes by @BaconIsFruit had his house broken into and his Jeep stolen in November. The car was found after an apparent joyride, but the suspects weren’t. The thieves were caught on a webcam, which led to one of the suspects. Clues about the others didn’t emerge until he got the car back, Ars reports:
It was then that he noticed three new device names on the Jeep’s UConnect system paired device list. Since he happens to work in IT at a Baltimore-based cyber-security firm, he showed a coworker the list—launching an open source intelligence gathering operation to identify more of the culprits.
.@baconisfruit's car gets stolen. Criminal geniuses pair their phones' Bluetooth. #OPSECfail (OSINT @AmazinMojoStarz pic.twitter.com/tAfzCL6aaz
— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) February 11, 2016
One matching name was found on Instagram, and now Baltimore police are now looking into the case.
Maybe the connected car isn’t just a hacking trap after all.
Join our growing Slack community
Join 5,000 tech professionals and entrepreneurs in our community Slack today!
Donate to the Journalism Fund
Your support powers our independent journalism. Unlike most business-media outlets, we don’t have a paywall. Instead, we count on your personal and organizational contributions.

These 10 regions could be most impacted by federal return-to-office mandates

From Belgaum to Baltimore and beyond, this founder leaned on family to build a biotech juggernaut

Philly vs. Kansas City: Who’s got the stronger tech economy?
