While I know I should be grateful that it’s a slow news week for technology, it makes writing this blog a little challenging. However there are a few bits of news that may be of interest to at least some of you. Taken individually, each item is probably not worth more than a “Hmph” from the average reader. Together they form a lumpy potpourri of cautionary tales that only serve to highlight our favorite elephant on the internet.
No one should be surprised that if you put a wifi-enabled infotainment system in a new car, someone is going to try to hack it. Dutch researchers from Computest did just that, and succeeded in compromising the system significantly by gaining access to the root account of the in-vehicle infotainment system, which allowed them to view various telemetry data including current and previous locations, address books and even the car’s microphone. Additionally, the researchers hypothesized that they could have accessed the car’s acceleration and braking systems, but stopped short of doing so for fear of being sued by VW. To its credit, VW’s engineers took the Computest’s findings under advisement and have supposedly plugged the exploits for certain models, but it’s unclear how they would handle the millions of cars on the road that do not have the means for an over-the-air update to patch the vulnerabilities. Researchers also concluded that Volkswagen, prior to Computest’s discovery, had not properly tested the infotainment system for these types of security issues. Volkswagen excuses this failing as part of their transition from automaker to “mobility provider”, which only serves to highlight how big companies, to this day, struggle to balance profit with security.
Surprising: The Internal Revenue Service online tax submission platform went down on April 17. I don’t remember this happening in recent years, and their track record may go as far back as when they first started taking digital submissions in 1986.
Not Surprising: The reason the IRS went down – a core computing platform reliant on technology built in the 1960s. That’s right, the IRS processes some of it’s data on technology that’s over 50 years old. I can’t even wrap my head around how they can actually keep that technology going when we struggle to keep two-year-old laptops functional. This is the organization that handles our tax dollars, at “work”. However, I do concede that replacing this ancient mainframe powering the IRS is probably akin to performing open-heart surgery on oneself while keeping pace in the Boston Marathon – not a casual undertaking, and something that can only be done once. You’d think they have enough money for this, but apparently the project to do just this is millions of dollars over budget and years behind schedule. Surprise, surprise.