You may have seen my article about my messy experience with State Farm’s InDrive tracking program. It turns out, these tracking devices that connect to your car’s OBD II data port can easily be hacked.
A researcher found that data from the Progressive Snapshot tracker is sent to Progressive’s server unencrypted and can easily be intercepted and manipulated. In theory, this could allow the car’s controls to be vulnerable to exploitation as well. Check out the full article over at Forbes.
If you’re considering your own OBD II data reader, look for one with built-in protections. For example, this OBD II reader for Android phones uses encryption and a secure PIN for Bluetooth communications, requiring someone to have physical access to the device in order to connect to it.