The Security Ledger Podcast

The Security Ledger Podcast


Episode 193: Repair, Cyber and Your Car with Assaf Harel of Karamba Security

November 04, 2020

Massachusetts lit the match that started the American Revolution at the battles of Lexington and Concord back in 1775: an eruption of violence in response to the policies of a repressive and distant monarch.

On Tuesday, the Bay State sent another loud shot across the bow of yet another aloof power broker: the automotive industry. Voters in the state approved Question 1, a ballot measure that expands Massachusetts’ automotive right to repair law, giving vehicle owners access to wireless repair and maintenance data transmitted via telematics systems on modern, connected vehicles.

Report: Hacking Risk for Connected Vehicles Shows Significant Decline

Assaf Harel is the Chief Scientist at Karamba Security.

The question, which passed with more than 70% of the vote, was vigorously opposed by automotive manufacturers and dealerships as well as other technology industry interests, which spent tens of millions of dollars trying to defeat the measure, in part by warning about the cyber security and privacy risks of sharing wireless data.

Voters didn’t buy that argument. But the commercials and industry scare tactics do raise important questions about the security risks of connected vehicles and whether modern cars with their always-on Internet connections are susceptible to being hacked.

Episode 186: Certifying Your Smart Home Security with GE Appliances and UL

To dig deep into that question, I invited Assaf Harel of the firm Karamba Security into the Security Ledger studio to talk. Assaf is the Chief Scientist and co-founder at Karamba Security, which provides security solutions for automotive and IoT controllers.

In this conversation, Assaf and I talk about the state of vehicle cyber security: what the biggest cyber risks are to connected cars. We also go deep on the right to repair -and how industries like automobiles can balance consumer rights with security and privacy concerns.

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloud, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.