Forbes -- Increasingly smart cars (and smart homes) are becoming the center of our digital lives. At a minimum you want to play your music where ever you go, and control other aspects of personal comfort such as lighting and temperature. The convenience of the Internet of things means your personal comfort zone can follow you most anywhere, it doesn’t even have to be your own car or house. But most of us do not fully understand the security consequences of having all our logins and passwords stored inside external devices we may possess even if only temporarily.
“When I get a rental car,” said David Miller, Chief Security Officer for Covisint, “the last thing I do is pair my phone. It downloads all my contacts because that’s what it wants to do. In most rental cars you can go in and –if somebody’s paired with it—see their contacts.”
Unlike most people today Miller is thinking ahead to what happens next. “I spend all this time connecting my vehicle to my whole life,” he said, “and then in five years I sell it – how do I disconnect it from my whole life? I don’t want the guy who buys [my car] to be able to see my Facebook friends, so you have to de-provision. Security guys are much more interested in the security vulnerabilities around de-provisioning than provisioning.”
Miller’s company, Covisint, created by GM, Ford, and the former DaimlerChrysler, connects the automakers back end systems to a variety of supply chain vendors through the use of a single login and password. “We provide a cloud service that connects people and things with information that are external and separate from them.” Lately Covisint has taken that idea and applied it to the Internet of Things.
Read the rest of the story here: http://www.forbes.com/sites/robertvamosi/2015/05/04/dont-sell-that-connected-car-or-home-just-yet/