Researchers at UCSD and University of Washington have released a paper on finding remote vulnerabilities in automotive computer systems. Though the simplest method is still to use the automotive data interface, there are also exploitable holes in the cellular network interface, bluetooth network interfaces, and even the car stereo system.
From the article:
But their most interesting attack focused on the car stereo. By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse. When played on the car’s stereo, this song could alter the firmware of the car’s stereo system, giving attackers an entry point to change other components on the car. This type of attack could be spread on file-sharing networks without arousing suspicion, they believe. “It’s hard to think of something more innocuous than a song,” said Stefan Savage, a professor at the University of California.
Adding computers to things also adds security implications. It’s too bad that this is not better understood in the world of product development.