Comment Direct connect (Score 2) 199
From the article.
By hooking up his laptop directly to the device he says he would have been able to unlock doors, start the car and gather engine information, but he chose not to “weaponise” his exploits
SO only direct connect has been proven.
The researcher noted that for a remote attack to take place, the concomitant u-blox modem, which handles the connection between Progressive’s servers and the dongle, would have to be compromised too. Such systems have been exploited in the past, as noted in a paper here from Ralf-Philipp Weinmann, from the University of Luxembourg.
Remote access has only been shown by similar systems.
Call me when you can actually show a remote exploit through the dongle.