• United States



GPS: On a road to nowhere

Apr 05, 20072 mins
Data and Information SecurityPhysical Security

Is nothing sacred?  By now you will no doubt have heard our last bastion of safety and comfort, our cars, is under attack.  Yes, it is being reported that hackers now have the ability to intercept and change the GPS data being sent to our cars. 

Apparently, they can even fool our navigation systems into directing us to false destinations.  Drivers could be led into dark alleys or other remote locations as a prank or, worse yet, to be robbed.  One can readily imagine the lengths to which this insidious threat could go.  I can see a day when marketers-turned-hackers convince my car to take me to a Starbucks when I have programmed it to take me to Pete’s Coffee or, more horribly, to McDonalds when I really wanted a White Castle hamburger. 

Is there no end to the madness?  This is not the latest Quentin Tarantino movie but, if the latest reports on the Web are to be believed, is the world we live in. 

In all seriousness, this latest rumor/threat demonstrates how quickly real and imaginary threats make their way around the Internet.  Businesses must learn to separate the wheat from the chaff and focus their limited budgets on threats that pose a clear and imminent risk.  We actually received a call shortly after this story started circulating from a large business worried about the safety of its drivers following potentially misleading driving directions.

This reminds me of a similar call from a technology manager who wanted to know if our standard antivirus warranty for software licenses would apply to the Asian Bird Flu.  A little common sense goes a long way when it comes to security threats, particularly those circulating on the ‘Net.

Until next time, drive safely and double check those GPS directions.


Michael R. Overly is a partner and intellectual property lawyer with Foley & Lardner LLP where he focuses on drafting and negotiating technology related agreements, software licenses, hardware acquisition, development, disaster recovery, outsourcing agreements, information security agreements, e-commerce agreements, and technology use policies. He counsels clients in the areas of technology acquisition, information security, electronic commerce, and on-line law.

Mr. Overly is a member of the Technology Transactions & Outsourcing and Privacy, Security & Information Management Practices. Mr. Overly is one of the few practicing lawyers who has satisfied the rigorous requirements necessary to obtain the Certified Information System Auditor (CISA), Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified Risk and Information System Controls (CRISC) and Certified Outsourcing Professional (COP) certifications.

The opinions expressed in this blog are those of Michael R. Overly and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author