Kia: Difference between revisions
Added archive URLs for 5 citation(s) using CRWCitationBot |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 13: | Line 13: | ||
==Consumer-impact summary== | ==Consumer-impact summary== | ||
Kia has explicitly designed Kia Connect as a closed platform. In 2025, the company added CAPTCHA-based authentication to its EU login process <ref>https://github.com/Hyundai-Kia-Connect/hyundai_kia_connect_api/issues/855 | Kia has explicitly designed Kia Connect as a closed platform. In 2025, the company added CAPTCHA-based authentication to its EU login process <ref>{{Cite web |last=@Jesus-M |date=2025-08-07 |title=EU login error (again) #855 |url=https://github.com/Hyundai-Kia-Connect/hyundai_kia_connect_api/issues/855 |url-status=live |archive-url=https://web.archive.org/web/20250903172139/https://github.com/Hyundai-Kia-Connect/hyundai_kia_connect_api/issues/855 |archive-date=2025-09-03 |website=[[GitHub]]}}</ref>, which disrupted community integrations such as [https://evcc.io/en evcc], [https://github.com/Hyundai-Kia-Connect/hyundai_kia_connect_api hyundai_kia_connect_api], [https://github.com/Hyundai-Kia-Connect/kia_uvo Home Assistant], and others. These projects had previously enabled features such as retrieving the state of charge, smart charging with renewable energy, and integration into smart homes. | ||
When asked about an official interface, Kia responded that “the Kia Connect ecosystem is designed as a closed platform” <ref>https://github.com/evcc-io/evcc/issues/23147#issuecomment-3229600956 | When asked about an official interface, Kia responded that “the Kia Connect ecosystem is designed as a closed platform” <ref>{{Cite web |last=@astrakid |date=2025-08-27 |title=Since Kia API update: vehicle soc: timeout #23147 |url=https://github.com/evcc-io/evcc/issues/23147#issuecomment-3229600956 |url-status=live |archive-url=https://web.archive.org/web/20251210182819/https://github.com/evcc-io/evcc/issues/23147 |archive-date=2025-12-10 |website=[[GitHub]]}}</ref> and that “an implementation of a public API is currently not planned due to security concerns” <ref>{{Cite web |last=@Snited |date=2025-08-28 |title=Since Kia API update: vehicle soc: timeout #23147 |url=https://github.com/evcc-io/evcc/issues/23147#issuecomment-3233590258 |url-status=live |archive-url=https://web.archive.org/web/20251210182819/https://github.com/evcc-io/evcc/issues/23147 |archive-date=2025-12-10 |website=[[GitHub]]}}</ref>. | ||
==Incidents== | ==Incidents== | ||
===Security vulnerability (2024)=== | ===Security vulnerability (2024)=== | ||
Researchers disclosed flaws in Kia’s European web portal that allowed remote control of vehicle functions, including unlocking doors, starting engines, and tracking location, using only a license plate number. The vulnerability was patched after disclosure <ref>{{Cite web|url=https://www.wired.com/story/kia-web-vulnerability-vehicle-hack-track/| | Researchers disclosed flaws in Kia’s European web portal that allowed remote control of vehicle functions, including unlocking doors, starting engines, and tracking location, using only a license plate number. The vulnerability was patched after disclosure <ref>{{Cite web |last=Greenberg |first=Andy |date=2024-09-26 |title=Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug |url=https://www.wired.com/story/kia-web-vulnerability-vehicle-hack-track/ |url-status=live |archive-url=http://web.archive.org/web/20251216145111/https://www.wired.com/story/kia-web-vulnerability-vehicle-hack-track/ |archive-date=16 Dec 2025 |access-date=2025-08-26 |work=[[Wired]]}}</ref><ref>{{Cite web |date=2024-09-20 |title=Hacking Kia: Remotely Controlling Cars With Just a License Plate |url=https://samcurry.net/hacking-kia |url-status=live |archive-url=http://web.archive.org/web/20260111141618/https://samcurry.net/hacking-kia |archive-date=11 Jan 2026 |access-date=2025-08-28 |work=[[samcurry.net]]}}</ref>. | ||
==See also== | ==See also== | ||