If you are reading this on August 1st, 2015 or later and you are not running version 2.1 (or later) of the GM-OnStar RemoteLink app on your Apple iOS device, then let this serve as a friendly reminder to update.
Only applicable to Apple devices, OnStar RemoteLink version 2.1 fixes the recent OnStar hack called OwnStar, which allowed hacker Samy Kamkar to access the OnStar RemoteLink app and execute various commands, including locking and unlocking doors, activating the horn and lights, starting the engine, and finding the exact location of the vehicle on the app’s built-in map. OwnStar wasn’t deployed in the wild, remaining in the hands of Kamkar, and GM isn’t aware of any customer vehicles being affected by the hack.
To address the hack, GM initially issued a server-side update to its systems but discovered that users would also need to update their app to completely address the hack. It issued version 2.1 of the app on July 31st and sent emails to subscribers informing them of the hack and to upgrade.
For those who have automatic updates enabled on their Apple iOS devices most likely already have the latest version of the app installed. Here’s how to check:
- Launch the OnStar RemoteLink app
- Tap the tri-bar “menu” icon on the top left of the app
- Tap App Info
- The version of the app will be displayed at the very top of the app’s screen
So, if you take or read nothing else in this post, then do this:
Update: GM-OnStar just let us know that it has disabled all versions of the OnStar RemoteLink app that are capable of being compromised by the OwnStar hack. So, if you are reading this and your OnStar RemoteLink app is working just fine, then you are already running the latest version (2.1, as of this writing). But if you are getting error messages when logging in, then you really should update.