Telematic control units (TCU) are the embedded devices that underlie the “connected car” concept. They interconnect existing in-vehicle electronic control units (ECUs) with outside systems to provide new services and features. These TCUs can be divided into those sold and integrated by the OEM itself (e.g., such as GM’s On-Star, Ford’s Sync, etc.) and those that serve the aftermarket (e.g., Progressive Snapshot’s, Automatic Lab’s Automatic, Delphi’s Connect, etc.) In prior work we demonstrated vulnerabilities in the former class of such devices, showing that certain OEM provided TCUs allowed both local and remote compromise and subsequent takeover of virtually all automotive systems [1, 4]. More recently, this result was duplicated by Miller and Valasek on the Jeep Cherokee and its UConnect telematics system.