So...
... don't buy network connected vehicles? Software will always have flaws, flaws will always be found, found flaws will always be used by someone at some time.
A class-action lawsuit claiming Fiat-Chrysler knew about, but failed to fix, significant cybersecurity holes in its cars will go to trial in America later this year. This week, the US Supreme Court refused to hear [PDF] the company's appeal to a lawsuit that was filed after security researchers revealed, back in 2015, they …
I don't know about this particular case, but in other cases it's been the DAB+ radio (max range for a hack of a few dozen km, provided a legal transmitter power is used) that was responsible for the initial hole.
How about manufacturers simply go about not putting important vehicle functions like engine, brake and lock controls on the same physical network as things that have no business interacting with those controls, like radios, heaters, Bluetooth handsfree phone systems, etc.
If I recall, a vendor left access open from the Internet in general to a system that was never supposed to be exposed to the Internet and they figured it out. I've certainly never heard of that being a problem before (vendor screw-up, no monitoring, ports left open) (rolls eyes).
Because those systems do have business being on the same bus. So people cant watch video or browse the internet on their head unit while the vehicle is being driven. So you can display diagnostic information such as the TPMS sensor values on the head unit. Thats like asking why would you ever want a monitor to be connected to your computer, because someone could hack your computer because DisplayPort can carry USB data.
Well, if the choice is:
1. Be able to watch video while driving (!), and possibly get hacked then killed remotely, or
2. Not be able to watch video while driving, but (aside from physical problems) remain in control of the car
I'll pick option 2. Feel free to prioritise your watching video, over your safety, that of your passengers, and that of potential collision victims you may drive near.
> Thats like asking why would you ever want a monitor to be connected to your computer, because someone could hack your computer because DisplayPort can carry USB data.
Unless used as a blunt force weapon or you having problems with flashing lights, someone taking over your monitor remotely probably won't kill you.
You haven't really thought this through, have you?
"Because those systems do have business being on the same bus."
No they don't. I can see that you might want a one way data signal from the ECU etc to the display system of the car, but there is no reason to have unrestricted bidirectional data flow.
I can't think of anything that would want to be displayed that couldn't be gathered from:
- A GPS receiver.
- A unidirectional stream (i.e. rev counter, TPS readings, error codes)
There is nothing that needs the radio to talk to the ECU.
don't buy network connected vehicles?
Not enough. Most vehicles try to connect to the network by various clandestine ways nowdays.
The "phone app" shipped for your vehicle is actually a proxy and most manufacturers tell you very little about what it does. AFAIK only BMW is fully honest telling you what it is going to send to the mothership and the list makes for some scary reading. Nobody tells you what can come the other way around and with an OBD-2 interface on the back of the stereo and the stereo running an obsolete 3+ years old build of Android nearly anything can come that way.
The "phone app" shipped for your vehicle is actually a proxy and most manufacturers tell you very little about what it does.
Indeed. I declined to install the Volvo app when my wife bought her XC60 last year, and I suspect I'll never buy another new Volvo - or any other make of car. My 2015 Volvo XC70, with its blissful lack of "connectivity", might be the last new car I ever have. I know too much to trust any of the manufacturers.
Nobody tells you what can come the other way around and with an OBD-2 interface on the back of the stereo and the stereo running an obsolete 3+ years old build of Android nearly anything can come that way.
Wait, there's a what at the back of the radio???
I use my cars OBDII port regularly for diagnostic information and to check there's no trouble brewing at t'mill. Quite why there would need to be a second port hidden behind the radio, to which the radio is connected is a mystery to me.
Surely if the head unit needs diagnostic information displaying, there should be a few diodes wired in to ensure communication is one way only?
History suggests that if companies can find a way to betray your trust they will.
Then we have the non company hackers.
We have managed so far without network connected vehicles so we have to consider the possible advantages against the fairly obvious disadvantages.
> We have managed so far without network connected vehicles
We have also managed so far without Internet connected tea kettles, yet here we are...
Marketing dictates that everything should be "connected" because it sounds "cool", even there is no real use to it (Do you really need your shoes to automatically update your Facebook status to "walking"?).
> "We have managed so far without network connected vehicles..."
You might be surprised at how long we have had connected vehicles.
How old is your car?
I was taking apart the telephony interface of a turn-of-the-century BMW. This was advertised as a feature that charged specific cell phones, used the car audio system as a speakerphone, and connected to an amplified external antenna. I expected it to be a relatively simple speaker and microphone interface. Instead it was a complete data interface. Inside was a significant microcontroller, an audio modem, and even an unpopulated section of the board for a dedicated cellular radio. This was a car built almost two decades ago, and it had full call-home connectivity capable of accessing engine and chassis status and the navigation system.
"The Jeep owners claim that they would never have bought the cars in the first place if they had known about the security risks, ..." And are these same people going to quit using the internet, cloud, cell phones, etc because of all the security holes in them? What a bogus claim. The net / cloud is just a bunch of holes held together with string ./ vapor. And Jeep recalled the vehicles and patched the software. Hmm...I wonder if these owners patch their copies of Windows, Acrobat, etc. And where's the proof the value of the vehicles has dropped? Did every vehicle owner have an independent appraisal performed or did some Philadelphi lawyer just claim the values dropped? Chrysler hasn't exactly been a paragon of quality the past few years.
We have little real choice about using the Internet, like electricity decades ago it has become a practical necessity of normal life.
Buying a vehicle with network connected risks is not (yet anyway) at that point. Buyers had real alternatives and may well have decided not to purchase a Jeep.
Exactly, I couldn't agree more. £50k per car - who are they kidding - just an opportunist suit. Would think a Jeep would depreciate like a stone anyway.
I had a call from a lawyers office the other day wanting me to get involved (i.e. do a load of paperwork for them) in a class action suit against a timeshare company I used to deal with due to their high maintenance fees. After asking where the hell they got my details they told me they got them as part of the discovery process. Colour me dubious - I used to get a load of calls offering to help me sell it for an upfront fee which were dispatched with the contempt they deserved but this was something new.
The young lady then excitedly told me it was "no win no fee". I pointed out that usually this meant the lawyers got all the cash and the plaintiffs got sod all after the case was settled. I obviously declined their offer.
I'll be watching this one with interest though. If car manufacturers can be successfully sued for software holes that are patched it'll set a interesting precedent. Very interesting.
Even our fairly boring Golf has a performance monitor mode on the entertainment unit that shows engine power output, turbo boost and g-forces.
You can also set the throttle, braking and cruise responsiveness via it, so it's not even just reading engine management info but setting it as well.
WTF is the entertainment system able to talk to the engine management system at all?
- Vehicles already have way too many wires threaded around through holes and in nooks and crannies. Separate data buses for entertainment, emissions, engine management, ABS, etc would add more wires. More complexity. Less reliability. Higher repair costs
- The entertainment system, pathetic though it may be, has by far the best User Interface in the car. Do you really want to try to decode which tire needs air by entering an inquiry in some Morseish code using the ignition key (if you have one) then counting flashes of the dash lights? That's pretty much exactly what was done to read engine management/emissions codes prior to the advent of OBD2 connectors in 1996.
Sharing the bus and UI hardware/software probably isn't something that most engineers would be overly happy about. But it's probably the least bad solution.
Vehicles already have way too many wires threaded around through holes and in nooks and crannies. Separate data buses for entertainment, emissions, engine management, ABS, etc would add more wires. More complexity. Less reliability. Higher repair costs
Perhaps losing a few of these lawsuits might make it a better "value proposition" to engineer bigger holes and better wiring?
Serious question - don't they have to design and qualify to recognized safety standards - e.g SIL, or an automotive equivalent of SW01? A hazard analysis would quickly come up with "software bug gives hackers wireless access to safety critical systems" with the resultant high level requirements, for example to isolate all safety-critical elements from the wireless system (other, better options might be available), which the manufacturer would have to prove by testing and maintain when updating.
If I design a widget that's going to be installed in an air traffic control system in Europe then I have to demonstrate compliance to SW01 and have it signed off, ultimately, by the CAA before it can go into service. Is it just that the auto industry hasn't caught up and the regulators focus on indicator visibility and airbags?
@Someone Else - that might be the case in the USA, but in the UK, ATC provision is privately run and operates in a competitive market. ATC providers (NATS, SERCO and ANS at the moment) compete for work and they can make profits. They have to have CAA safety approval to operate.
The system in my car uses a datapool shared memory system to get data between the infotainment system and the vehicle buses. It doesn't matter how much you compromise the infotainment system, it just can't read or write anything to the rest of the vehicle that the interface module wasn't explicitly designed to allow. And modifying the interface module isn't possible without basically replacing it completely.
Chucking a CAN interface straight onto the application processor would have been cheap and simple but pushing that off to another board means you don't have to trust the infotainment system at all. It has firewalls, every single file is signed, etc. etc. but regardless it's treated as untrusted and isolated.
an extraordinary 4.8 million vehicles
I suppose that's literally true, in the sense that it's out of the ordinary, but it pales in comparison to Ford's 1980 recall of 21M vehicles. Or their 1996 14M-vehicle recall. Not picking on Ford here - they just have three of the top five. And, of course, the size of a recall will be affected by how popular the brand is, and how much the manufacturer is able to achieve efficient reuse of components and designs across the product line.
Sure, Jeeps and other FC products generally suck, to a first approximation. I don't think they're extraordinarily sucky, though. Just ordinarily.
(Also, to be fair, cars these days are much better in pretty much every way than they were in the 1970s, with a few exceptions for value or aesthetics; much better in most ways than they were in the 1980s; and significantly better than they were in the 1990s. I'm not a fan of today's huge, overpowered vehicles, but they are far more reliable than the ones I drove when I were a lad.)