Japanese giants to offer security-as-a-service for connected cars Japanese industrial giants NTT Communications Corporation and Denso Corporation have decided to start a business “to respond to the threat of increasingly sophisticated cyber-attacks against vehicles.” NTT Communications is a global IT services company that is a member of the NTT Group (which confusingly also operates NTT Data …
Security should be an ongoing obligation of automakers for at least 15 years after the unit was manufacrured. Legislation should be put in place with stiff penalties to back it up. Or is it the owners problem when a few years after purchase, the car can be opened and driven without a key?
15 years of cybersecurity for a vehicle? That is not enough time. I am still driving my car which is 17 years old. It is reliable and paid for. I expect it to be on the road for a long time. 15 years is not enough. Vehicles are not something disposable, like a "smart" TV. When properly maintained, they can be around for a very long time. I know someone who has the first generation of a Ford truck, and he still drives it. No, 15 years is not enough time for a vehicle. Considering how long they can last, cybersecurity should be permanent.
Of course, the better option is not even have the need for automobile cybersecurity by not having a vehicle connected to the internet.
I like the thought, but I've never heard of any Network, PC, or Server equipment or software that came with 15 years support.
I don't see it happening, less car computers are replaced with a standardized PC type motherboard/OS IOT type thing, that can be swapped out with a newer one. Just needs drivers to run the cars parts. I don't see that happening before we are all speaking chinese while sitting in a dark cell.
And again even more arguments to (keep) driving an old timer. Not only do they not look like your average hoover or fridge, they actually do as the driver instructs them to do unequivocally, while replacing a broken light bulb is possible without removing and replacing the complete front end of the car. They are even so dangerous that they will rely on your ability to make decisions, since they do not annoy nag distract warn? inform you all the time that they "need service in X days". So no need for all these "extra services" "preventing me to hurt myself" in my Karmann 14, thank you very much.
Up to the point when "autonomous, unassisted driving" will be prohibited by law that is...
" So no need for all these "extra services""
The need is not yours -- it's the need of pointless but opportunist vendors to generate a revenue stream. I'm waiting until some business starts offering a "guaranteed air supply" on subscription, but I'm not holding my breath.
What, like making a key fob that doesn't respond to a challenge/response call unless an accelerometer within it detects the fob is moving (that'd cut out midnight car theft at a stroke and should have been a standard feature from the outset) or the manufacturers realising that a car has to last many, many years, probably going without critical updates every few weeks (as we know we have to do with almost all other software-based devices) and still maintain rock-solid security?
Wishful thinking, I'm afraid: they rely on the insurance market picking up the pieces - and a cynic could argue that the industry as a whole benefits from car thefts because the missing vehicles have to be replaced. Not me: I'd never be caught uttering such a blasphemous and emotive statement.
"a key fob that doesn't respond to a challenge/response call unless an accelerometer within it detects the fob is moving"
Attempting to solve an unnecessary problem with another layer of complexity? Complexity and security are in inverse proportion -- always.
Modern mechanical locks are can be very secure. The problem is that a decent mechanical lock and key cost a lot more to make and install than a plastic dongle and a solenoid backed by a bit of code.
A simple slide switch on the fob to turn it off would be a good start, so that signal amplification can't be used to unlock and start the car. If the car goes out of range of the fob it should cut out and drift to a halt, and maybe lock all the doors, lock the brakes, sound the horn and flash the hazard lights. Maybe even remove keyless starting altogether - is there really a compelling reason why the driver can't take a key out of their pocket and turn it in a lock to start the vehicle? I'm not interested in buying a car that can't have this feature disabled, or preferably not fitted in the first place.
Funny timing, because in the news here there are plenty of articles about people stealing Toyotas with a fake JBL bluetooth speaker, cf
== Bring us Dabbsy back! ==
I want another real car whether it is electric or not - Steering wheel, analogue dials, real switches for all mechanical functions and a proper handbrake.
They will tell us mechanical devices cost extra, but this is trivial compared with the silly prices of electic cars.
I refuse to pay any rental charge for software or features I have bought.
A radio, Garmin type satnav and self contained cameras and sensors should be usable outside any "smart" features, which I do not want.
Any Google/Apple/Meta Smart garbage should be optional.
Any form of tracking should be specifically banned unless someone is stupid enough to add features like theft proofing.
I don't see anyone offering this sort of thing on any of the current electric cars, as the early adopters and Tesla and Apple fanboys will buy anything their influencers tell them.
Sooner or later there must be a backlash from people that can see through this and want real secure private cars?
Except the rest of the world has already been conned by Facebook et al and is completely clueless about privacy
Sounds a bit like the old days of the fire brigades being run by individual insurance companies, with them turning up to your house fire and standing back to watch it burn down as your insurance was with a rival company
"Yes, we have been slurping your data and know exactly where you are stranded and what the problem is, but your roadside assist package ran out last month..."
My 2006 mitsubishi shogun had a heart attack, so whilst it was at the doctors I bought a Nissan Navara NP300. Bloody hell, the thing is just too smart for its own good. I hate it. I've got my Shogun back and the Nissan is now parked under a tree being shat on by pigeons. It's what it deserves.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
