top | item 38244668

(no title)

svorakang | 2 years ago

Neither safety now environment is something you can easily wave at like that. Also, you're completely missing security concerns and legislative.

I have worked in the automotive embedded software industry since 2009 and I have got caught in the safety track in my career. It's a strange place to be, because the basics are extremely simple, yet it takes hundreds if not thousands of man-years to get a modern vehicle reasonable safe just in terms of the electrical system (this includes the software in automotive terms). There are so many ways to make a mistake that could easily result in an accident. Even the window regulators have non-trivial implementation concerns for anti-pinch. Allowing a random hacker to override this is a terrible idea. Now imagine what kind of mess you could do with brakes and steering...

Designing a vehicle to be hackable will very likely lead to an unsafe vehicle.

I believe what I just wrote applies similarly for security too.

Furthermore releasing software for the market, extensive testing is carried out by an independent body to ensure that legislation is followed. Even conceivably simple things such as lighting or headbeam alignment is a pretty large problem domain by itself. Also, so is just the communication standards for diagnostics.

I would say that large changes would be required to transform this industry. In some, protected domains there is use of open source, such as Qt/Linux for HMI, but opening the HMI to be fully hackable is unlikely to happen. There is quite some liability to make the HMI non-distracting.

discuss

jacquesm|2 years ago

Oh dear, I wonder how I'll ever be able to use the code I wrote over the years that controls uncounted lathes, mills, plasmacutters, lasers and a whole raft of other industrial tools.

Obviously the only people that can be trusted with our safety are the manufacturers, because the people whose lives are on the line are irresponsible madmen.

> Designing a vehicle to be hackable will very likely lead to an unsafe vehicle.

Vehicles are hackable, but they're not documented which makes them more dangerous, not less dangerous. Witness comma.ai and others.

ncts|2 years ago

> I wonder how I'll ever be able to use the code I wrote over the years that controls uncounted lathes, mills, plasmacutters, lasers and a whole raft of other industrial tools.

You are knowledgeable enough to make them work. Many aren't. Some can't be. Hacking requires knowledge and skill, and most importantly, being contained. Cutting yourself with your self-programmed hackable laser in your garage is unfortunate, but cutting other people is a disaster you can't afford.

> Vehicles are hackable, but they're not documented which makes them more dangerous, not less dangerous. Witness comma.ai and others.

I see two points here.

1. Security through obscurity is bad. That's true, but we have "business" in the play, so that's how it goes. Maybe push for better regulation.

2. comma.ai, an "autopilot", based on reverse engineering, or as you put it, the base product "not documented", thus makes it "more dangerous". No, it's dangerous not because the base product is not documented, but because there's no real autopilot at the moment, and comma.ai is irresponsibly advertising as being able to "drive for hours without driver action". There are many "black box" products with a ToS that forbid reverse engineering. Does that make the product inherently more dangerous too?

Besides, you seem to suggest that, with open products, people can not make things unsafer. That's not true. Some don't know what they are doing when they "hack" things.

adhesive_wombat|2 years ago

I'm all for open things, but that's a false equivalence. You don't use those tools on a public road around unsuspecting others.

In the same way you can't just merrily hack about with a plane. The FAA don't really care that much if you die in your experiment. They do care if the burning wreckage falls on someone minding their own business.

sircastor|2 years ago

You don’t drive your lathe down the freeway at 80mph. And your lathe probably isn’t surrounded by hundreds of other lathes also going 80mph. And probably not being run by people only half paying attention.

Tell me about the liability laws in place related to you operating your lathe, or the state-required licensing and insurance that each lathe operator holds.

A machining tool is worlds away from a motor vehicle.

ahmedfromtunis|2 years ago

Not necessarily irresponsible madmen; just curious.

Because I bet you if I buy a new car and discover that I can access its internal components via an API, I will be toying with it.

On any other platform that would never be a problem: found a bug? Just restart the container!

But with a car, this might mean a bug in my code manifesting itself while I'm driving 120 kph. And maybe there's a pedestrian crossing the road and I can't stop in time because the bug makes the brake 60% weaker.

This time however, there's not a restart docker button.

I'm sure if this happens people would be attacking Ferreri viciously the way they pile up on Tesla whenever a douche sleeps at the wheel going 100 kph, even though the company said before that that's not safe.

debatem1|2 years ago

> I believe what I just wrote applies similarly for security too.

Automotive security is nearly an oxymoron. The reasons for that are simple: the difficulty and expense of attacking a vehicle exceeds the bored grad student/curious tinkerer threshold, and the automotive industry has collectively the worst attitude towards security I've ever encountered.

The depressingly predictable result is that third party automotive security testing is a sport reserved for people who are extremely disinterested in disclosing their methods to you, aka the actual attackers.

bboygravity|2 years ago

Why would it (legally) be on the car manufacturer if someone hacks his own car and causes an accident because of modifications to the ECU (firmware)?

This doesn't intuitively make sense to me. At the very least there are probably huge differences between countries when it comes to this?

Aside from the fact that some people would likely love to modify their car in every way possible to use it on the racetrack or whatever private property?

jacquesm|2 years ago

Or maybe to make it safer.

frenchie4111|2 years ago

I think their point / the general FOSS argument is that those 1000 of man-years would be turned into 10000 man-years if these things were open sourced. A similar security concern could be waived at things like openssl, but it seems pretty inarguable that openssl is a net-positive for security.

svorakang|2 years ago

I'm all for open access to the code for the sake of safety. On the other hand, I'm completely against hobbyists accidently bypassing a safety mechanism.

Open access, but secure access to software download could make sense, at least for commodity parts.

When it comes to features with competitive advantage, though, I don't see that OEMs or its suppliers have anything to gain.

thomastjeffery|2 years ago

Hackable does not mean crackable. The best security implementations in the world are free software.

I'm not even a tiny bit convinced that making cars hackable would be a detriment to safety. Give me one example of that happening in literally any other sector.

svorakang|2 years ago

You might have a point there, but I struggle to find any completely hackable product that is also safety-critical. Some airplane, nuclear reactor or some train, perhaps?

yjftsjthsd-h|2 years ago

Okay, so for the moment leave aside the safety critical bits (only for a moment) - what's the excuse for not opening up the center console? That generally is already segregated and only handles non critical functions.

jacquesm|2 years ago

Center consoles have been used quite successfully as beachheads by hackers to be able to get into more important systems because car manufacturers are typically utterly clueless when it comes to security. So obscurity is a very large part of their security. Of course that doesn't really work with the most motivated parties (car thieves and their captive techies) having a field day with this.

Hyundai and Kia are reportedly so bad that they ended up paying out a large amount of money to compensate owners.

https://www.reuters.com/legal/hyundai-kia-agree-200-million-...

But don't worry, it's been fixed now. Probably.

pests|2 years ago

> Even the window regulators have non-trivial implementation concerns for anti-pinch

Tesla just got hit by this a few months back. They had to remove the auto roll-up-windows when you walk away after parking. Apparently they didn't have the sensors or hardware to do it safely.

matheusmoreira|2 years ago

> Allowing a random hacker to override this is a terrible idea.

It should be a basic right no matter how "terrible" a idea it is. We bought it, we should have full control. Void the warranty or something.

lm28469|2 years ago

Many of things "should be" and "ought to be" but we all sat around a table and decided to make a neat little thing called the law because at the end of the day we're still just apes and apes don't always act in the best interest of their peers

dack|2 years ago

I'm thinking through the ethics of this myself, but I think it's a reasonable argument that you can have the freedom to do what you want with things that you own _assuming you don't impact others_. The issue with a dangerous car is that it puts others at danger.

lo_zamoyski|2 years ago

And someone could respond "Okay, fine, tampering with the onboard software voids the warranty and shifts responsibility to the tinkerer." But that's a liability issue. The safety concern is still there regardless of who is held responsible. A change that seems innocuous may, in fact, be breaking safety regulations. This is a big deal and a matter of public concern.

mikrotikker|2 years ago

If you clutch those pearls any harder they'll turn to dust.