Automobile Recall - Software Update required

Hi
I heard this on the news today and thought it would be interesting;
http://www.civicx.com/threads/stop-sale-safety-recall-2016-civic-vsa-software-update.5926/

Not sure which is worse, parking your car on a hill and wondering if
the parking brake is or isn’t going to work or even after an update…

It’s also an interesting attack vector if someone was so inclined…


Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
openSUSE Leap 42.1|GNOME 3.16.2|4.1.31-30-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!

IMO worse will be when/if OTA mandatory updates become “normal”. The best way to break a system, as W10 seems to be showcasing.

Message on your car panel:

“The system is being updated and will restart shortly. Don’t turn off the engine, don’t brake and don’t shift gears. The motor will shut down when done.”

As long as there is a “dumb car” mode baked into the “smart car”…

Thanks a lot for the news. Electronics braking is auto mobiles is always very interesting :slight_smile:
Maybe the only way to go forward is to go the Wheeler Dealer’s way and revive some all mechanical car without a PC on deck.

Bruce Schneier; Crypto-Gram October 15, 2016:

Remember, a modern car isn’t an automobile with a computer in it. It’s a computer with four wheels and an engine. Actually, it’s a distributed 20-400-computer system with four wheels and an engine.

Bruce forgot to mention the “‘intelligent’ electro-mechanical” transmission chain, braking system and motor management. <Crypto-gram: October 15, 2016 - Schneier on Security;
The main reason for his article is here: <http://fortune.com/2016/09/20/tesla-security-bug-hack/&gt; and <https://www.theguardian.com/technology/2016/sep/20/tesla-model-s-chinese-hack-remote-control-brakes&gt;
[HR][/HR]Another issue with the current state of software development in the automobile industry is here: <https://www.schneier.com/blog/archives/2010/08/hacking_cars_th.html&gt;.
[HR][/HR]And, there’s the issue with the VW EA189 common-rail diesel (I’m waiting for the letter from Škoda which authorises the software and hardware update).
[HR][/HR]We shouldn’t forget that, the automobile industry had “issues” before the things ceased being a purely mechanical contraption: :wink:

  • Chevrolet Corvair (Ralph Nader);
  • 1985 Audi 100 with the 5 cylinder engine fitted with a mechanical fuel-injection system: under certain temperature conditions it didn’t idle properly;
  • Toyota and the “loose foot mat under the brake and accelerator pedals” issue;
  • [Not really a “purely mechanical issue”] Mercedes-Benz “A” class and the Swedish “Elk Test”.

Good reads. Thank you. The IoT part is of great interest for me. When I was working for Cisco 1 year ago they were pushing for IoT very hard :slight_smile:

Internet of Things (IoT):
Some of the things which people like me who worked in the teams involved with mobile telephony never foresaw:

  • Nobody imagined that, the SMS traffic would reach the levels it did.
  • Nobody imagined that, SMS would be used by embedded systems.
  • When 3GPP began releasing the standards for GPRS and later HSDPA/HSUPA and even later LTE, we never imagined that, almost everyone would be walking around with their noses glued to something being pushed out to them by the Internet (instead of taking care of where they’re walking).

[HR][/HR]We did foresee:

  • Location Based Services but, we thought that it would remain a (telephony) Provider service – we oversaw the implications of mobile devices having GPS/GLONASS capabilities and feeding that data to the Internet.

We did take extreme care that, at least the data streams between the mobile devices and the Provider’s network was reliably encrypted.
[HR][/HR]More on what the IoT can do: <https://twitter.com/olesovhcom/status/778019962036314112>; <http://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/>; <https://twitter.com/olesovhcom/status/781201292383444992>.