|
Coredump posted:Honestly, such a thing shouldn't be possible. Stability control, abs, etc is all possible without making those systems exposed to another system with internet access. Sure, it's possible - but consider the complexity of a modern "ABS" module. It's really a heavily integrated auto-brake that might be called upon to handle ABS, stability control, LSD emulation, and brake-on-collision-warning. These are all cool, safety-enhancing things, but a system that complex, that's not named "Space Shuttle," is almost guaranteed to have bugs. Manufacturers know this, and they're well aware of their options. A fully air-gapped system would work, but a major bug would mean either a massively expensive recall, or a coverup. So, why not integrate them into the same system that handles the radio/nav/whatever, that has a firmware update mechanism built in? A dealership tech can quietly update it with a cable in the dash, as part of normal service that also fixes radio bugs and updates the nav map. The recall bill in the billions just got shaved to a tiny fraction of that cost. And once you can hook any component of the system up to the internet, why even bother with the dealerships? Just have a devops guy click the "push update" button, and every car gets the fix, labelled "fix for Bluetooth connectivity issues and other minor problems," before consumers, regulators, or courts ever even know a problem existed. I'm not saying that this is a good thing. But it is a completely understandable decision when you realize that leadership at auto companies want very much to avoid a recall at any cost, and haven't had any reason to think about security risks.
|
# ¿ Aug 16, 2015 20:12 |
|
|
# ¿ May 13, 2024 02:36 |