1. 28

  2. 8

    Thanks for posting this - it’s a couple years old, but I remember seeing the other side (“almost nobody who thought they had this issue actually did”) recirculate recently somewhere else, so clearly it’s still on people’s minds.

    I’ve heard, but can’t find a source, that there are roughly a hundred processors in today’s cars. In the absence of transparency, I regard it as completely inevitable that the code is unmaintainable and dangerous.

    As a consumer, I doubt it would even be possible for me to locate all the chips in a car; it’s certainly undocumented and undisclosed. And that’s terrifying.

    For an example of the scope of the problem, on a high-end vehicle with a tire-pressure sensor, I’m told there’s some sort of custom MEMS chip which I imagine would be quite difficult to see even if I knew where to look, and I know that it’s connected wirelessly to the car’s network because a) the UI implies this from how it gets confused about which tire is which following a tire rotation, and b) you can’t really run a wire into a spinning wheel… I don’t know how it’s powered; it might be possible to figure out where it is based on that. But what about all the systems we don’t even know to look for? Reverse engineering is not a viable approach here, and consumers shouldn’t have to guess about what fallible components their vehicles have, to begin with. Obviously this particular one isn’t going to cause a crash, at least.

    Oh well?

    1. 4

      you can’t really run a wire into a spinning wheel

      The solution to this problem is called a slip-ring (https://en.wikipedia.org/wiki/Slip_ring)

      Edit: from looking at the page, for this application, they would probably go for a rotary transformer

      1. 1

        Hah - interesting! Thanks :)

      2. 3

        you can’t really run a wire into a spinning wheel… I don’t know how it’s powered

        I don’t know either, but it would be cool if it was powered by kinetic energy from the rotation of the wheel, like some wrist watches.

        I remember seeing some article about halting/slowing someone’s car by interfering with the wireless tyre pressure sensors, no idea if that was just “wifi jamming” or actually telling the car each sensor was low. The attack could at least get the vehicle into limp home mode, limiting performance and top speed, it may even have been possible to prevent it moving altogether.

        1. 3

          Related to this, you might have seen vehicle manufacturers including John Deere fighting against transparency. It seems essential to me that this code be published and modifiable by its supposed beneficiaries, but that is going to be a long, hard struggle.

        2. 7


          1. 5

            Not buying newer cars for a while at least.

            1. 5

              I understand the benefit of computerization for things like emission monitoring and control and for engine operations e.g. proper mixing of fuel + air, proper combustion etc. I don’t really see the benefit of computerizing user controls.

              I think hydraulics were a boon for people with physical disabilities but it’s terrible when you lose power. Our old Honda would stall often and I would be wrestling with the steering to get it to the breakdown lane, since now I was fighting the hydraulics rather than being assisted by them. I was terrified that there was now this extra layer between my steering column and the wheels that made itself known only when it shouldn’t. I can’t imagine what it feels like to press the brake and have the accelerator still jammed down.

              I also like manual windows, manual locks, so I guess I’m a little behind the times, but I figure - we know how those are jimmied. Electronic locks, electronic controls WHO KNOWS how they can be jimmied :)

              1. 3

                See also BMW (And other manufacturers) remotes and/or keyless starting security flaws.

            2. 5

              Richard Stallman please recommend a good open source car. Tesla are relatively forward thinking, perhaps they will be the first? It may be the same problem as video drivers, “no because trade secrets!”.