Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Transportation Cloud Operating Systems Software Upgrades

Automakers Move Toward OTA Software Upgrades 157

Lucas123 writes: While some carmakers today offer over-the-air software upgrades to navigation maps and infotainment head units, Tesla became the first last week to perform a powertrain upgrade overnight. But as the industry begins adopting internal vehicle bus standards with greater bandwidth and more robust security, experts believe vehicle owners will no longer be required to visit dealerships or perform downloads to USB sticks. IHS predicts that in the next three to five years, most, if not all automakers, will offer fully fledged OTA software-enabled platforms that encompass upgrades to every vehicle system — from infotainment, safety, comfort, and powertrain. First, however, carmakers must deploy more open OS platforms, remove hardened firewalls between vehicle ECUs, and deploy networking topologies such as Ethernet, with proven security.
This discussion has been archived. No new comments can be posted.

Automakers Move Toward OTA Software Upgrades

Comments Filter:
  • by SoCalChris ( 573049 ) on Friday February 06, 2015 @01:07PM (#48999523) Journal
    What could possibly go wrong?
    • by zidium ( 2550286 ) on Friday February 06, 2015 @01:15PM (#48999611) Homepage

      Worst case? The only ship to survive will be the one without wifi! (Battlestar Galactica)

      https://www.youtube.com/watch?... [youtube.com]

    • by Anonymous Coward
      What could go wrong? Only the same things that go wrong with anything else that connects to the internet. The possibility that your car could be bricked. Could put repo men out of business, though.
    • BS (Score:5, Informative)

      by stooo ( 2202012 ) on Friday February 06, 2015 @02:19PM (#49000299)

      >> What could possibly go wrong?
      Nothing. There are hardly any firewalls between ECUs. Firewalls do not exist on CAN.
      The article is written by someone with no insight in car architecture :

      >> First, however, carmakers must deploy more open OS platforms
      Nothing to do with the reflashing

      >> remove hardened firewalls between vehicle ECUs
      There aren't any firewalls

      >> and deploy networking topologies such as Ethernet, with proven security.
      Ethernet is already widely deployed in cars for data hungry applications ( infotainment) For other uses, ethernet is absolutely not suitable ( price, power, wiring constraints, EMC, safety, .....)

      • Re: (Score:2, Funny)

        by Anonymous Coward

        Yes, there is a firewall. It sits between your feet and the engine compartment. It is made of metal and designed to prevent fire from spreading. That said, i do not see why it would be necessary to remove it for OTA updates to succeed.

      • Nothing. There are hardly any firewalls between ECUs. Firewalls do not exist on CAN.

        What? Who told you that? There are CAN gateways in some cars, and they don't pass all messages to all buses. That's a firewall in my book. They're not switches, they don't autoreconfigure or anything like that.

      • by WarJolt ( 990309 )

        >> and deploy networking topologies such as Ethernet, with proven security.
        Ethernet is already widely deployed in cars for data hungry applications ( infotainment) For other uses, ethernet is absolutely not suitable ( price, power, wiring constraints, EMC, safety, .....)

        That's why they are using 2-wire ethernet.
        https://www.broadcom.com/press... [broadcom.com]

        I'm not sure where you got that information about Ethernet widely deployed in cars for Infotainment. If you can send me an article about that I'd really like to read it.

  • by Anonymous Coward on Friday February 06, 2015 @01:08PM (#48999539)

    Will they be cut off after 6mo-1year
    and they want the new update BUY A NEW CAR.

    I hope auto drive systems have at least 5 years of updates at no added cost.

  • by fahrbot-bot ( 874524 ) on Friday February 06, 2015 @01:16PM (#48999625)

    So the vendor can/will push an update OTA to *my* vehicle w/o my specific consent?

    Also... Imagine (a) needing to use your vehicle - for an emergency, perhaps, in the middle of the night only to be met the dashboard message: "Update in progress; Please wait ..." or (b) waking up to a bricked vehicle from a bad update.

    • So the vendor can/will push an update OTA to *my* vehicle w/o my specific consent?

      You've never signed paperwork at a dealer? You know their attorneys will have this air-tight.

      Personally, I'm driving pre-TPMS vehicles until the whole mess is straightened out. Maybe they'll have a reliable autopilot by time that happens.

      • You've never signed paperwork at a dealer? You know their attorneys will have this air-tight.

        Paperwork signed at a dealership can never be air-tight. Look up Contracts of adhesion [wikipedia.org].

        • Look up Contracts of adhesion.

          If the term was outside of the reasonable expectations ... / ... together with terms which are so oppressive that no reasonable person would make them and no fair and honest person would accept them." (Fanning v. Fritz's Pontiac-Cadillac-Buick Inc.)

          Betcha a dollar that no judge would rule that a car company pushing OTA updates would fall under any of those categories. Just because I/you/they don't want something, doesn't mean it's legally unreasonable by the other party.

      • Re: (Score:1, Funny)

        If you want to be really safe, don't buy anything made after 1971, something you can fix with a screwdriver and a hammer, especially when you know which end of the screwdriver to hit.

    • by sinij ( 911942 )
      What you describe is unpleasant, but unlikely to have broad negative impact. Sure, you will hear about it on the new now and then.

      What is more dangerous, is that with two way communication car makers will be able to implement DRM schemes. So no more aftermarket alternator for you, shell out for $1000 for a new part that will have to get authorized form headquarters.
    • My GFs windows laptop does that all the time. PISSES ME OFF!!!
      • You know you can turn that off, though, right? I don't have auto-updates enabled on any of my Windows boxes.

        They need to offer the same options in cars if they do this: let you a) auto-update, b) download updates but only install with permission, and c) notify about updates but do not download or install without permission. If they do that I'm okay with something like this, but if car makers can push out things arbitrarily that is a no-go for me. It would mean that a hacker could potentially also force an u

      • My GFs windows laptop does that all the time. PISSES ME OFF!!!

        Get your own laptop, you leeching bum.

    • by dj245 ( 732906 )

      So the vendor can/will push an update OTA to *my* vehicle w/o my specific consent?

      Also... Imagine (a) needing to use your vehicle - for an emergency, perhaps, in the middle of the night only to be met the dashboard message: "Update in progress; Please wait ..." or (b) waking up to a bricked vehicle from a bad update.

      Let's see how it is implemented before we make that kind of complaint. Any piece of software actually critical to the function of the engine is probably very small in size and quickly installed. GPS maps and entertainment systems shouldn't exclude driving the car. I'm looking forward to possibly interacting with the car maker directly rather than having to deal with the dealerships.

      The last car I bought had an outdated GPS system, so I wrote in the contract that they must update it at their expense.

      • Re: (Score:3, Insightful)

        Let's see how it is implemented before we make that kind of complaint.

        The problem is, some of us are over 21, and have seen the other things the auto industry has implemented. The omens are all bad here. (I can feel the force).

        If you want control over when and where your vehicle will go, you need a mechanically injected diesel. (No need for electricity at all). See today's post on tractors: "Farmers Struggling With High-Tech Farm Equipment". Hooray for hot-bulb engines!

      • Let's see how it is implemented before we make that kind of complaint.

        You must be new here.

    • by PhrostyMcByte ( 589271 ) <phrosty@gmail.com> on Friday February 06, 2015 @02:03PM (#49000119) Homepage

      It does have some advantages. I got the Scion FR-S the day it came out. The original firmware had a number of small issues and one very serious one.

      At a specific load and intake volume, the car wouldn't push enough fuel. It ended up being dangerously lean and it was found that those who stayed at that point for too long would have a catastrophic failure from their direct injector seals melting, necessitating a full block replacement.

      An ECU update came out a while later that fixed it, but nobody was notified. Cars coming in for service don't get it automatically -- the techs aren't even told about it. 99% of those original cars remain unupdated. Anyone who chooses some "spirited" driving on a hot day is at risk.

      An OTA update would solve issues like this really smoothly for a lot of people. I'm all for it.

      • by eth1 ( 94901 )

        It does have some advantages. I got the Scion FR-S the day it came out. The original firmware had a number of small issues and one very serious one.

        At a specific load and intake volume, the car wouldn't push enough fuel. It ended up being dangerously lean and it was found that those who stayed at that point for too long would have a catastrophic failure from their direct injector seals melting, necessitating a full block replacement.

        An ECU update came out a while later that fixed it, but nobody was notified. Cars coming in for service don't get it automatically -- the techs aren't even told about it. 99% of those original cars remain unupdated. Anyone who chooses some "spirited" driving on a hot day is at risk.

        An OTA update would solve issues like this really smoothly for a lot of people. I'm all for it.

        My fear is that the easier it is for manufacturers to update the software, the sloppier it will be on initial release. You already see this with computer software. It'll be terrible until six months after the cars go on sale (and maybe longer). Then they'll give up entirely a few years later when the new revision comes out.

        I appreciate my 14-year-old car with manual, physical switches and buttons for everything more every time I get in a new car these days.

    • by AaronW ( 33736 ) on Friday February 06, 2015 @02:04PM (#49000129) Homepage

      All of the OTA updates to my Tesla ask me if and when to install the updates. Usually it's a no brainer.

    • by zwede ( 1478355 )
      At least in the case of Tesla, the update will only be done if you allow it. The screen displays a message that an update is available and gives you the option of scheduling it for later that day, immediately, or you can close the message. If you close it it will nag you a few times but will eventually stop.

      But I could see other manufacturers not giving the option to refuse an update.
    • That's one reason why I drive cars built in the previous millennium, and have no plans to every buy one built after 2005 or so.

      (Of course, if I were really paranoid I'd get an old diesel Benz with mechanical injection -- those things can operate without an electrical system at all, as long as you don't mind things like headlights and windshield wipers not working, and having to push-start it).

  • by fermion ( 181285 ) on Friday February 06, 2015 @01:18PM (#48999639) Homepage Journal
    MS probably tests upgrades more than any, but a few computers usually go nuts after an upgrade. You can blame the open hardware of MS computers, but then think of apple. They have very closed hardware in the iPhone, but still a few iPhones go nuts after upgrade.

    Automatically upgrading non critical systems makes sense. Upgrading the working of a car through a insecure interface is nuts, automatically more so. You leave work to go home, the upgrade failed, you are stranded. Someone hacks the interface, upgrades you car to their car, you no longer have a car.

    I am sure people are going to attack dealers over this as well. But when I needed the firmware of my car upgraded to allow the new commutation standard, I drove the car to my friendly ane highly reputable dealer, they upgrade the software for free, made sure everything still worked, and I did not have to risk the upgrade would brick my car.

    • Re: (Score:3, Funny)

      by jmcwork ( 564008 )
      MS certainly does test their upgrades. I have been a beta tester for years: Every time I press that icon that says "You have updates available" ....
    • I drove the car to my friendly ane highly reputable dealer

      You have just shown you are not a representative sample.

    • by AaronW ( 33736 )

      Out of curiosity I put a packet sniffer on the traffic from my Tesla. All traffic is sent over OpenVPN so it is fairly secure. NMAP reports no open ports.

    • MIcrosoft isn't a closed system; they have to deal with unpredictable interactions with third-party software in addition to the number of possible states their own software could be in. Critical systems like a car are just designed differently. There isn't going to be third-party software running on the automatic transmission controller. That being said, OTA updates to vehicle firmware is second only to ATM's in terms of its attractiveness both to criminals and government agencies. I can only say beware
  • I had a car that at about 18,000 miles, had its "check engine" light come on. I ignored it as I knew from past experience, that this car had no major problems. This light remained on till 29,000 miles when the car started shaking while at about 80 mph.

    Any speed lower than that would be without problems. I decided to have it checked out. The dealership wanted $480 to for a new sensor. Without fixing, this car "will stall on you one day" he said.

    Well, stubborn as I am, I ignored his advice. I added another

    • by sinij ( 911942 ) on Friday February 06, 2015 @01:39PM (#48999871)
      People like you is why I don't buy used cars. It is unsafe to ignore check engine light, if you don't trust the dealer, then get cheap OBDII reader and scan error codes yourself.
      • by Lumpy ( 12016 ) on Friday February 06, 2015 @01:51PM (#48999985) Homepage

        Why bother with that when he can shift into neutral at 10 mph over the speed limit and redline it. He knows better than anyone else.

        • by sinij ( 911942 )
          Exactly. I don't know how you could complain that modern cars are not reliable after regularly doing this and still having it drive every day for well over 120,000 miles.

          For people not mechanically inclined - redlining engine in neutral is fundamentally bad idea. Engines designed to operate under load, when you do this unloaded you are causing all kinds of internal bearing damage. More so, automatic transmissions are not designed to be repeatedly shifted into Neutral-Drive at highway speeds. When you shift
      • Mine has a 'call your mother' light. Damn thing comes on twice a week but I don't dare ignore it!

      • by sjames ( 1099 )

        Given that he went another 120K miles, I'd say he was right to ignore it.

      • He has to be trolling. The whole post reads like a troll. In order for him to actually have done that, he'd have to be so stupid that he'd barely be able to string words together, like that Joe Dragon character who still posts here for some reason.
    • by sinij ( 911942 ) on Friday February 06, 2015 @01:50PM (#48999969)

      I ignored it as I knew from past experience, that this car had no major problems.

      I am with you, the other day I was patching mission-critical server when I noticed SMART errors. I ignored it, as I know from past experiences that this server had no major problems.

      At some point, at above 90% load the server started random kernel panics. Any lower load than that would be without any problems. I decided to have sysadmin check it out. He wanted $480 for a new hard disk. Without fixing, this "server would permanently lose data one day" he said.

      Well, stubborn as I am, I ignored his advice. I added couple months on it without any problems at all. When it kernel panics, I would just reboot it...At one time, I thought my reset button may be dirty - it wasn't.

    • by OzPeter ( 195038 )

      I had a car that at about 18,000 miles, had its "check engine" light come on. I ignored it as I knew from past experience, that this car had no major problems. This light remained on till 29,000 miles when the car started shaking while at about 80 mph.

      Any speed lower than that would be without problems.

      On the other hand, I once had a car that where the check engine light came on every now and again for no apparent reason at all. I took it in to be repaired and it turned out to be a trivial sensor that needed replacing.

      Then later on, every now and again the engine would "splutter" and the check engine would come on, but would stay off the next time the car was started. As the "spluttering" seemed trivial (and that the light always went out again) I was thinking that the problem was also trivial. After s

      • by Anonymous Coward

        just gonna say, a camshaft position sensor doesn't do anything except read off the angle of the camshaft to the computer. It won't ruin your top end when it fails, just cause the car to die. So either something else was wrong or you got screwed.

      • by sjames ( 1099 )

        You can also blame bad design for that. Note how the trivial failure makes darned sure you go get it serviced but the important one gives only momentary notice then signals all's well.

    • by Anonymous Coward

      You're an idiot. That's all there is to say.

    • by AaronW ( 33736 )

      That reminds me of BMW. You have to take the car in to the dealership if you change the battery. [bimmerforums.com] The new BMW I8 makes it almost impossible to work on. You need two people to open the hood [youtube.com] and you have to know exactly what you're doing so you don't damage it.

      • That is absolutely horrible. The doors and hood are completely electric for absolutely no reason. In a just world, it would be illegal to design a car like that. Those things should be completely banned from sale.
        • The i8 is comparable in specialness to a high-end ferrari. Nobody will accidentally buy one. People for whom that is an arduous restriction can't afford one. They're worth more used than new, since they're otherwise not available.

          • That's true for now, and if "features" like this stay only in exotic cars like this one, then that's fine with me. I doubt that they will, though, and that's the problem that I have with that car.
            • f "features" like this stay only in exotic cars like this one, then that's fine with me. I doubt that they will, though,

              I think they will, because I think that if automakers push too much harder, they'll wind up forced to give us more repair information than we're even asking for so far.

  • by Anonymous Coward on Friday February 06, 2015 @01:26PM (#48999733)

    This is mostly for updates that remove or reduce features.

    EXAMPLE. I own a Mitsubishi Lancer Evolution X, big time performance car. It comes with HID lights that have a switch inside the cabin for adjusting the leveling.

    Apparently enough fools are setting it to the max height setting that the feature was deemed illegal and a TSB was sent to Mitsubishi dealers informing them to disable the switch and fix the lights at a certain height.

    I personally love being able to aim my headlights down lower towards the ground when driving through my neighborhood at 1am and adjust my headlights higher for country gravel roads.

    For that very reason I haven't let the dealer touch my car. I don't want to visit them to LOSE features. So I won't let them have it. They also want to change a torque reduction value in the ECU to save their ass on warranty by reducing my cars performance. I won't let them change that either.

    OTA is to fix the problem of unwanted updates. Things where you no longer desire the "upgrade" because it removes control from you. You should really fight this because it will eventually be used to control you like a slave.

    I'm waiting for a big plane to crash or bomb to go off in the future where suddenly all cars get an OTA upgrade that enforces a "no-drive-zone" around certain important geo-coordinates. Everyone would freak out and then question how they let something like that take over their cars....

    • They also want to change a torque reduction value in the ECU to save their ass on warranty by reducing my cars performance

      I smell class action lawsuit. If you have engine specs advertised, you can't go back and change them post-sales. What if you wanted to purchase a WRX, but the Lancer had an edge in specs that made you want it instead. Now you have buyers remorse because of a detuned engine AFTER YOU PURCHASED THE CAR!. Yeah, fuck that!

      I have no problems with them saying "Here's an extra option to detune

    • by mspohr ( 589790 )

      So you want to have the right to blind oncoming drivers without pesky interference from the gumment?

  • Or rather, do not want unless there it is "off" by default and it's only turned on when I want to turn it on.

    While I am okay with a non-signed binary for an in-peson/over-USB-disk upgrade so I can hack my car, when it comes to OTA upgrades that by definition might happen when I'm not controlling the process, the software better be signed by someone I trust.

    • by Anonymous Coward

      Or rather, do not want unless there it is "off" by default and it's only turned on when I want to turn it on.

      While I am okay with a non-signed binary for an in-peson/over-USB-disk upgrade so I can hack my car, when it comes to OTA upgrades that by definition might happen when I'm not controlling the process, the software better be signed by someone I trust.

      Which excludes anybody in the car selling and maintenance business, at least for me.

  • by PPH ( 736903 ) on Friday February 06, 2015 @01:30PM (#48999775)

    You'll be taking the bus to work Wednesday morning should something go wrong.

  • So some fucking OTA update is going to fail while you're in the middle of driving because it just happened without asking you?

    This sounds like some epic stupidity there.

    I would NOT accept a car company arbitrarily making changes to my car without my knowledge or consent.

    This is not a toy, this is not an app ... this is a freaking car, and if it is MY car, you will only modify it when you have MY express permission. Not just because you think it's a good idea or want to hide your previous mistakes.

    If these

    • Re:Oh HELL no ... (Score:4, Informative)

      by vux984 ( 928602 ) on Friday February 06, 2015 @03:38PM (#49001045)

      So some fucking OTA update is going to fail while you're in the middle of driving because it just happened without asking you?

      Nice strawman you've constructed. The one car that does OTA updates right now (Tesla) downloads them and then prompts you when to do them, so you can wait until your home in your garage. You don't hear any Tesla owners complaining do you?

      Mobile phones are another device with OTA update support. Have you heard a lot of stories where the phone interrupted a 911 call to do an ota update and then failed? No? Because it never happens. The phone says theres an update ready, and waits for you initiate... most of them will even refuse to go if you are low battery, and most recommend you be plugged into a charger for the update... absolutely none ever have just spontaneously decided to update during a call.

      This is so incredibly stupid as to defy belief.

      Why manufacture imaginary problems to be outraged about; there are plenty of real problems in the world. But OTA updates isn't one of them.

      • by epyT-R ( 613989 )

        tesla chose to offer you a choice. they still retain the power. that's the problem. only solution is to short the cell antenna to ground.

      • Just because Tesla Motors has chosen to do OTA updates intelligently (so far), that does not imply that General Motors or Ford will do so. I would lay money on GM being the first to force an OTA update and the first to brick more than a thousand cars at once.

  • by Lumpy ( 12016 )

    Sorry but my BMW has had an ethernet backbone inside it for years. My ODB-II connector has pins used for ethernet connection for programming and coding.

    It seems the article writer has zero education about modern cars. Oh and "proven security" called isolated networks are just fine.

    The Telecommunications module can easily be a 2 part box that has a second processor specific for system updates. Telcom side downloads the file, update side looks at the file in the flash storage and checks not only it's chec

    • It seems the article writer has zero education about modern cars

      I have come to the conclusion that most articles when they say "experts believe" you should substitute it for "some moron thinks this will happen".

      I think this is a terrible idea, and is more of the "oh, you don't own the car, we just license it to you". Sorry, if it isn't mine, and I'm not the one who makes decision about it ... WTF would I give you money for it then?

      It is my car, and I, and I alone will decide what happens to it and when it

      • by Lumpy ( 12016 )

        The answer then is to not buy anything after 2007. Most everything previous to that is very well hacked and 3rd party documented so you can call it 100% your car as you can modify every part of it as you see fit.

    • by Anonymous Coward

      And GM *could* have used a slightly stronger spring in the ignition key switches so that heavy key rings wouldn't shut off the engine mid-drive and kill people.

      But they didn't, because pennies for extra metal. Pay the vastly larger cost for a second processor? ... that's less likely than RedHat stripping systemd back out of their distro.

  • If you don't allow updates, then a drive-by-wire car with a bunch of wireless systems (keyless entry, keyless starter, bluetooth, cellular, 802.11p (DSRC), ... ?) connected to its bus is a timebomb. If updates are allowed, at least there is a way to fix problems on a larger scale. If that update mechanism is the open Internet, then it presents an attractive large-scale, low-risk target. An OTA update mechanism that is privately networked (eg, dedicated cellular APN) might at least make mass attacks by re

    • If you don't allow updates, then a drive-by-wire car with a bunch of wireless systems (keyless entry, keyless starter, bluetooth, cellular, 802.11p (DSRC), ... ?) connected to its bus is a timebomb. If updates are allowed

      This is the best reason I can think of to be against easy updates and unnecessary complexity. If a component needs to be constantly updated to not become a "timebomb" it has no business existing in the first place.

      There needs to be a cost (e.g. recall) involved or people will feel no pressure to resist market pressure to enroll us all in their endless beta programs.

    • by epyT-R ( 613989 )

      Heh, solutions to problems that wouldn't exist if that computer wasn't there to begin with, right? Also, there's the problem of 'legal' access to the system. If the backdoor exists it will be used.

      I'd rather not have the connectivity because there's too many grubby fingers looking to separate me from control over my vehicle. It's also safer. If something is wrong, I want to be notified and make a choice before any work is done.

  • Do. Not. Want.

    If you have something to offer in terms of genuine improvement to my vehicle's performance or its systems, then you can offer it to me in a safe and secure way that I can retain control over whether or not it is applied, and when. I do not want any part of my vehicle's systems - be they critical or seemingly trivial - to be remotely accessible and able to be changed or updated by other people or the manufacturer.

    Not only do I not want people to be able to use any sort of wireless technol
  • by X10 ( 186866 )

    Right when I'm overtaking, my car decides to do an OTA update of it's software. The controls block for about ten seconds, during which time I careen into a truck coming from the opposite side. Will my insurance cover for that?

    • Re:OMG (Score:4, Informative)

      by radl33t ( 900691 ) on Friday February 06, 2015 @03:02PM (#49000707)
      yep, i'm sure they never thought of that. good thing clever guys like yourself are around to ask the really hard questions.
    • by mspohr ( 589790 )

      OMG! The geniuses at /. have again come up with something that I'm sure no automotive software engineer has ever considered.
      Quick! Call the auto companies and tell the they are about to make a big mistake. I'm sure they will thank you profusely.

    • We're making fun of you right now, but to be honest it isn't dumb to be worried.

      Spacecraft and aircraft are highly computerized, and have redundant systems because accidents are either very deadly or very expensive and likely both. What you're talking about sounds like a scenario in which federal regulations have failed to force car makers to introduce this level of safety. Depending on the automaker, even if an engineer is aware of the risks, it may be out of his control and his employer could ultimately d

  • by janoc ( 699997 ) on Friday February 06, 2015 @02:00PM (#49000101)

    I am not against the ability to perform an OTA update in principle, but considering how abysmal record with firmware (and software in general) these companies have, this is a major disaster waiting to happen.

    When Microsoft, Apple or Google botch an update, there will be a few dead computers or phones at worst. If someone like e.g. Toyota or BMW (both with a "proven" record of poor quality firmware - think "stuck" accelerators or the famous BMW video of stalling car spitting out its key at the driver) push an automatic OTA update and something unexpected fails, there will be *dead people* in addition to dead computers. And something *will* fail sooner or later - we are far far from the ability to write provably correct code as a matter of course. And embedded code is often one of the worst examples of both software engineering (non-)methods and quality, mainly because it costs money and time to do things properly instead of outsourcing the firmware to the lowest bidder somewhere in a sweatshop. Nobody will ever see that code anyway, right?

    The only way this can work safely is with previous user's authorization - i.e. *never* automatically and unattended. In that way I can make sure that I am safely stopped and not going 130 kph on a motorway when my engine or brakes decide to go bust on me. That is, AFAIK, what Tesla is doing (a message pops up and the driver needs to accept the update). However, unless this mode of operation is made mandatory, some dickhead will for sure push an automatic update at some point. It is just too tempting to not to and I would be surprised if Tesla didn't have an option to push a "silent" update too already ...

    The other point that nobody reacted on so far - do you really want an always-on, always phoning home wireless connection in your car? That's a wet dream come true for anyone who wants to track your car for whatever reason. Tesla is doing it for (ostensibly) performance tracking (and, conveniently, busting lying journalists), your insurance may start to require access to that data if you want to keep your premiums low and finally police and spooks will rejoice, because they don't even have to bug your car or bother with license plate cameras anymore ...

    • Re: (Score:2, Insightful)

      by adolf ( 21054 )

      Cars are, today, often reflashed with new firmware as part of dealer servicing, usually without the owner being aware (or caring, for that matter).

      Nobody dies. Brakes keep working.

      Runaway Toyotas didn't have a software problem. They had a mechanical problem wherein the pedal would get physically get stuck, and they fixed that in a mechanical way by adding a plastic widget to the bottom of the accelerator pedal.

      Mind you, a software update was also applied, presumably to make such keyless cars easier to shu

      • by janoc ( 699997 )

        Having cars reflashed at a dealership is something different - the mechanic will usually do at least some basic sanity tests that everything works before handing it over to the client.

        Anyway, my point wasn't that reflashing firmware is bad - it may be even required and I am fine with that. It needs to be done safely and securely, though!

        And yes, Toyota had a big software problem too, even though it wasn't why they have lost that accelerator pedal lawsuit:

        http://www.edn.com/design/auto... [edn.com]

  • Why should we need to do this in the first place? Answer: We shouldn't need to do it.
  • Excuse me, I'm making a local hacker site to "upload" "fixes" to your car's OS.

    Ooh, another one bit! Now to do Car Wars (SJG) IRL!

  • I will never let a dealer touch my ECU. I explicitly forbid them for "flashing" or "updating" it. I have had two examples of where my ECU were updated (without my permission) and they have ruined a car. One was a EPA change which made my car run 5 MPG less after that oil change (at a dealer, who updated the ECU). The other added some self tests to the car which made me lemon law it (but every single person that got these changes, had this issue).

    If there is nothing wrong, I don't want any changes done t

  • How fucking idiotic could you be?

    Why would we create a world where a terrorist organization or other deeply flawed institution could take physical control of vehicles over the air?

    There's no use speculating on whether it would happen -- if it can, it will and you won't be told when it does, because that would hurt sales or national security or whatever.

    Keep the hardened firewalls. Keep it IMPOSSIBLE to do. Keep the fuck out of MY STUFF except with my permission.
  • Remote access to update software on your car.
    You mean remote access for someone trying to screw with your car.
    I guess they're going to have to add some new entries under 'wardriving'.

    Like everything else that can be abused, if it can, it will be, and this one is so much easier than actually having to get physical access to the car first...
  • While some carmakers today offer over-the-air software upgrades to navigation maps and infotainment head units,

    Others, such as Toyota, want to charge you $250 US for a one time update to the maps. Then they wonder why I still have a Garmin stuck to my windshield. Thanks for nothing Toyota.

    • by eth1 ( 94901 )

      While some carmakers today offer over-the-air software upgrades to navigation maps and infotainment head units,

      Others, such as Toyota, want to charge you $250 US for a one time update to the maps. Then they wonder why I still have a Garmin stuck to my windshield. Thanks for nothing Toyota.

      A better question is why the hell would you spend $3k on their stupid "navigation package" when that amount of money would buy a brand new Garmin every year (with current maps included) for THREE DECADES??

  • I worry about this stuff making cars less reliable. I have a car that is pretty much 100 percent mechanical. I don't think there is any computerized anything in it that is relevant to it. I'd just assume keep it that way.

    I like my tech as bolt ons to the car. Give me the GPS and the stereo and whatever. But I'd like the portion of the car that is a car to be a "car" and not a computer.

    I don't trust this nonsense when I'm going down the road at 80 miles an hour. Some of these systems are getting control of t

  • Change your default password!

The gent who wakes up and finds himself a success hasn't been asleep.

Working...