Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Transportation

Automakers Now Have To Comply With MA's Right To Repair Law (techcrunch.com) 53

Posted by BeauHD from the red-light-green-light dept.
An anonymous reader quotes a report from TechCrunch: The National Highway Traffic Safety Administration (NHTSA) said Tuesday automakers can comply with a Massachusetts Right to Repair law, reversing a previous directive to ignore the state legislation. Massachusetts's Right to Repair law was a ballot initiative that passed overwhelmingly in 2020. The law requires auto manufacturers that sell cars in the state to equip vehicles with a standardized open data platform so that owners and independent mechanics can access telematics data for repairs, maintenance and diagnostics. In June 2023, NHTSA told automakers they needn't comply with the law, citing hacking concerns. The agency claimed sharing vehicle data would enable criminals to steal data or take control of cars remotely.

NHTSA now says the law can roll out, with some caveats. Automakers can safely share diagnostic data with independent mechanics using short-range wireless technology. Long-range wireless signals, though, could potentially allow hackers to send dangerous commands to moving vehicles. The auto safety agency also said automakers should be allowed "a reasonable period of time" to put the technology in place. "[The U.S. Department of Transportation] strongly supports the right to repair and is eager to promote consumers' ability to choose independent or DIY repairs without compromising safety to themselves or others on our nation's roads," said Ben Halle, director of public affairs at USDOT. "The clarifications contained in the exchange of letters between state and federal partners ensure a path forward to promote competition and give consumers more options, while mitigating a dangerous risk to safety."
This discussion has been archived. No new comments can be posted.

Automakers Now Have To Comply With MA's Right To Repair Law More

Automakers Now Have To Comply With MA's Right To Repair Law

Comments Filter:

  • The auto safety agency also said automakers should be allowed "a reasonable period of time" to put the technology in place.

    There are likely going to be a variety of ideas as to what is "reasonable". It is not unusual for it to take two to three years from concept to implementation to make a software architecture change in a given vehicle model. There are a bunch of reasons for this, some of them valid, and some not, but the speed at which software changes flow into vehicles is very different than the software development cycles that most readers in this forum are accustomed to.

    • "a reasonable period of time" is 2020 to 2023.

      A temporary stay doesn't reset the clock.

      Hoping they won't have to comply with the law doesn't stop the clock.

      If they're not almost ready that sounds like criminal conduct.

    • Re: (Score:3)

      by sjames ( 1099 )

      If only they had some sort of technology they could readily use, a port of some sort that would provide diagnostics. They could put it onboard the car...

      But I'm sure they'll make it as hard as the law allows and whine and moan the whole time. I wouldn't rule out stamping their feet and holding their breath.

      • Re: (Score:2)

        by Nkwe ( 604125 )
        Of course all modern cars already have an onboard diagnostics port. For data items that can be read with a simple scanner nothing has to change. For items that require magic decoder ring software or special decryption keys, that software and those keys could be provided. However there can also be diagnostic data that is not available via the OBD2 port, data that may be delivered to automakers back offices via other data channels or only available via proprietary interfaces. For this kind of data, vehicle so

        • Re: (Score:3)

          by sjames ( 1099 )

          It depends on how clean their design is and how well they manage revisions. It SHOULDN'T take very long, and it SHOULD be something they can update after the fact, even on already built cars. But I'm guessing they'll drag their feet as much as their lawyers think they can get away with.

          Of course, evidence to date suggests that the automakers SUCK at software design and implementation.

          • Of course, evidence to date suggests that the automakers SUCK at software design and implementation.

            Software? They allow a fucking headlamp plug to disable the engine's immobilizer, unlock the doors, and start the vehicle. [autoblog.com] They are a long way away from getting software right.

            • Re: (Score:2)

              by sjames ( 1099 )

              The sad part is that with a few security measures, they could make a CANbus port externally available with no security risks (other than faulty design) using public keys and a designated security processor on the bus (I would advise 2 in case the first one fails, they should be cheap).

              But, of course, they SUCK at firmware.

              • No need to go that far. Trucks already have that in form of FMS - it is a read-only and standartised subset of CAN. For additional security they can make it hardware-readonly with a contactless CAN reader.

                • Re: (Score:2)

                  by sjames ( 1099 )

                  But better if it does, there are a number of legitimate reasons a car owner may want after-market hardware that can freely manipulate things via CANbus. In such a case, they should be able to use their legitimate owner key (AKA the key in the keyfob) as an introducer. Diagnostic data is just one aspect of the right to repair and the related right to modify.

                  • A modified car will lose its certification for public roads anyway hence there is no need for such an interface. If people want to modify their cars to drive on race tracks or if they are willing to get an unique certificate for their modified car they can just as well use the internal CAN.
                    My software runs in thousands of trucks, but write access to the CAN is a big no-no. Only actual vehicle components are supposed to write there.

                    • A modified car will lose its certification for public roads anyway hence there is no need for such an interface.

                      Who told you that, and why did you believe it?

                      My software runs in thousands of trucks, but write access to the CAN is a big no-no. Only actual vehicle components are supposed to write there.

                      Yes, and that approach to security (depending on good will) is why automobiles are such a security shit show. Expecting malicious equipment not to write there doesn't work. Meanwhile there's plenty of functionality in modules on the CAN bus which IS locked down with a code... to prevent the user from doing their own work. Security has been ignored except as a means of protecting income streams for automakers.

                    • Re: (Score:2)

                      by sjames ( 1099 )

                      Not really, no. For example, I might want to add an actually secure device that allows me to unlock the doors using bluetooth on my phone. That device needs to be able to command at least the driver's door to unlock. A proper design would allow the owner to introduce such a device to the system using their key but not allow a car thief to take control of the car through the headlight.

                      There are some things that shouldn't be written to since they could cause emissions to fail, but those can be secured without

                    • Who told you that, and why did you believe it?

                      Since I used to work in automotive, I had to know at least the basics of the EU automotive codes. And what exactly makes you think you can make any modifications to your car and it stays street legal?

                      And as for the rest, you are confusing CAN with DRM.

                    • You are not supposed to add uncertified components to your vehicle.

                    • Re: (Score:2)

                      by sjames ( 1099 )

                      I guess you've never heard of the extensive culture of modifying cars in the U.s, or even after-market stereos.

  • "Long-range wireless signals, though, could potentially allow hackers to send dangerous commands to moving vehicles."

    So they're going to disable the long range wireless interface... Right? Right? On account of it being soooo hackable.

    • It's bullshit talk to confuse anyone that doesn't understand technology.

      • An interesting fact is that they now remembered about this law. I remember writing an analysis on it in college in 2020. By the way, for students who need help with homework, I advise you to check site https://essays.edubirdie.com/l... [edubirdie.com], this is an excellent site where you will be happy to help you quickly with your work. Several times I ordered works on the topic of the law from them, and I was satisfied.

    • Re: (Score:2)

      by ve3oat ( 884827 )
      I don't want a car that has *any* wireless interface. Why does any car need a wireless interface anyway? What is wrong with a standard CAT6 Ethernet connection for data transfer?

      What is next? Bluetooth? Neutrino beams? Just because it can be done does not make it automatically better.

      • Re: (Score:3)

        by stooo ( 2202012 )

        It is for safety, dummy.
        Each car is required to have emergency mobile "SOS" function.
        The question is, which manufacturer is going to disable the 5G modem when the SOS button is not pressed ?

        • Each car is required to have emergency mobile "SOS" function.

          [citation needed]

        • Re: (Score:2)

          by ve3oat ( 884827 )
          "required to have ..." ?? Really? Who asked for this "feature"? I thought that's what cell phones were for.

          And I suppose that these are the same manufacturers who are so surprised at all of the car thefts that are now enabled by the (wireless) keyless-entry system. Another feature that no one asked for, or at least no one who really thought about it. So who is the "dummy" here?

        • Ecall is mandatory in all of europe since 2018.

          USA will follow at some point.

  • Kia has disabled their "Kia Connect" app and subscription service in MA for all new EVs, supposedly due to this law. I just got an EV6 and had to sign a waiver saying I know the app is non-functional for all cars sold in Massachusetts. No remote start, no software updates (except at the dealer), nothing. It's basically them saying "we'll just take our ball and go home, then." Of course there are ways they could tweak the service to allow non-covered functions but they're not doing that.

    • Sounds like the solution to that is to not buy a Kia until they fix that. Hurt them in the pocketbook, the only way they care.

    • Hyundai and Kia are the least competent automakers on the planet. Why would you buy one? Their gasoline cars are known for bursting into flames during normal operation, why would you buy their EV WITH A NCM LIPO BATTERY? You do know that LiPos are the most fragile, most flame-prone Lithium batteries, right?

      Right?

      I just saw an EV6 for the first time yesterday. Fucker cut me off.

Slashdot Top Deals

"The medium is the massage." -- Crazy Nigel

Close