US Proposes Ban on Smart Cars With Chinese and Russian Tech (cnn.com) 45
The US Commerce Department on Monday will propose a ban on the sale or import of smart vehicles that use specific Chinese or Russian technology because of national security concerns, according to US officials. From a report: A US government investigation that began in February found a range of national security risks from embedded software and hardware from China and Russia in US vehicles, including the possibility of remote sabotage by hacking and the collection of personal data on drivers, Secretary of Commerce Gina Raimondo told reporters Sunday in a conference call.
"In extreme situations, a foreign adversary could shut down or take control of all their vehicles operating in the United States, all at the same time, causing crashes (or) blocking roads," she said. The rule would not apply to cars already on the road in the US that already have Chinese software installed, a senior administration official told CNN. The software ban would take effect for vehicles for "model year" 2027 and the hardware ban for "model year" 2030, according to the Commerce Department. The proposed regulatory action is part of a much broader struggle between the United States and China, the world's two biggest economies, to secure the supply chains of the key computing technology of the future, from semiconductors to AI software. China, in particular, has invested heavily in the connected car market, and inroads made by Chinese manufacturers in Europe have worried US officials.
"In extreme situations, a foreign adversary could shut down or take control of all their vehicles operating in the United States, all at the same time, causing crashes (or) blocking roads," she said. The rule would not apply to cars already on the road in the US that already have Chinese software installed, a senior administration official told CNN. The software ban would take effect for vehicles for "model year" 2027 and the hardware ban for "model year" 2030, according to the Commerce Department. The proposed regulatory action is part of a much broader struggle between the United States and China, the world's two biggest economies, to secure the supply chains of the key computing technology of the future, from semiconductors to AI software. China, in particular, has invested heavily in the connected car market, and inroads made by Chinese manufacturers in Europe have worried US officials.
Cars are weapons and spies (Score:2, Interesting)
You do not give control of millions of units, each a great kinetic weapon, to a potential adversary. Beyond that, you would expect them to report location and movements home, which is surprisingly useful.
Let them build and sell the vehicles or components (well... Not Russia, currently), but the vehicles should only run audited American code.
Re: (Score:2)
On the other hand, if you insist on American code then the NSA is bound to hack it. Who do you want in control of your vehicles, the NSA or the Chinese? /s
Auditing code is not going to work. Can you even be sure you have seen *all* the code? To stand a chance of working you would need teams working on it, taking cars apart down to the silicon level, and constantly reviewing updates as they come in.
And how would you lock the car down so that nobody can modify the software? Manufacturers won't be keen on givi
Re: (Score:2)
Who do you want in control of your vehicles, the NSA or the Chinese?
For monitoring and tracking, I fear the NSA/FBI/DHS.
For actual control (crashing or whatever), I fear China. The pagers in Lebanon show what can happen when an adversary controls your tech.
Re: (Score:2)
It's probably a waste of time trying to ban foreign software in critical places. Chances are the domestic stuff is just as easy to exploit, even after it's been audited. There are likely a large number of zero day vulnerabilities known only to security services that they are all holding back.
Re: (Score:2)
There are likely a large number of zero day vulnerabilities known only to security services that they are all holding back.
Almost certainly there are zero days. The question is what happens if you get int a cold war for example. If the control electronics and software has an entirely NATO based supply chain then you will be able to fix those vulnerabilities. If part of the supply chain is in China then you no longer have a way to be sure what is there and if you accept fixes to it they may well include more malware which makes the situation even worse. DARPA had various competitions to have people provide methods of auditing ch
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
If you don't work with or for the government or other sensitive area, you absolutely should be more worried about your domestic agencies. If you want a clearance, though, you pretty much give up that luxury and let them shove the scope up you whenever they want.
Re:Cars are weapons and spies (Score:4, Interesting)
Re: (Score:2)
A kill switch is a good idea. Mechanically connected brakes too, with power assist. Most steering wheels are still connected directly to the wheels too.
Re:Cars are weapons and spies (Score:4, Interesting)
Well, as an American, I'd say "better the devil you know".
First thing I'd like is, to NOT have my car connected to anything or anyone...period.
I don't want anything to be able to communicate remotely to my car....so, no cell SIM system, no radio system connections.
I don't want to send telemetry to the mothership (or any. other interested parties) and I don't want my car talking to others.
That would be a huge step to allay my fears.
They could ax bluetooth too, I have no problem plugging my music player or even phone into a USB connection to the car to play music.
Frankly, I want as little IT in my car as possible, and intent to hold onto my current manual transmission ICE vehicle for as long as possible.
Re: (Score:2)
Frankly, I want as little IT in my car as possible, and intent to hold onto my current manual transmission ICE vehicle for as long as possible.
I feel like unconnected ICE vehicles will greatly increase in value in the next decade. I won't trade mine in for anything made in the last decade.
Re: (Score:2)
I agree 100%.
And I would add to the list Keyless Entry. The only "success" of Keyless Entry is that it enables so much almost effortless car theft by suitably-equipped car thieves.
Re: (Score:2)
Well, let's start here...and work our way backwards....
Re:What about phones? (Score:4, Informative)
That seems like an even bigger problem.
The software and critical components in phones are not made in China.
The software is mostly American. The CPUs are made in Taiwan.
Re: (Score:2)
self driving cars can end up blocking roads in an (Score:2)
self driving cars can end up blocking roads in an error state / safe stop.
Re: (Score:2)
Israeli tech? (Score:2)
I'd say anything made in Israel is pretty suspect now.
Re: (Score:3)
Re: (Score:2)
This has nothing to do with security... (Score:2)
.. this is car manufacturers worried about losing money to cheaper cars (same as the chicken tax, why hasn't this been repealed). If it was about security we wouldn't get anything from china (phones/chips/tv/computers). This is just lobbyists lobbying.
Re: (Score:2)
open source (Score:5, Interesting)
It's time for an industry to spring up that allows easy electric conversion for older cars. I'd love an old ford pickup converted to electric. Something that reports nothing to anyone but me and can get me around town.
The gnarlier looking it is the better - people are more willing to let the car with dents merge into traffic I think
Cottage industry (Score:4, Informative)
There is a small cottage industry of EV conversion fabricators. A lot of the stuff they use is off the shelf.
https://www.electrifiedgarage.... [electrifiedgarage.com]
This is the home base of Rich Benoit, better known as Rich Rebuilds on Youtube, one of my absolute favorite channels. He's done insane EV conversions, including an original Mini, a Harley, and an off-road side by side. He also, more famously, dropped a Chevy LS1 in a Tesla model S (named ICE-T) which involved cutting the car in half and reassembling it to build a transmission tunnel.
Re:open source (Score:4, Informative)
It's time for an industry to spring up that allows easy electric conversion for older cars
That industry has already started to spring up, although the focus is more on restoring classic cars than the type of straightforward conversion you're seeking.
Here's a list of 10 companies in the United States who are doing conversions now.
https://revival.autos/electric-classic-car/in-depth-look-at-the-top-10-electric-car-conversion-companies-in-the-usa/ [revival.autos]
And another list, courtesy of Motor Trend.
https://www.motortrend.com/reviews/futureproof-classic-car-to-ev-electric-car-conversions/ [motortrend.com]
Re: (Score:2)
Re: (Score:2)
Yeah what I've seen is that costs more than a new Tesla and I assume is less warrantied too.
Ruh-roh! (Score:2)
Re: (Score:2)
It goes both ways (Score:2)
You know what's funny? Russian and China too have enacted rules to keep American-made products and software at bay as much as possible for exactly the same reasons. And while I have no great love for either Russia or China, I don't blame them.
Re: (Score:2)
Don't forget Israeli parts... (Score:3)
Last thing I want is my car exploding if someone thought I was being critical of Israeli policies...
Re: (Score:2)
Re: (Score:1)
...being critical of Israeli policies...
What a weird way of saying "indiscriminately launching rockets into populated areas and otherwise blowing up civilians."
I Can't Drive 8086 (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
There's no reason they can't do this, and in fact it would probably be cheaper to produce vehicles this way, but they'd rather be able to access data from the vehicle remotely, data like vehicle performance and driver habits, and in this dystopian age of 'subscriptions fo
Tesla next? (Score:3)
This seems like a reasonable concern. It would be extremely impactful if China (or anyone) were to brick fleets of cars with a few keystrokes from thousands of miles away.
So, Musk is known to have contempt for things like redundancy and security. Just look at how he gutted Twitter. With the way he has demonstrated he operates companies under his control, does anyone realistically believe Tesla hasn't already likely been compromised? Are all Teslas waiting for someone to push the "big red button" and cause every single Tesla "listening" to overpower its batteries causing a fire that can't be put out with water? There are nearly 5M Teslas out there right now. Imagine the havoc if just half ignited. It would make the Israli pager hack seem like nothing.
And the worst part would be it could be extremely difficult to ever be sure who was responsible. Politicians will point the finger pretty quickly at Russia/China/Iran/etc. But, it could also be one of the thousands of high tech FORMER employees Musk has laid off or ripped off. Or, maybe a giant oil producer would do it to set EVs back a decade or more. There are lots of candidates who would not cry if every Tesla was suddenly inoperable or was considered a giant safety hazard.
While I see the usefulness to disable vehicles that have been stolen or are being chased by police, I also see this being too powerful for any single entity to control. Like they say, with great power comes burning Teslas.
So will all so-called 'self-driving cars' (Score:2)
Half-measures (Score:2)
Just ban ALL tech imports from China. Let's face it, the globalization dream has completely failed.