Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
China Transportation United States Technology

US Proposes Ban on Smart Cars With Chinese and Russian Tech (cnn.com) 45

Posted by msmash from the escalating-matters dept.
The US Commerce Department on Monday will propose a ban on the sale or import of smart vehicles that use specific Chinese or Russian technology because of national security concerns, according to US officials. From a report: A US government investigation that began in February found a range of national security risks from embedded software and hardware from China and Russia in US vehicles, including the possibility of remote sabotage by hacking and the collection of personal data on drivers, Secretary of Commerce Gina Raimondo told reporters Sunday in a conference call.

"In extreme situations, a foreign adversary could shut down or take control of all their vehicles operating in the United States, all at the same time, causing crashes (or) blocking roads," she said. The rule would not apply to cars already on the road in the US that already have Chinese software installed, a senior administration official told CNN. The software ban would take effect for vehicles for "model year" 2027 and the hardware ban for "model year" 2030, according to the Commerce Department. The proposed regulatory action is part of a much broader struggle between the United States and China, the world's two biggest economies, to secure the supply chains of the key computing technology of the future, from semiconductors to AI software. China, in particular, has invested heavily in the connected car market, and inroads made by Chinese manufacturers in Europe have worried US officials.

US Proposes Ban on Smart Cars With Chinese and Russian Tech More | Reply

US Proposes Ban on Smart Cars With Chinese and Russian Tech

Comments Filter:

  • You do not give control of millions of units, each a great kinetic weapon, to a potential adversary. Beyond that, you would expect them to report location and movements home, which is surprisingly useful.

    Let them build and sell the vehicles or components (well... Not Russia, currently), but the vehicles should only run audited American code.

    • Re: (Score:2)

      by AmiMoJo ( 196126 )

      On the other hand, if you insist on American code then the NSA is bound to hack it. Who do you want in control of your vehicles, the NSA or the Chinese? /s

      Auditing code is not going to work. Can you even be sure you have seen *all* the code? To stand a chance of working you would need teams working on it, taking cars apart down to the silicon level, and constantly reviewing updates as they come in.

      And how would you lock the car down so that nobody can modify the software? Manufacturers won't be keen on givi

      • Who do you want in control of your vehicles, the NSA or the Chinese?

        For monitoring and tracking, I fear the NSA/FBI/DHS.

        For actual control (crashing or whatever), I fear China. The pagers in Lebanon show what can happen when an adversary controls your tech.

        • Re: (Score:2)

          by AmiMoJo ( 196126 )

          It's probably a waste of time trying to ban foreign software in critical places. Chances are the domestic stuff is just as easy to exploit, even after it's been audited. There are likely a large number of zero day vulnerabilities known only to security services that they are all holding back.

          • There are likely a large number of zero day vulnerabilities known only to security services that they are all holding back.

            Almost certainly there are zero days. The question is what happens if you get int a cold war for example. If the control electronics and software has an entirely NATO based supply chain then you will be able to fix those vulnerabilities. If part of the supply chain is in China then you no longer have a way to be sure what is there and if you accept fixes to it they may well include more malware which makes the situation even worse. DARPA had various competitions to have people provide methods of auditing ch

        • The US govt isn't always trustworthy either https://en.wikipedia.org/wiki/... [wikipedia.org] Its a collection of people, and people can be evil, and do evil things.

        • If you don't work with or for the government or other sensitive area, you absolutely should be more worried about your domestic agencies. If you want a clearance, though, you pretty much give up that luxury and let them shove the scope up you whenever they want.

      • Re:Cars are weapons and spies (Score:4, Interesting)

        by Malay2bowman ( 10422660 ) on Monday September 23, 2024 @10:57AM (#64809641)
        "Whatever the solution is, it needs to offer safety even if the car gets hacked." How about a "kill switch" that can be pressed to shut off the main computer entirely, and revert to a bare minimum system that is enough to keep "by wire" systems going, as well as required features such as exterior lights? This minimal system would be bare metal programmed with the firmware in mask ROM. That means no radio, no GPS, and no flashy toys, but you have a car that is entirely under your control for what really matters most, driving.

        • Re: (Score:2)

          by AmiMoJo ( 196126 )

          A kill switch is a good idea. Mechanically connected brakes too, with power assist. Most steering wheels are still connected directly to the wheels too.

      • Re:Cars are weapons and spies (Score:4, Interesting)

        by cayenne8 ( 626475 ) on Monday September 23, 2024 @10:57AM (#64809643) Homepage Journal

        On the other hand, if you insist on American code then the NSA is bound to hack it. Who do you want in control of your vehicles, the NSA or the Chinese? /s

        Well, as an American, I'd say "better the devil you know".

        First thing I'd like is, to NOT have my car connected to anything or anyone...period.

        I don't want anything to be able to communicate remotely to my car....so, no cell SIM system, no radio system connections.

        I don't want to send telemetry to the mothership (or any. other interested parties) and I don't want my car talking to others.

        That would be a huge step to allay my fears.

        They could ax bluetooth too, I have no problem plugging my music player or even phone into a USB connection to the car to play music.

        Frankly, I want as little IT in my car as possible, and intent to hold onto my current manual transmission ICE vehicle for as long as possible.

        • Re: (Score:2)

          by GoTeam ( 5042081 )

          Frankly, I want as little IT in my car as possible, and intent to hold onto my current manual transmission ICE vehicle for as long as possible.

          I feel like unconnected ICE vehicles will greatly increase in value in the next decade. I won't trade mine in for anything made in the last decade.

        • Re: (Score:2)

          by ve3oat ( 884827 )
          Hear! Hear!

          I agree 100%.

          And I would add to the list Keyless Entry. The only "success" of Keyless Entry is that it enables so much almost effortless car theft by suitably-equipped car thieves.

  • self driving cars can end up blocking roads in an error state / safe stop.

    • Or, they'll cause massive collisions at high speeds, creating all sorts of chaos and many deaths. SDCs all have remote control capability baked right into them because the damned things are so brain-dead that they can get 'confused' and just stop, have to 'phone home' and have a remote human operator bail them out of whatever the problem is, so if that's hacked remotely SDCs could be driven at any speed in any direction, including 100mph into other vehicles.

  • I'd say anything made in Israel is pretty suspect now.

    • Except the exploding devices were not made in Israel. The trick with intelligence coups of that sort is to have no visible connection to the items. We can ban Chinese cars and Chinese software, but can we stop them from infiltrating open-source systems either directly or through third parties?
    • Anything made in the US should be suspect after Snowden's revelations of the NSA tampering with Cisco equipment.

  • .. this is car manufacturers worried about losing money to cheaper cars (same as the chicken tax, why hasn't this been repealed). If it was about security we wouldn't get anything from china (phones/chips/tv/computers). This is just lobbyists lobbying.

    • Re: (Score:2)

      by GoTeam ( 5042081 )
      I refuse to believe that the US government isn't putting the well being of the citizens above all else! They always act altruistically!! /s

  • open source (Score:5, Interesting)

    by bugs2squash ( 1132591 ) on Monday September 23, 2024 @10:38AM (#64809583)

    It's time for an industry to spring up that allows easy electric conversion for older cars. I'd love an old ford pickup converted to electric. Something that reports nothing to anyone but me and can get me around town.

    The gnarlier looking it is the better - people are more willing to let the car with dents merge into traffic I think

  • I guess it wasn't such a good idea for the US to farm out so much of it's manufacturing base to China. The little gremlins are popping up to bite the US in the ass.

  • You know what's funny? Russian and China too have enacted rules to keep American-made products and software at bay as much as possible for exactly the same reasons. And while I have no great love for either Russia or China, I don't blame them.

    • Not to mention each other - what was it, a Russian customers agent determined by deviations in weights on a bill of lading that Chinese electric kettles entering Russia had wifi spying chips in them? Apparently every power does this.

  • Don't forget Israeli parts... (Score:3)

    by dark.nebulae ( 3950923 ) on Monday September 23, 2024 @10:55AM (#64809629)

    Last thing I want is my car exploding if someone thought I was being critical of Israeli policies...

    • if it's an EV, it might be possible for someone to do that remotely. If the battery pack controllers' firmware can be updated remotely, then bad code could be uploaded to it, causing a condition whereby the pack fails catastrophically.

    • ...being critical of Israeli policies...

      What a weird way of saying "indiscriminately launching rockets into populated areas and otherwise blowing up civilians."

  • Is there any way to keep any computers from being built into cars at all? I say without irony that the only three new features since the advent of the horseless carriage that I approve of are the radio, the automatic transmission, air conditioning, and seat warmers. And honestly, most days I can do without the air conditioning, assuming my power windows aren't broken again.
    • Well, okay, four, not three. I forgot about the automatic transmission on my first draft.
    • Yes, you can. You design all computer-controlled systems in the vehicle to use read-only memory, and you have no wireless connectivity in the vehicle at all. Firmware and software updates would require physically connecting to the vehicle.
      There's no reason they can't do this, and in fact it would probably be cheaper to produce vehicles this way, but they'd rather be able to access data from the vehicle remotely, data like vehicle performance and driver habits, and in this dystopian age of 'subscriptions fo

  • Tesla next? (Score:3)

    by MooseTick ( 895855 ) on Monday September 23, 2024 @11:22AM (#64809719) Homepage

    This seems like a reasonable concern. It would be extremely impactful if China (or anyone) were to brick fleets of cars with a few keystrokes from thousands of miles away.

    So, Musk is known to have contempt for things like redundancy and security. Just look at how he gutted Twitter. With the way he has demonstrated he operates companies under his control, does anyone realistically believe Tesla hasn't already likely been compromised? Are all Teslas waiting for someone to push the "big red button" and cause every single Tesla "listening" to overpower its batteries causing a fire that can't be put out with water? There are nearly 5M Teslas out there right now. Imagine the havoc if just half ignited. It would make the Israli pager hack seem like nothing.

    And the worst part would be it could be extremely difficult to ever be sure who was responsible. Politicians will point the finger pretty quickly at Russia/China/Iran/etc. But, it could also be one of the thousands of high tech FORMER employees Musk has laid off or ripped off. Or, maybe a giant oil producer would do it to set EVs back a decade or more. There are lots of candidates who would not cry if every Tesla was suddenly inoperable or was considered a giant safety hazard.

    While I see the usefulness to disable vehicles that have been stolen or are being chased by police, I also see this being too powerful for any single entity to control. Like they say, with great power comes burning Teslas.

  • All 'self-driving cars' will also be capable of being weaponized, as all of them will include remote-control capability, and I can't imagine access to that being secure enough that third parties won't be able to hack their way into it and make them do whatever they want.

  • Just ban ALL tech imports from China. Let's face it, the globalization dream has completely failed.

Slashdot Top Deals

"Say yur prayers, yuh flea-pickin' varmint!" -- Yosemite Sam

Close