Don’t take my word for it. Tear into any one of the dozens of black boxes in your car and take it apart. Analyze the chips soldered on the boards. You might get lucky and find all standard chips with information available from suppliers.
Try looking at the data going across any one of the several buses transiting your vehicle. OBD is easy. The others are usually encrypted and much higher speed.
Cars are legitimately complex. Don’t just listen to the manufacturers and scoff. Look up some research into breaking the communication protocols that MB or BMW use. Compare that with GM’s newest standard. Go ahead and practice your reverse engineering skills, because these things aren’t published.
If nothing else, it increases the time to attack and own the system. Networked modules are more efficient and higher performing than old systems. This is the price of progress.
Just one example is the ECU. Old analog engines were crude and inflexible. Simple environmental changes would cause engines to run out of their efficient zones and dump more or less fuel than is appropriate for the conditions they’re experiencing. Modern engines take pressures and temperatures (from several locations) into account, along with throttle desired by the user and calculated load to change the engine parameters on the fly. This is why a modern Mustang can hit 30 mpg on the highway with 500hp and the 80’s model struggles with 20mpg and less power than a current Civic.
These ECUs can be the difference between safely driving and unsafe unintended acceleration into a truck in front of you. We haven’t seen any attacks which turn ordinary occupied vehicles into missiles… yet. I have absolutely no doubt that we will experience one in the next 10 years. Encryption and security may be the difference between this being a rare occurrence conducted by powerful nation state actors and something script kiddies can perform with a laptop and a weekend.
Sounds like the problem is lack of regulations, not people repairing their own stuff. We are letting companies create unmanageable products then blaming owners for trying to take ownership. Encryption is a solved problem, and doesn’t require a black box to be secure, in fact is more secure when it isn’t. And this isn’t the first time that Cara breaking on the road a risk. If someone put after market breaks on their car and they failed, people would die too, yet somehow we allowed that. Car manufacturers are being allowed to make anti-consumer decisions and are blaming us for them.
I’m not getting the feeling that you actually know what you’re talking about.
This isn’t a discussion about encryption, it’s about pairing modules. Encryption is absolutely necessary and is already used widely across the industry. It might not be transparent (open, published standards), but it’s there.
Illegitimate and low quality parts have always been a concern. You don’t seem like you are a car enthusiast, so go on any car forum or facebook group and ask about some fake wheels or eBay special turbos. You’ll get roasted and start a real stupid discussion on if knockoffs are great for the money or if you’ll die in a fiery wreck. These are simple physical objects which you can fake by casting a mould and pouring something vaguely metallic inside. Fake car electronics can be cheaply remade in a similar fashion. How do you know if a replacement ECU is actually taking in one of the hundreds of datapoints in order to calculate the exact fuel trim to safely use in the millisecond you’re polling? How do you know if your rebuilt or replacement transmission is equipped with the proper logic modules to not cause you to drop into first on the highway, causing you to destroy your engine and probably cause a serious accident?
How do you know the manufacturer-supplied module is doing the work it’s supposed to without being able to verify it yourself? Boeing aircraft are having similar problems; if an industry that regulated is having issues, what is going to stop vehicle manufacturers from doing the same?
Give us the diagnostic tools and the parts. Operating with zero trust and verifying everything before and after install is the only way to be sure.
The problem with the black box approach is not only does it mess with right to repair, competition, and home build jobs, but even people who make cars! I’ve literally been to talks in car manufacturing events where a speaker from a large car manufacturing give talks about how hard it is making life for them. Does that car manufacturer do anything different? Nope. Whole culture is infected with “my secrets” thinking which makes everyone’s life hard. Things are at a complexity now, everything should be built to be debugged.
This thread is literally the difference between someone who knows what they talk about getting downvoted because people don’t like facts and someone who doesn’t know they talk about getting upvoted because they appeal better to emotions.
Yeah, Lemmy is usually pretty tech savvy, so this is kind of surprising.
It’s “some basic evidence and appeals to do some research to change your view” versus “I don’t think so and car manufacturers are just bad” with no real counter argument
Or you’re just wrong and crying loudly about it? I don’t even know wtf the original point is you were trying to make before this pity party started. “You don’t seem like you are a car enthusiast, so go on any car forum or facebook group and ask about some fake wheels or eBay special turbos.” You’re a fucking joke. Lots of wasted time explaining nothing at all for scary car scenarios. I don’t even want to post this reply but your comments are fucking stupid and misleading. and you end it with a fucking “planned attack” scenario by terrorists or nation states? JFC just make a sane statement and run with it, don’t rant on about nothing then get confused when you’re downvoted.
Even cheap cars now have hundreds of processors. Modules can throw errors, send the car into limp, or deactivate the vehicle entirely.
Plus, emissions.
It’s a different game now.
I’m sure that is what the car manufacturers claim.
Don’t take my word for it. Tear into any one of the dozens of black boxes in your car and take it apart. Analyze the chips soldered on the boards. You might get lucky and find all standard chips with information available from suppliers.
Try looking at the data going across any one of the several buses transiting your vehicle. OBD is easy. The others are usually encrypted and much higher speed.
Cars are legitimately complex. Don’t just listen to the manufacturers and scoff. Look up some research into breaking the communication protocols that MB or BMW use. Compare that with GM’s newest standard. Go ahead and practice your reverse engineering skills, because these things aren’t published.
They’re made that way so you can’t repair them. They don’t need to be that complex and nothing on a car needs to be encrypted.
Idk person, encryption on cars has a valid place.
If nothing else, it increases the time to attack and own the system. Networked modules are more efficient and higher performing than old systems. This is the price of progress.
Just one example is the ECU. Old analog engines were crude and inflexible. Simple environmental changes would cause engines to run out of their efficient zones and dump more or less fuel than is appropriate for the conditions they’re experiencing. Modern engines take pressures and temperatures (from several locations) into account, along with throttle desired by the user and calculated load to change the engine parameters on the fly. This is why a modern Mustang can hit 30 mpg on the highway with 500hp and the 80’s model struggles with 20mpg and less power than a current Civic.
These ECUs can be the difference between safely driving and unsafe unintended acceleration into a truck in front of you. We haven’t seen any attacks which turn ordinary occupied vehicles into missiles… yet. I have absolutely no doubt that we will experience one in the next 10 years. Encryption and security may be the difference between this being a rare occurrence conducted by powerful nation state actors and something script kiddies can perform with a laptop and a weekend.
Sounds like the problem is lack of regulations, not people repairing their own stuff. We are letting companies create unmanageable products then blaming owners for trying to take ownership. Encryption is a solved problem, and doesn’t require a black box to be secure, in fact is more secure when it isn’t. And this isn’t the first time that Cara breaking on the road a risk. If someone put after market breaks on their car and they failed, people would die too, yet somehow we allowed that. Car manufacturers are being allowed to make anti-consumer decisions and are blaming us for them.
I’m not getting the feeling that you actually know what you’re talking about.
This isn’t a discussion about encryption, it’s about pairing modules. Encryption is absolutely necessary and is already used widely across the industry. It might not be transparent (open, published standards), but it’s there.
Illegitimate and low quality parts have always been a concern. You don’t seem like you are a car enthusiast, so go on any car forum or facebook group and ask about some fake wheels or eBay special turbos. You’ll get roasted and start a real stupid discussion on if knockoffs are great for the money or if you’ll die in a fiery wreck. These are simple physical objects which you can fake by casting a mould and pouring something vaguely metallic inside. Fake car electronics can be cheaply remade in a similar fashion. How do you know if a replacement ECU is actually taking in one of the hundreds of datapoints in order to calculate the exact fuel trim to safely use in the millisecond you’re polling? How do you know if your rebuilt or replacement transmission is equipped with the proper logic modules to not cause you to drop into first on the highway, causing you to destroy your engine and probably cause a serious accident?
How do you know the manufacturer-supplied module is doing the work it’s supposed to without being able to verify it yourself? Boeing aircraft are having similar problems; if an industry that regulated is having issues, what is going to stop vehicle manufacturers from doing the same?
Give us the diagnostic tools and the parts. Operating with zero trust and verifying everything before and after install is the only way to be sure.
The problem with the black box approach is not only does it mess with right to repair, competition, and home build jobs, but even people who make cars! I’ve literally been to talks in car manufacturing events where a speaker from a large car manufacturing give talks about how hard it is making life for them. Does that car manufacturer do anything different? Nope. Whole culture is infected with “my secrets” thinking which makes everyone’s life hard. Things are at a complexity now, everything should be built to be debugged.
Encryption is a must if your car has anything-by-wire on it.
Acceleration is already commonly used this way.
If the car has internet, even more so.
I know, cars don’t need internet, but it’s there and it’s convenient and it’s easier to collect data that way…
This thread is literally the difference between someone who knows what they talk about getting downvoted because people don’t like facts and someone who doesn’t know they talk about getting upvoted because they appeal better to emotions.
Social media has ruined us.
deleted by creator
“What could the overwhelmingly technically skilled audience of Lemmy possibly know about electronics repair and embedded programming?”
Huh I wonder where the downvotes are coming.
Yeah, Lemmy is usually pretty tech savvy, so this is kind of surprising.
It’s “some basic evidence and appeals to do some research to change your view” versus “I don’t think so and car manufacturers are just bad” with no real counter argument
Or you’re just wrong and crying loudly about it? I don’t even know wtf the original point is you were trying to make before this pity party started. “You don’t seem like you are a car enthusiast, so go on any car forum or facebook group and ask about some fake wheels or eBay special turbos.” You’re a fucking joke. Lots of wasted time explaining nothing at all for scary car scenarios. I don’t even want to post this reply but your comments are fucking stupid and misleading. and you end it with a fucking “planned attack” scenario by terrorists or nation states? JFC just make a sane statement and run with it, don’t rant on about nothing then get confused when you’re downvoted.
So much of Lemmy is this way, and I guess most of social media. I expected more from the Lemmy crowd.