Re: [SystemSafety] Hackers take over *control* of a car wirelessly

From: Matthew Squair < >
Date: Wed, 22 Jul 2015 13:57:24 +1000


Mental note to self, do not give keys of nuclear reactor to Gen Y.

On Wed, Jul 22, 2015 at 1:06 PM, Les Chambers <les_at_xxxxxx

> Dynamic updates to motor-vehicle functionality are a fact of life now.
> Tesla Motors is a "world leader" with this. Here is the release note list
> for the Tesla model S:
>
>
> http://www.teslamotorsclub.com/showwiki.php?title=Model+S+software+firmware+changelog
>
> All you need is a wireless net to get the job done in around 45 minutes.
> Theoretically you could probably do it with a mobile phone hotspot. I don't
> know if the model S as to be stationary for the upgrade to occur. Hope so.
>
> Ethical discussions on whether or not this is a good thing are probably
> irrelevant. It's just happening all around us. Tesla motors employs mostly
> twentysomethings, if Elon Musk's biography is any indication, I suspect
> they don't have much adult supervision. It reminds me of the Battle of the
> Bulge where Hitler put kids in tanks who had never seen a tank battle. They
> had little concept of what was coming and no fear.
>
> So if you don't like this trend you're probably old and uncool. Why
> shouldn't an auto be just like a mobile phone or your Windows laptop? What
> could go wrong???
>
>
>
>
>
> *From:* systemsafety-bounces_at_xxxxxx > systemsafety-bounces_at_xxxxxx > Squair
> *Sent:* Wednesday, July 22, 2015 11:14 AM
> *To:* Heath Raftery
> *Cc:* systemsafety_at_xxxxxx > *Subject:* Re: [SystemSafety] Hackers take over *control* of a car
> wirelessly
>
>
>
> If someone can seriously think that updating hospital drug pump firmware
> via the interwebz is a 'good idea' I think there's minimal likelihood of a
> good flogging in the town square happening anytime soon.
>
>
>
>
> http://criticaluncertainties.com/2015/06/23/all-your-drug-pumps-are-belong-to-us/
>
> Matthew Squair
>
>
>
> MSysEng, MIEAust, CPEng
>
> Mob: +61 488770655
>
> Email; Mattsquair_at_xxxxxx >
> Web: http://criticaluncertainties.com
>
>
> On 22 Jul 2015, at 10:45 am, Heath Raftery <heath.raftery_at_xxxxxx > wrote:
>
> On 22/07/2015 3:44 AM, Martyn Thomas wrote:
>
> On 21/07/2015 18:27, Tom Ferrell wrote:
>
> Stating the obvious, but isn’t there an aspect of this that goes
>
> something like, “Just because we can doesn’t mean we should.” To me,
>
> there is a fundamental engineering ethics question that comes into
>
> play when people start talking about the ‘Internet of Everything.’
>
> When someone postulates hooking two systems together that always
>
> before have been physically separated, engineers have a moral
>
> responsibility IMHO to inject themselves firmly and fully into the
>
> benefits vs. risks discussion with a strong bias of when in doubt,
> don’t.
>
>
>
> That sounds like excellent advice, but if I'm happy to connect A to B
>
> and B to C, and you are happy to connect X to Y and Y to Z, whose fault
>
> is it when Peter connects one of (A,B,C) to one of (X,Y,Z) and something
>
> bad happens?
>
>
> The general philosophical arguments are worth having, but doesn't this
> particular case offer a more direct argument?
>
> If you're the one that connects cellular to CAN (via whatever paths
> already exist), you ought to be shot, stripped and jailed for gross
> negligence, *before* there's even an accident caused.
>
> I'm flabbergasted that Chrysler could have released a vehicle where that
> electronic link even exists. No "great new feature"(TM) warrants such a
> gaping hole that would get every hacker from here to hell tapping away at
> the new door. There is zero evidence that anyone has ever designed a robust
> enough system that you could honestly connect the two and claim it safe.
>
> All the "great new features" that are on the horizon can be achieved
> without making that link - updates over the air, Internet connected
> entertainment, vehicle location, etc. I see no excuse.
>
> Heath
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety_at_xxxxxx >
>

-- 
*Matthew Squair*
MIEAust CPEng

Mob: +61 488770655
Email: MattSquair_at_xxxxxx
Website: www.criticaluncertainties.com <http://criticaluncertainties.com/>



_______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx
Received on Wed Jul 22 2015 - 05:57:34 CEST

This archive was generated by hypermail 2.3.0 : Sat Feb 16 2019 - 01:17:07 CET