SoylentNews is people
SoylentNews
This coming summer the Society of Automotive Engineers (SAE) is running their 8th annual security workshop — details at https://www.sae.org/attend/cyberauto
The SAE CyberAuto™ Challenge brings together students and engineers from different backgrounds, industries, and organizations to collaboratively seek new information on automotive cybersecurity. No matter your perspective of participation at CyberAuto Challenge, your experience will benefit you now and in the future:
- High school and college students work with in-service vehicles and their production code, software stacks, and internal electronics
- Automotive engineers learn new ways to think about vehicle security and safety
- Government officials gain new perspectives about vehicle security and safety while engaging one-on-one with the next generation of cyber professionals
- Researchers developing emerging techniques to find real solutions to cybersecurity challenges and engage the next generation cyber-auto engineers.
This AC has no idea if you can really teach security, but at least someone is trying. It's also possible that SAE is training the other side? The page has a glowing testimonial that ends:
To sum it all up: thank you. That five days of the CyberAuto Challenge changed my life.”
–Vanya Gorbachev, 2018 CyberAuto Challenge participant
(Score: 2) by Runaway1956 on Tuesday January 08 2019, @03:47AM (4 children)
Anyone who is concerned with security has probably heard or read that, and often. Security is a Process, not a Product. One problem seems to be that boards of directors and accountants and xOO's are only concerned with selling products.
Security in the military is a process. No one sets up a couple guard posts, and calls it "secure". Roving patrols (yes, even aboard ship) are constantly checking on the status of whatever perimeters or systems they are responsible for. It can't be automated, it can't be neglected for some hours/days/weeks. It's an ongoing process, with human eyes and hands on.
And, that is precisely what managers want to eliminate. They want everything automated, so that the humans can go on with something more fun, and less stressful, and less expensive.
In the physical world, "security" often consists of a fence and some cameras. Take away the security personnel, and there is no one to defend the fence, or to monitor the cameras. At that point, the supposed security is no more and no less effective than a standard padlock. Everyone should be aware that a padlock only keeps honest people honest. Very few padlocks can keep me out, once I've decided to get in. Even fewer padlocks actually slow me down. It only takes a couple minutes to pick the standard Master padlock, and even less time to just destroy a lock. Cheap locks are easier and faster to destroy. And, if the owner/manager doesn't check on whatever he has trusted to a lock for a week, or a month, the "crime" may go unsolved forever.
(Score: 2) by aristarchus on Tuesday January 08 2019, @07:59AM
The most likely to be doxxed (from really stupid detail disclosures) Soylentil has this to say? We have your natsav trajectory, Runaway of too many specifics. Best STFU before your employer or your wife's church group finds out who you really are, and sequestors your artillery, so to speak.
(Score: 0) by Anonymous Coward on Tuesday January 08 2019, @01:01PM (2 children)
> Security is a Process ...
Well put.
How is this going to work with an automated highway, where my car has to make many secure connections with other traffic and the road (infrastructure), on a sub-one-second time scale. This is for things like the negotiation for a lane to move over toward the upcoming exit, or to know that the light is about to change (or whatever). No possible time for human intervention here.
(Score: 2) by Runaway1956 on Tuesday January 08 2019, @03:16PM (1 child)
For you, the individual human being chauffered around by a robot, the process should have been ongoing before you committed your life to that robot. You should be aware that BrandX Highway Robots have been exploited repeatedly in recent months - and updated, upgraded, or changed to BrandZ. Or, just shut that obsolete robot down, and run it through the trash compactor. The process involves keeping up to date on how many body bags have been utilized by which brands of robots.
(Score: 0) by Anonymous Coward on Tuesday January 08 2019, @05:11PM
Well, that puts a little perspective on a future incarnation of Soylent News -- keeping track of the source bodies soon to be processed into new soylent...
I think I'll keep driving my own car and avoid (to the extent possible) areas that are infested with robot cars.