SoylentNews is people
SoylentNews
from the you-can't-make-this-stuff-up dept.
A trade magazine, http://www.todaysmotorvehicles.com/article/5-myths-about-connected-cars/ ran this article by Shaun Kirby, Cisco Consulting CTO, "5 Myths About Connected Cars". Haven't read anything this funny all year, some clips include:
Myth: Securing connected cars requires breakthroughs in security technology.
Fact: Connected cars are extremely complex, with many sensors, computers, and networks, along with an ever-growing list of features. Fortunately, technologies already exist that have proven effective in securing some of the largest enterprise information technology (IT) infrastructures. Existing technologies are well equipped to keep drivers and their data safe now and into the future.
...and this one, the punch line at the end had me rolling in the aisle:
Myth: Automakers are responsibile for securing connected cars.
Fact: The vehicle manufacturer is just one link in the security chain. Multiple tiers of suppliers, dealerships, developers of aftermarket devices and services, regulatory bodies, and other industries creating devices and services that interact with connected cars are all responsible for keeping cars and drivers safe and secure.
It is especially important for third parties who provide connected car applications to have secure infrastructures. For instance, a mall operator installing vehicle-to-infrastructure units to guide heavy traffic to optimal parking spots will need to ensure that all the proper security controls are in place.
(Score: 5, Insightful) by shortscreen on Monday September 11 2017, @09:24AM (11 children)
Despite my best efforts to avoid it, I regularly have to put up with terrible software. From websites, to industrial machines. My impression is that low quality software is the norm rather than the exception. The trend of more software appearing in more products does not excite me.
As far as cars, I already refuse to buy anything with OBD (I've never owned anything newer than an '87 model year). A check engine light will result in failure to pass the mandatory state inspection. The light is controlled by proprietary software. So basically, this software has the authority to affect the legal status of the car without notice, and that is utter insanity.
(Score: 4, Insightful) by Arik on Monday September 11 2017, @10:21AM
If laughter is the best medicine, who are the best doctors?
(Score: 1, Interesting) by Anonymous Coward on Monday September 11 2017, @12:04PM (1 child)
Thank you, + mods well deserved. I have a couple of older cars and both have turned on the check engine light, one several times over the years. As the annual state inspection rolls around, I start to get nervous, will it stay off long enough to pass another year? How much will it cost this time? If the light is on for a one-time anomaly (like a mis-fire) and I "clear all codes" using a cheap OBD reader, will it stay off long enough to pass? (usually not)
Once it was just the gas cap seal (evaporative emissions) -- which visibly looked and felt the same as the replacement, but the new cap didn't trigger the light. Another time there were 20+ codes thrown, turned out to be a working battery that couldn't maintain enough voltage (while cranking) to keep one of the computers happy.
I'd love to run a pre-OBD car, but here we have lots of salt on the roads in winter. Older cars were not rustproofed like newer cars (including galvanized sheet metal and stainless exhaust systems) and there are very few of those cars left. Most of the older cars I see are only used in summer.
My bicycle works great for shorter errands. As others have noted, one easy way to keep a car a long time is to not use it very much...
(Score: 2) by bob_super on Monday September 11 2017, @07:07PM
Places like Paris have started banning cars that are too old from entering the city altogether (not that anyone should ever drive in Paris).
If your car is too old to have computers, it's also polluting more than a battalion of newer cars. That's not a bad excuse.
If you want your car to be safe, just clip the antennas and don't connect your phone to it. Connected cars are an idiocy; the easy answer is to air-gap.
Spurious error codes? Yeah, they suck. But most error codes do save you hours, of tying to figure out from your non-techie S.O., whether it was a "ping" or a "pop" before the engine croaked.
(Score: 5, Interesting) by VLM on Monday September 11 2017, @12:09PM (2 children)
You probably mean ODB-II.
I had the misfortune of owning a pre-ODB-II car and not only was the software proprietary but the idiot light was non-standard, so every model out there interfaced differently, paper clip these wires on this car to watch that bulb morse code some code it was technically illegal for you to know what it means.
At least with my ODB-II cars I've been using the same cheap code scanner for 10+ years and now I use a $15 bluetooth scanner on my phone for a couple years and its worked pretty well for identifying parts to replace.
People will claim the OBD-II codes tell you exactly what to replace which technically isn't true. I had one situation where the readiness indicators wouldn't ever clear, total WTF, turns out if I watch the coolant temp it never goes above Z degrees where the readiness indicator doesn't detect "engine all warmed up" until Z+5 degrees. Wasn't a sensor problem; replaced the stuck open thermostat and all was well.
Another time I had a Saturn which output camshaft position sensor failures or some ridiculous similar thing, which is funny because the saturns don't have camshaft position sensors. Thats their funny "saturn speak" way of reporting misfires. Usually this means the coil packs connections are corroded or the plug wires are worn out, which fixed it.
(Score: 0) by Anonymous Coward on Monday September 11 2017, @08:16PM (1 child)
It's OBD (On-Board Diagnostics).
If you use an initialism, especially one that isn't clearly pronounceable, [soylentnews.org] you should double-check that you spelled it properly every time.
If you don't, people may copy [soylentnews.org] your incorrect usage and make useful things harder to find when using a search engine.
-- OriginalOwner_ [soylentnews.org]
(Score: 2) by Gaaark on Monday September 11 2017, @09:28PM
It's a problem with his OCD.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 5, Interesting) by crafoo on Monday September 11 2017, @01:11PM (1 child)
The software controlling my radio/CD/etc and display crashes regularly in my car - at least once a day. Screen goes black, system reboots itself. The audio keeps playing though. Sometimes the graphic indicators for volume get stuck and go blank. Bluetooth connectivity is a joke. Sometimes it works. Sometimes it doesn't. But you ALWAYS have to go 3 levels deep in a menu using [enter] and arrow buttons to even attempt to make it work. After every ignition switch cycle.
Trash software is everywhere. I agree. I don't think the world is better for it. I remember analog systems that were fast, responsive, bullet proof (sometimes literally), didn't have coarse, digital discrete stepping, and was usable. We are going backwards.
(Score: 0) by Anonymous Coward on Tuesday September 12 2017, @11:08PM
They have a really nice twin push-dial stereo in the later impreza/outbacks.
However, despite knowing hte hardware is capable of more, and I assume in order to upsell their 'entertainment systems' they implemented the following defects:
Single bluetooth pairing slot. You can pay for an 'upgrade' to a 4 slot with both a hardware and mechanics fee, even though it is literally a 30 second reflash over the OBD adapter.
Bluetooth only associates automatically when the car is turned to accessories. Starting the car requires manually selecting bluetooth, going into the menu and choosing the select device category then associating. Even though it only allows *1* device slot, and it had already automatically associated when the car was turned on.
Restarting the car during operation, for example: after a stall, requires reassociating the bluetooth device.
In addition, the CD portion of the player failed within the first year, but apparently is considered 'consumable parts' and isn't covered under warranty.
Outside of the radio it has been a solid car, but given that it doesn't have a standard DIN slot to connect a radio of your choice to, it is pretty horrible just the kind of junk they are foisting on people in 20-35k cars in regards to electronics.
(Score: 0) by Anonymous Coward on Monday September 11 2017, @04:34PM (1 child)
ODB and ODBII are the reasons a care will *never* be secure. They are not designed that way. They are diagnostic systems that are now data stream systems. The concept of secure was physical access. That is not necessarily true anymore.
Once they figure out they need ODB-3 they will lock everything down. Yet it will still not be secure. But forget ever getting cheap easy to use diagnostic software and hardware. Even today many manufactures play games with ODBII to lock you out.
(Score: 0) by Anonymous Coward on Tuesday September 12 2017, @05:16AM
On-Doard Biagnostics II (ODB II)
(Score: 0) by Anonymous Coward on Tuesday September 12 2017, @11:00PM
For anyone thinkin that 'requiring government certification/degrees to become a programmer' is a smart move:
How many of those Automotive engineers working on powertrain modules do you think are *NOT* electrical or mechanical engineers, or maybe Computer Science degree holders?
And if *THOSE* guys keep fucking up software and security, then what is the point in raising the bar, if the top of the bar is still producing shit, but now going it with 4-8 years of education and hundreds of thousands of dollars of debt for no better quality code?
Remember to ask these questions the next time a debate about the professional conduct of computer programmers is brought up. The problem isn't the lack of education, the problem is systemic and bureaucratic failures from the top to bottom in the engineering of the languages, the tools, the education, etc. All because nobody wants to take the time or spend the money to really analyze where the shortcomings are, rectify them, and then go through all the work of testing out the new specifications by reimplementing old and no doubt buggy software to verify that the new versions provide better quality and security code than the old ones, while catching and describing more error conditions that could cause a complete systems failure when such a condition is reached.
Also: Maybe it is time to ensure every piece of hardware includes ECC, and the really critical parts with sufficient excess clocks include checkpointing for the worst case failure mode, So that if an error does occur that is uncorrectable in the current state, it can revert the state to the previous known good data and run another pass before its data is expected to be available. Even then it won't cover all failure modes, but that is about as close to perfect as our technology enables.