Technology

58133 readers

4319 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

697

Tesla recalls all 3,878 Cybertrucks over faulty accelerator pedal - The Verge (www.theverge.com)

submitted 5 months ago by [email protected] to c/[email protected]

111 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 8 points 5 months ago (1 children)

If a car can receive OTA updates from the manufacturer, then it can receive harmful OTA updates from an attacker who has compromised the car’s update mechanism or the manufacturer.

There's potential for a very dystopian future where we see people assassinated, not via car bomb but via the their cars being hacked to remove braking functionality (or something similar). And then a constant game of security whack-a-mole like we see with anti-virus software. And then some brilliant entrepreneur will start selling firewalls for cars. And then it'll be passed into law that it's illegal to use a vehicle that doesn't have an active firewall/anti-virus subscription.

It almost feels like the obvious path things will go down. Yay, capitalism...

I'm not totally opposed to software being used in cars (as long as it's tested and can be trusted to the degree mechanical components are) but yeah, OTA updates just seem like a terrible idea just for a little convenience. I'd rather see updates delivered via plugging the car in (and not via the charging port - it would need to be a specific data transfer port for security reasons). Alert people when there's an update, and even allow the car to "refuse to boot" if it detects it's not on the latest version. But updates should absolutely be done manually and securely.

[–] [email protected] 6 points 5 months ago (3 children)

Cutting someone's brake lines has been a means of assassination for a while. What's new here is that it could potentially be done remotely, e.g. an attacker in Bucharest targeting a victim in Seattle on behalf of a payer in Moscow.

[–] [email protected] 3 points 5 months ago (1 children)

Remotely at scale.

So yeah you could assassinate someone like that, or you could break every cars brakes at once and have thousands of simultaneous car accidents timed during some other infrastructure attack

[–] [email protected] 2 points 5 months ago

This reminds me of the movie "Leave the world behind" from last year.

[–] [email protected] 2 points 5 months ago* (last edited 5 months ago)

And at any time.

Cutting someone's brake lines is all or nothing and can't be done while the vehicle is already in motion. Anyone who is not an idiot will hopefully notice as soon as they start driving that there's something wrong with the brakes. But you could brick somebody's car remotely and without warning while they're taking a curve on the interstate at 80 MPH, and that'd be a lot more problematic.

In reality, few to no people outside of novels and Hollywood have actually been killed by some malefactor "cutting their brake lines."