Slashdot Mirror

← Back to Stories (view on slashdot.org)

Toyota Black Box Data Is More Closed Than Others'

Posted by timothy on from the in-the-dark dept.

wjr writes "Many cars these days contain black boxes that record information (speed, accelerator position, etc) and can preserve information in the case of an accident. Ford and Chrysler say that they use 'open systems' so anyone can read out the data; General Motors has licensed Bosch to produce a device capable of reading its cars' black boxes. On the other hand, Toyota has only a single laptop in the US capable of reading its cars' black boxes, and generally won't allow the data to be read without a court order. Honda seems to have a similar policy. This is emerging as an issue in the investigation into unintended acceleration."

42 of 276 comments (clear)

  1. A challenge... by plover · · Score: 4, Insightful

    Wouldn't it be grand if the guys who hacked Ubisoft's latest game took on this challenge instead?

    And it would be covered in extra-special awesomesauce to see the code posted to SourceForge.

    --
    John
    1. Re:A challenge... by ColdWetDog · · Score: 3, Insightful

      Unless the data is encrypted (and it appears that their first line of defense is security by obscurity) it would seem to be a doable thing. Grab a used Toyota (good prices these days), track the various potential variables and look at the data. Maybe delve into how the other recorders do things - it's unlikely that Toyota would completely re invent the thing.

      Sell it to a couple of attorneys.

      Profit...

      --
      Faster! Faster! Faster would be better!
    2. Re:A challenge... by El_Muerte_TDS · · Score: 2, Insightful

      "100 million lines of code" doesn't say anything. I can write "hello world" in 2 lines of code, or 200 lines of code.

    3. Re:A challenge... by Anonymous Coward · · Score: 5, Insightful

      The only hack I'm interested in is one that disables the system. I consider these "black boxes" a massive invasion of privacy and in no way benefit me personally. Yes I know the argument would be what if I'm the victim in an accident wouldn't I want the courts to access the other guy's black box? The same argument can be made for recording phone calls and other invasions of privacy. You'd have to accept all privacy is bad. I don't wish to live under a microscope. I'm tired of people giving away my freedom because they think it makes them safer. all it does is make you less free. I should be able to drive to the store without a record of it being kept in my car. Already most of my purchases are tracked so now my location is tracked as well? I know so far the information is hard to access but the government is pushing for more and more access to the information. Eventually the info will be provided for things like divorce court. Do I have something to hide? That isn't the point the point is do we all want to live where we have to second guess how our actions will be interpreted later?

    4. Re:A challenge... by phantomfive · · Score: 3, Insightful

      In all honesty it is significantly more difficult. Hacking the game was probably as simple as changing some line to always return 'true.'

      Whereas a complicated protocol or file format can be nearly impossible to decipher. Live data systems can send out megabytes of data at a time, so it is a lot to figure out. Each part of the datastream represents something different, and sometimes the only way to figure out what it represents is by isolating the system (in this case the car), and changing one piece at a time to see how the recorded data changes. In something that is used to record the evidence of car crashes, this can get expensive quickly.

      It can be further complicated by weirdness like fields that are 21 or 22 bits long. You can't even reliably know where one datum starts and another ends unless you know the protocol. The worst thing I've seen like that was a 5 bit signed integer stored in an 8 bit field. Messy. If you don't have the documentation, it can take a long time to figure stuff out.

      Even something as relatively ubiquitous as NTFS took years to figure out reliably.

      --
      Qxe4
    5. Re:A challenge... by Z00L00K · · Score: 5, Insightful

      Just wait - soon it will be a legal requirement to log a lot of parameters in a format that can be read.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
    6. Re:A challenge... by MichaelSmith · · Score: 2, Insightful

      I was impressed that Andrew Tridgell was able to reverse engineer the bitkeeper line protocol to develop sourcepuller. Especially since he claims to have done it without access to a client. The story is he polled the server to get samples of the protocol.

      I have seen many binary line protocols reverse engineered over the years. If you have enough data quite a bit is possible.

      --
      http://michaelsmith.id.au
    7. Re:A challenge... by wiredlogic · · Score: 4, Insightful

      Toyota's systems have over a 100 million lines of code:

      Frankly, that statistic doesn't make much sense. In the article it's just a BS number that shouldn't have been quoted by the hack writer and it isn't even referring to Toyota. The rank and file microcontrollers that do most of the work in a modern car can't possibly have that much source code in them. The only place where a large amount of source code could be involved is for advanced accessory functions like entertainment, communication, and navigation systems. Those should all be properly isolated from the critical systems needed to operate the car safely. The Mercedes is stated to have 20M LOC and I'd bet the farm that 90% of that is in non-critical components. It's even less likely that a generic Toyota like the Camry has anywhere near that much code in its computers. Come on mods. If you can't even follow the links at least use your brains.

      --
      I am becoming gerund, destroyer of verbs.
    8. Re:A challenge... by zmollusc · · Score: 3, Insightful

      That's put my mind at rest. Good job computer memory only gets more expensive and reduces in capacity over time or else it would be possible to use the acceleration forces to make a map of your route and overlay this on a real map to find out where and when. And god forbid global positioning hardware or mobile phone technology gets built into cars.

      --
      They whose government reduces their essential liberties for temporary security, receive neither liberty nor security.
    9. Re:A challenge... by profplump · · Score: 3, Insightful

      A) There's not reason to believe the data is any more obfuscated than simply "undocumented". It would be extra work to intentionally hide the data, and it's not clear that Toyota is doing that, or what they would gain from it if they did. All we know is they aren't going to any extra effort to allow other people to read it, and speculation into possible obfuscation is poorly founded.

      And I'm just going to pretend that you didn't say encrypted, because even people who well motivated often screw up encryption, so it's incredibly unlikely that Toyota has a correctly-implemented encryption system (which includes things like making sure not all cars have the same key, which would be exceedingly difficult to do correctly).

      B) Reverse engineering isn't trivial, but it's not incredible difficult either. "100s of sensors" is not a huge amount, particularly when you can tell what most if not all of those sensors or measuring, and get the analog/digital readings directly from the sensor package to correlate with the output even. You could even take the sensor network and computer out of the car, rig it up to allow a computer to generate billions of different input combinations, and then use automated statistical analysis to find correlated input and output parameters.

    10. Re:A challenge... by ortholattice · · Score: 5, Insightful

      Not only that, the actual scene data (skidmarks, etc) are much more valuable to accident reconstruction and investigation than the black box. It's only a small bit of data they can use, it can't be the sole one. Especially if for example, the car gets rolled over - even if it happened at 40mph, the free spinning wheels would show that the car suddenly went from 40mph to 80mph..

      I don't disagree actual scene data isn't essential, but the example you picked is a highly useful supplement to that data. If the speed suddenly increases from 40 to 80, obviously that happened at the instant the tire lifted off the road, since it is physically impossible for the car to accelerate from 40 to 80 suddenly.

      So, from the black box data we now have a record of exactly when the tire left the road, plus we have the speed of the car just before the accident happened (which would be more accurate than a skid mark estimate, esp. if the road was icy or slippery), and we have the fact that the driver's foot (or in Toyota's case possibly the computer) was pressing the accelerator since otherwise it wouldn't have sped up to 80. So what was the driver trying to do at the instant of the accident, and why were both the brake (skid mark) and accelerator (sudden tire speed up) being pressed simultaneously, etc.?

      Combining black box data with the scene data could provide a far more accurate reconstruction of the accident than scene data alone. Of course it doesn't replace the accident scene data - no one is saying that the scene data should be ignored, as your straw man argument seems to imply. .

    11. Re:A challenge... by Anonymous Coward · · Score: 1, Insightful

      I'll give a run for insightful: you can experiment with cars in a basement.

    12. Re:A challenge... by ras · · Score: 5, Insightful

      No, no. That is not the relevant quote. This is:

      some Mercedes drivers found that their seats moved if they pushed a certain button; the problem was that the button was supposed to operate the navigation system.

      If the systems aren't isolated, it doesn't matter what the code is supposed to control. For example, if the internal light control just sends control signals across a CAN bus which is also connected to the ECU, the software (say via a memory overflow error) could write the wrong address onto the bus and send throttle information by mistake.

      Jesus. That scares the shit out of me.

    13. Re:A challenge... by brufleth · · Score: 2, Insightful

      The data is probably just standard unencrypted hex in the NVM. All you really need is to line up the data with the parameters. Assuming four byte values you could run the car through known cycles instrumented up and then start looking to line things up like RPM, temp, torque, etc. Not something most people could do in their garage but certainly not impossible.

    14. Re:A challenge... by brufleth · · Score: 3, Insightful

      You are drastically over-complicating the issue. The data is almost certainly unencoded hex in the standard NVM location for fault logging. All you have to do is get a data dump of that and then line up the data with a parameter list. I wouldn't say this is trivial but it'd be doable for someone with the right tools and facility. It wouldn't require a team of uber hackers.

    15. Re:A challenge... by brufleth · · Score: 4, Insightful

      What does the number of lines of code have to do with reading the fault log out of non volatile memory?

    16. Re:A challenge... by ras · · Score: 3, Insightful

      As it happens, I do embedded work too. And yes, it could be isolated. That is not the point. The point is it wasn't.

    17. Re:A challenge... by ranulf · · Score: 3, Insightful

      get the analog/digital readings directly from the sensor package to correlate with the output

      Not gonna happen, I'm afraid. Almost everything on a car in the last 10 years is done over a CANbus. You don't have hundreds of wires going into an ECU or a dial any more, you have a couple of buses, each connected to a load of devices.

  2. Heh by Airdorn · · Score: 4, Insightful

    Lol @ the recent mysterious deluge against Toyota.

    1. Re:Heh by retchdog · · Score: 3, Insightful

      Yes, it is suspicious and makes one wonder about the extent of the "pro-America" propaganda machine.

      --
      "They were pure niggers." – Noam Chomsky
  3. Time must have changed. by sumdumass · · Score: 4, Insightful

    It seems like it was only yesterday when people were complaining that the black box data was there in the first place. Then came along the complaints on how it was being used against people in courts and in accident investigations. Then the complaint was that only certain people could get the information and you couldn't get it to clear your name or anything- even in one case where I believe the prosecutor got the information and decided it was worthless and tossed it (may be wrong on that).

    Now, it seems that everything happening that would have caused a complaint is good and those not allowing it to happen is bad. Go figure.

    1. Re:Time must have changed. by fuzzyfuzzyfungus · · Score: 5, Insightful

      The status quo is a powerful thing. Once something Just Is people start treating it as a baseline.

      More specifically, though, is complaining about information asymmetry at all unreasonable? If the black box is present, why shouldn't I object to the fact that I, the owner of the vehicle, have no access to its contents; but those who have more power than I do do? There are substantial virtues to privacy and substantial virtues to transparency(in certain contexts); but asymmetric transparency is basically the worst of both worlds.

    2. Re:Time must have changed. by Weirsbaski · · Score: 5, Insightful

      It's not as inconsistent as you'd think- if the owner of car wants the blackbox data, she should get it, no problem. If anybody else wants the data, let 'em either ask the owner to voluntarily go along with it, or ask a judge for a court order (with appropriate legal conditionals so the judge can't just rubberstamp it).

      --

      I am not a sig.
    3. Re:Time must have changed. by Rakshasa+Taisab · · Score: 2, Insightful

      Well, if they have to get a court order to retrieve the data then Toyota will have a copy of it (prosecution can't 'lose' it) and it will have been retrieved under a court order (so the prosecution can't throw it away since it was 'useless').

      Seems most people are reacting to FUD and not realizing Toyota are the _GOOD_ guys here.

      --
      - These characters were randomly selected.
  4. Re:Mr Toyota-san, Tear down this Interface! by Rakshasa+Taisab · · Score: 4, Insightful

    Why would it be a good idea? I thought slashdot was all gung-ho about protecting people's privacy?

    If there really was a case of an accident caused by unintended acceleration then a court order would be piece of cake to get.

    --
    - These characters were randomly selected.
  5. Let's nip this Toyota bashing in the bud by Anonymous Coward · · Score: 3, Insightful

    Absolutely *no* car manufacturer has your best interest at heart. Not Toyota, not Ford, not GM, not a single one of them.

    Who made the SUVs that literally jumped off their tires and turtled at so much as a harsh look? Who made trucks and thought it was a brilliant idea to mount the gas tanks *outside* of the frame? Who made cars that exploded when they were nudged at the backend? Which car manufacturer computes the costs of killing some of their customers vs. spending a bit more to make each vehicle safe?

    It's not just Toyota. But, today, with the US government being the largest shareholder in GM, I would bet that life for Toyota is going to get really bad.

    1. Re:Let's nip this Toyota bashing in the bud by jhoegl · · Score: 4, Insightful

      You know what? When all these "sudden recalls" came out from Toyota once their acceleration issue came to light in the media, it indicates to me one thing.
      Toyota has been holding back a lot of recalls at the expense of customer safety.
      So champion Toyota all you want, and come up with a conspiracy theory that the USA gov is behind this whole thing.
      It indicates to me Toyota was playing with fire and now they got burned. Nothing more, nothing less.

    2. Re:Let's nip this Toyota bashing in the bud by DigiShaman · · Score: 2, Insightful

      with the US government being the largest shareholder in GM, I would bet that life for Toyota is going to get really bad.

      Toyota screwed up big time, for sure. But make no mistake about it. These hearings on Toyota were aimed at one thing and one thing only. To make them look bad so our Federal Gov can continue to capture the UAW votes by bolstering GM sales.

      Now you tell me? How fucked up is that?!

      --
      Life is not for the lazy.
    3. Re:Let's nip this Toyota bashing in the bud by mcgrew · · Score: 2, Insightful

      Nice antiamerican, antiunion rant there, buddy, but UAW workers work for Toyota. From the supplied link:

      The Toyota Corolla, for example, is made in the United States by UAW members, but the Canadian model is made in a nonunion plant and other models are imported from a third country. To be sure you have a union-made vehicle, buy one of the vehicles on this list.

      Toyota workers unionized because they were being screwed over by Toyota, which is the only reason to unionize. You can thank unions for the five day work week, paid vacations, eight hour days, and absence of sweatshops.

      I'm not in the UAW, but I am a card-carrying member of a labor union. The stockholders of my employer's company bargain collectively, why shouldn't I? The company that bargains with you for a contract has lawyers, and it's not feasable for every employee to hire a lawyer to look over the cotract. With numbers come strength. You alone are no match for an army of stockholders who employ an army of lawyers.

      If you have an asshole boss (luckily I have a good boss) you REALLY need a union.

      BTW, I'm eligible for a pension in a couple of years, thanks to my union. Anybody who works for a living who is anti-union* is insane.

      * Unless they are a member of the Teamsters; that union is worse than useless.

      --
      Free Martian Whores!
    4. Re:Let's nip this Toyota bashing in the bud by mcgrew · · Score: 2, Insightful

      Then join or organize a union so you'll be paid a decent wage and can afford one. Management is going to sell the car for as much as the market will bear regardles sof the cost of manufacture.

      --
      Free Martian Whores!
  6. Re:Mr Toyota-san, Tear down this Interface! by fuzzyfuzzyfungus · · Score: 5, Insightful

    I'm not entirely clear on how not having access to one of the computers in a piece of my property, or even knowing exactly what it does, protects my privacy...

    Some sort of scheme for compulsory(or even many flavors of "optional") collection of black box data would, indeed, be a huge privacy violation; but that isn't the proposal.

    This is a system embedded in the car, to which you need physical access to connect. Anybody who could get to that box could plant a GPS+accelerometer bug on your car considerably more easily. Documentation for reading the black box would give the owner of the system more control and information(and, who knows, maybe even let third party mechanics break the dealer grip on certain services) without notable privacy implications.

  7. Re:Good Technology I suppose... by bennomatic · · Score: 1, Insightful

    "Breaks" is the problem. I prefer brakes.

    --
    The CB App. What's your 20?
  8. Chill out by KamuZ · · Score: 2, Insightful

    Chill out, they only need a court order and seems the USA Federal Government is always good at giving these ones away.

    No need to "hack" the box or anything like it.

  9. Re:Mr Toyota-san, Tear down this Interface! by Rakshasa+Taisab · · Score: 2, Insightful

    Arguing that corporations are not people since 1886.

    You think that is Toyota being protected when a cop tries to 'prove' you were a reckless driver with blackbox data for hitting that drunk guy walking out on the road? Especially when the data is from 5 minutes earlier when you were going slightly above speed limits on a clear road but has no connection to how you were driving at that moment?

    A court might not let the prosecution retrieve that information, but won't help you much if they already got it through an usb interface in the dashboard of your car.

    --
    - These characters were randomly selected.
  10. I guess we could keep that property, but get more by r00t · · Score: 1, Insightful

    Here's how it could work:

    1. Using an Ethernet jack provided by the car, you use HTTP to grab an encrypted blob. This contains the data, including a timestamp and the VIN.

    2. Upload the blob to Toyota's web site. They decrypt it and store it forever.

    3. Download the decrypted blob.

    Download can be limited to the uploader by default, with other people only able to see that it exists. If you want a copy and you didn't perform the upload, simply get a court order.

  11. Are Flight Data Recorders mandatory? by jayveekay · · Score: 4, Insightful

    I'm guessing that Flight Data Recorders are mandated by law for commercial aircraft. I would say that the information that they have provided over the years has been very helpful in improving the safety of air travel.

    How many people were killed last year in aircraft accidents? Hundreds would be my guesstimate. How many in car accidents? Tens of thousands would be my guess. If there are a lot of people being injured in car accidents then it would seem very useful (from an economic retrun on investment perspective) to start making data recorders both mandatory and have them record specific information in a published standard format, with the goal being to better understand accident causes and improve auto safety.

    1. Re:Are Flight Data Recorders mandatory? by b4dc0d3r · · Score: 4, Insightful

      I agreed with you initially. Then I realized that air travel is a completely different problem, requiring a different solution. Try to justify your position and you'll see what I mean. Here's what I came up with, basically it would be an edge case, return on investment is going to be negative, that's why it's not already a law.

      A 1985 study by K. Rumar, using British and American crash reports as data, found that 57% of crashes were due solely to driver factors, 27% to combined roadway and driver factors, 6% to combined vehicle and driver factors, 3% solely to roadway factors, 3% to combined roadway, driver, and vehicle factors, 2% solely to vehicle factors and 1% to combined roadway and vehicle factors.... A 1985 report based on British and American crash data found driver error, intoxication and other human factors contribute wholly or partly to about 93% of crashes

      If 57% of the accidents in airplanes were caused by the passengers, we would not have even thought about black box recorders. Roughly 10% of accidents (not deaths) have the vehicle as a factor, and only a portion of those are fatalities.

      Given that lots of people have problems with GPS and SpeedPass systems, how would you explain your desire to log everything a vehicle did just to catch a few data points in the off chance it's helpful? When a plane goes down, you don't have options like pulling over to the side of the air, or pointing towards an uphill slope to slow you down, or moving it into neutral, or other tricks - you can only hope you're near water. The people are likely to die, leaving no explanation of what happened. Driver deaths are much less likely due to safety features of the car, and the car generally not leaving the ground, so you usually have someone who can describe what went wrong. That's really where this idea falls apart - air incidents are very rare, but much more likely to result in total loss of anyone who can intelligently report on the event, proving the need for data recorders.

      It's not the number of deaths which is important - the question is, how many of those could be prevented with additional logging? Evidence points to a much smaller number than you might think. Going with the other replies, 40,000 every year at 10% gives roughly 4,000 events where the vehicle is part of the problem. How many of those are mechanical vs. electronic? I'm going with a small percent, simply because of things like tire underinflation, or other maintenance issues which could also be rectified.

      So you'd have to analyze the logs of every car crash, to see if anything strange happened or identify trends. Who's going to do that? Otherwise you let the logs die with the car, and wait until a mystery pattern like this emerges. We might see a problem faster, and identify the cause faster, but all of this time and money and effort prevents how many crashes? GM just did a recall for around 10 crashes with 1 fatality. All of this *might* have saved one person's life for that particular issue. What's the return on investment there?

      In short, your proposal is the equivalent of the proctologist giving you an oral exam - it's good information to have, but useless in almost every case.

  12. And the other challenge... by BrokenHalo · · Score: 4, Insightful

    ...namely that million-dollar reward for finding the cause of unwanted acceleration is probably fairly safe if nobody will reveal their source code.

    It would be interesting if this flushed a few Real Programmers out of the woodwork, but most of them are in retirement, fly-fishing for salmon by now.

  13. Anyone by G4Cube · · Score: 2, Insightful

    got a crashed Prius to hack? If we can break DRM in a day.....

  14. DMCA Irony by Anonymous Coward · · Score: 1, Insightful

    So now Toyoa is being "accused" for using propietary software. It wasn't a long time ago when I read about some US association to declare open software "communism" and "hazardous to capitalism".

    I would love to see a court case where Toyota will sue National Highway Traffic Safety Administration due violating DMCA when trying to pry the data out from the Toyota black boxes.

    That'd be irony.

    BTW: My sympathies are on victims' and their families' side. I am sorry for their loss.

    BTW2: And in my opinion there should be an international law for making black boxes both obligatory and open format (not even tied to single company solutions like Bosch).

  15. Why should the owner get the data? by Anonymous Coward · · Score: 1, Insightful

    It's a recording device in the car intended for accident diagnosis, nothing else. Like the cockpit voice recorder in an airplane. If the car was equipped with a required-by-law voice recorder, and my spouse or teenager drives the car, I wouldn't be entitled to listen to their recorded conversations after the fact. This telemetry recording thing doesn't record conversations but it's still considered private data. It's accessible through a court order if necessary, and that's good enough.

  16. It's a military thing. by Oxford_Comma_Lover · · Score: 2, Insightful

    > But, today, with the US government being the largest shareholder in GM, I would bet that life for Toyota is going to get really bad.

    Let's be honest. The elephant in the room during the GM buyout was the production capacity. The United States cannot afford to lose the production capacity of GM, because in the event of a full scale sustained conventional war we would need its production capacity. The government buyout wasn't only about keeping money in Detroit or helping other GM stockholders or even the fact that the government often buys GM--it was absolutely necessary from the standpoint of defense. That it was done without bringing GM into the military-industrial complex is a good thing.

    On a related issue, we should be treating Detroit like it got hit with Katrina. It's probably in worse shape than New Orleans at this point.

    --
    -- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!