Slashdot Mirror
Toyota Black Box Data Is More Closed Than Others'
wjr writes "Many cars these days contain black boxes that record information (speed, accelerator position, etc) and can preserve information in the case of an accident. Ford and Chrysler say that they use 'open systems' so anyone can read out the data; General Motors has licensed Bosch to produce a device capable of reading its cars' black boxes. On the other hand, Toyota has only a single laptop in the US capable of reading its cars' black boxes, and generally won't allow the data to be read without a court order. Honda seems to have a similar policy. This is emerging as an issue in the investigation into unintended acceleration."
Wouldn't it be grand if the guys who hacked Ubisoft's latest game took on this challenge instead?
And it would be covered in extra-special awesomesauce to see the code posted to SourceForge.
John
The Japanese are protecting our privacy!!! What are you, thick?!
Hehehe.
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
I knew that and is MAIN reason I bought Toyota.
Toyota still has to comply with inserting RFID radio emitting 128 bit GUIDs from devices hidden in passenger and truck tires sold on cars in USA though, and these are used forensically when recorded on major interstates using wires grooved into the pavement by the FBI. The T.R.E.A.D. act.
The usa does enforce police , insurance company and EMS (any authority really) blackboxes on trucks, even toyota trucks, so this article is misleading. Passenger fleet is immune from big brother chips that record and only stop recording if airbag deployed.
Corvettes have 4 backup snitch chips, with 2 embedded DEEP in foam of dashboard, impossible to cut out with a knife and if wires snipped nothing runs.
We can all blame Audi cars in the 1980s. They lurched into intersections from females who drive with TWO feet, one on brake, one on accelerator. This female habit reuslted in many intersection lurch accidents. Drivers blames the car engines. Ironically no audis lurched forward into traffic when at rest when driven by males. Nevertheless, that is motivation when spy blackbox chips started getting inserted.
My last car was SPECIFICALLY selected as toyota because of their privacy rules on recording recent top speed, and max speed to chip for accident investigation or criminal charges.
This is proving to be an ongoing public relations disaster for Toyota. If they don't take meaningful action, vastly exceeding the expectations of the public, a well-respected brand name's reputation for safety/reliability is going to end up in the trash. Releasing the interface to read the black boxes contents (in read only mode) would be a good start. I don't say this as a geek who has a fetish for tabulating acceleration data, but as a nervous driver.
Yes, Toyota could be sued, but it's going to be sued anyway. Evasion won't change the outcome of the law suits, but it will go a long way to restoring their brand's reputation.
Lol @ the recent mysterious deluge against Toyota.
I prefer having breaks, steering, and not having an accelerator stick to the floor.
It seems like it was only yesterday when people were complaining that the black box data was there in the first place. Then came along the complaints on how it was being used against people in courts and in accident investigations. Then the complaint was that only certain people could get the information and you couldn't get it to clear your name or anything- even in one case where I believe the prosecutor got the information and decided it was worthless and tossed it (may be wrong on that).
Now, it seems that everything happening that would have caused a complaint is good and those not allowing it to happen is bad. Go figure.
Toyota sees only loss potentials in making an open access EDR, since more data provided in crashes means more potential liability. Therefore, they encrypt it and make it only available by court order.
Pure business (you know, excluding the human factor as usual).
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Absolutely *no* car manufacturer has your best interest at heart. Not Toyota, not Ford, not GM, not a single one of them.
Who made the SUVs that literally jumped off their tires and turtled at so much as a harsh look? Who made trucks and thought it was a brilliant idea to mount the gas tanks *outside* of the frame? Who made cars that exploded when they were nudged at the backend? Which car manufacturer computes the costs of killing some of their customers vs. spending a bit more to make each vehicle safe?
It's not just Toyota. But, today, with the US government being the largest shareholder in GM, I would bet that life for Toyota is going to get really bad.
Toyota ... generally won't allow the data to be read without a court order.
All it takes is a court order. So essentially the only thing slowing the investigations would be an unwilling Federal government.
'Political power grows out of the barrel of a gun.' - Mao Tse-tung
is their new jingle..
For justice, we must go to Don Corleone
Chill out, they only need a court order and seems the USA Federal Government is always good at giving these ones away.
No need to "hack" the box or anything like it.
kyuteSetebbeJiobs-san, Ohayoo Gozaimasu.
It's just "toyota-san," not "Mr. Toyota-san." Saying "Mr. Toyota-san" is like saying "Mr. Mr. Toyota." Of course, we might have a lot to learn from Toyota-san, so we might want to call him/her/it Toyota-sensee.
Arigato,
Nihongo no grammer nazi
P.S. this is intended as a joke and not designed to offend.
Responsibility is an addiction
Virtue is a temptation
Community is a cartel
Hah. In most cases "voluntary" means doing something with a gun to your head.
Want insurance (which you're required to have)? Better "voluntarily" open up that black box data.
Want to not be arrested? Better "voluntarily" open up that black box data.
Want to get your emissions checked? Better "voluntarily" open up that black box data.
Want to get a license for that car? Better "voluntarily" open up that black box data and let us connect it to an auto-ticketing device.
And so on....
The problem is a lot of "voluntary" things quickly become non-voluntary (i.e. forcibly waived) if you are to get standard services.
MOD PARENT UP. Thanks for saying that.
I was talking to an acquaintance at Daimler who heads a programming project for Daimler trucks. The number of processors and lines of code in a Toyota is wildly exaggerated. The actual figure is somewhat the same as in Mercedes-Benz automobiles.
Another thought: I'm guessing that this one Slashdot story will cost Toyota at least $10,000,000.
Multiply that by the hundreds of stories in other publications.
Here's how it could work:
1. Using an Ethernet jack provided by the car, you use HTTP to grab an encrypted blob. This contains the data, including a timestamp and the VIN.
2. Upload the blob to Toyota's web site. They decrypt it and store it forever.
3. Download the decrypted blob.
Download can be limited to the uploader by default, with other people only able to see that it exists. If you want a copy and you didn't perform the upload, simply get a court order.
I'm guessing that Flight Data Recorders are mandated by law for commercial aircraft. I would say that the information that they have provided over the years has been very helpful in improving the safety of air travel.
How many people were killed last year in aircraft accidents? Hundreds would be my guesstimate. How many in car accidents? Tens of thousands would be my guess. If there are a lot of people being injured in car accidents then it would seem very useful (from an economic retrun on investment perspective) to start making data recorders both mandatory and have them record specific information in a published standard format, with the goal being to better understand accident causes and improve auto safety.
Can we stop with the boring Toyota FUD articles and get back to being Slashdot? This is getting annoying. Thanks!
...namely that million-dollar reward for finding the cause of unwanted acceleration is probably fairly safe if nobody will reveal their source code.
It would be interesting if this flushed a few Real Programmers out of the woodwork, but most of them are in retirement, fly-fishing for salmon by now.
got a crashed Prius to hack? If we can break DRM in a day.....
Will Toyota stop at nothing?!
Man blir trött av att gå och göra ingenting.
So now Toyoa is being "accused" for using propietary software. It wasn't a long time ago when I read about some US association to declare open software "communism" and "hazardous to capitalism".
I would love to see a court case where Toyota will sue National Highway Traffic Safety Administration due violating DMCA when trying to pry the data out from the Toyota black boxes.
That'd be irony.
BTW: My sympathies are on victims' and their families' side. I am sorry for their loss.
BTW2: And in my opinion there should be an international law for making black boxes both obligatory and open format (not even tied to single company solutions like Bosch).
Actually, the Toyota data is not encrypted at all. It is simply saved in plain text Hiragana...
Excuse me, but please get off my Pennisetum Clandestinum, eh!
It's a recording device in the car intended for accident diagnosis, nothing else. Like the cockpit voice recorder in an airplane. If the car was equipped with a required-by-law voice recorder, and my spouse or teenager drives the car, I wouldn't be entitled to listen to their recorded conversations after the fact. This telemetry recording thing doesn't record conversations but it's still considered private data. It's accessible through a court order if necessary, and that's good enough.
All it takes is a court order. So essentially the only thing slowing the investigations would be an unwilling Federal government.
You're obviously new to how a "court order" works. If I'm in a lawsuit involving my Toyota, and I want data from my Toyota, I can get a court order for my Toyota. However, if in that same lawsuit I try to get a court order for every Toyota, Toyota the corporation is going to appeal any discovery order that it turn over all of the data from all of its cars, or even all of one model from one model year. It will appeal, and it will win. If you disagree with me on this, go sue your insurance company for a denied claim and then try to get access for all of its records of similar claims. It's simply not going to happen. As a practical matter, assuming that you could get an order for all of the EDR data, that doesn't mean much. If Toyota only has had only one laptop in the U.S.A. capable of reading the data and Toyota will only read the data with a court order, then for all practical purposes the data from most Toyota crashes is never recorded. It's just gone because there has been no physical way to record all of that data.
"There's only one laptop in the entire U.S.A. capable of reading the data" sounds like some very good lawyering to me. Toyota should have a company-wide "Hug Your Lawyer Day."
Make love, not reality television.
That's interesting. Perhaps openness is related to quality... When Toyota's quality was high (back in the '90's, they used industry standard computer interfaces). Back then, Ford and GM were both pretty shoddy and they used proprietary software. Now, Toyota's quality definitely has dropped off (I saw it back in 2002 when a friend bought a new Celica and my decade older MR2 was higher quality) and they've gone proprietary. Ford and GM quality has definitely improved, and they've gone open... Hmmm. Coincedence, perhaps...
I'm happy that Toyota is taking data security and privacy seriously.
I believe that Toyota's obstinence to providing such information to the concerned parties in the light of such serious safety issues is the result of a serious language barrier between Japanese and American English. Someone should provide the Japs with an accurate explaination of the following important sayings and terminology:
1) "We will screw you to the wall in a court of law",
2) "Gorilla Lawyer assrape",
3) "Pound me in the ass prison",
4) "Contempt Of Court",
5) "There is another nuke headed your way, in the form of a lawsuit",
6) "You don't have a choice",
7) "We're not in Japan",
8) "Supoena",
9) "De-listing"
and last, but certainly not least,
10) "North Korean Menace".
I believe that the clarification and explanation of the aforementioned terms would lead to the speedy resolution of the problems that are currently occurring with the Toyota Motor Corporation and it's products.
Knowing Google's lust for data collection, the Soviet Union is still alive and well inside the psyche of Sergey Brin....
Back in the old days, pretty much everything was mechanical, so you could feasibly dissect your car and see how everything worked. Now with computers, machine code, and embedded systems handling so many critical operations in your car, this has changed. Computers are much harder and practically impossible for engineers (who don't have huge budgets and laboratories) to dissect and reverse engineer. If the code were exposed, then it would be orders of magnitude easier for people who don't work at Toyota to figure out what is going on with unintended acceleration. It should be clear to lawmakers that:
1) All the code used in an automobiles or other system that can potentially threaten public safety should be required to be open source. All companies need to be subject to this law, not just Toyota. That way the code can be reviewed and studied by anyone who is interested in knowing how the systems work that they trust their lives with work. The law should apply to software driven (or hardware like microcontrollers and FPGAs that is flashed with software) medical devices or any code whose development is funded by taxpayer dollars. There should be some exceptions, such as software used in military applications. Don't want the enemy to have that. Bottom line in this case: we need to pass laws to force all automakers to publish all their code online so it can be peer reviewed by the people who use it.
2) The interface to automobile computers should be a widely used standard such as USB, not some proprietary interface that only 1 laptop in the USA can use. I should be able to just insert a USB stick in my car, wait for my car to download all the black box data, engine diagnostic codes, etc onto my USB stick in CSV (or other easily readable) files. Then once a light on my dashboard turns off, I'll know its safe to remove my USB stick so I can open up the files on my computer.
See this old CNET story Rocky road for car 'black boxes'.
Toyota's lack of openess about data that imperils individual privacy is no skin off of my back. If Government Motors wants to penalize Toyota for it, perhaps it should be mentioned that mandating car electronics more accessible is a bad idea. Look at how Google got hacked by China.
#-#
Ad Astra Per Aspera
A rough road leads to the stars
How much is really being saved by not having linkages to the throttle body? How many more models and manufacturers are going to be affected by funky electronic throttle controllers? What the hell happens when the pots get dirty?
--- Do you believe in the day?
I think he meant worldwide, in which case he would be an order of magnitude off.
However, if it is on I want to be able to read the data.
The only reason I should not be allowed to turn it off is if:
1) if I'm not the owner
2) if my insurance company has offered me a choice: Pay $FAIRANDREASONABLE and turn it off or pay $SOMEWHATLESS but leave it on and I take the discount. This is similar to my choice to use an anti-theft device.
I would also make an exception that I could not legally defeat any tamper-evident technology - if I have it on, it should be tamper-evident to prevent fraud. I could turn it off, I could tamper with it, I could load my own software, etc. but if I did, it would no longer be "certified" or usable in court.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Maybe I am confused. Hasn't this already been done by the after market chip makers?
http://www.performancechipsdirect.com/ Just one of many makers I found.
Car nuts have been hacking cars much longer then hackers have been hacking software.
Is he strong? Listen bud, He's got radioactive blood.
I think both opposite opinions are true.
Vehicle computer systems are complex, yes.
However, the systems are sensibly divided. There are maybe 15 in a top-of-the-line vehicle, each with its own processors, sensors, devices, and code. Raising or lowering the windows can have no effect on the fuel delivery system.
Each system is kept as simple as possible. It's not difficult to understand the needs. It's not difficult to write vehicle code that is easy to understand.
1) Learn to drive "Stick" / "Manual Clutch"
:D
2) Toyota starts a free "Kamikaze" exchange program
3) Bring in your faulty Automatic Gearbox car for a nice new Stick-shift one.
4) No more runaway cards with sticking Gas peddles!!!
5) ???
6) Profit (Well live till you get home anyway)
Problem solved
Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
Initially, these automobile black boxes weren't even intended for use as "accident scene reconstruction aids". They started out as equipment the auto makers installed for their own internal use. (It makes a useful tool for their engineers and quality people to examine post-crash data. EG. The speed a car was traveling at time of impact, to see if their "5MPH bumper" was really holding up as intended at the rated speed.) Like most things though, as soon as people figured out they were able to collect and store this data, their eyes lit up and they all wanted a piece of it for their own purposes (government, lawyers, car insurance companies, etc.).
Now, I'm pretty sure this will pan out in the end with a federal govt. mandated "standard" for black boxes for ALL cars and trucks sold in the country, with a list of required data they must keep and a length of time they must snapshot all of it. (And given today's government, I think it's safe to say they'll throw in a new law, for good measure, that makes it a serious crime to tamper with the box or disable it.)
To be honest, yes, I think Toyota was hiding some information in some of these past court cases. They've said too many inconsistent things about the data they supposedly do or don't collect for me to believe their black boxes were changed around that often, or failed to collect obviously relevant data they claimed they weren't collecting at that time.) But like the O.P. said, all of this is just "smoke and mirrors" over the REAL issue of consumer privacy.
Reality is, folks: No matter WHAT some hidden recorder box captures in your vehicle as you drive, if the car has a serious design flaw and something goes wrong, people get injured or DIE. No black box in a car has EVER saved a person's life in an accident.
> But, today, with the US government being the largest shareholder in GM, I would bet that life for Toyota is going to get really bad.
Let's be honest. The elephant in the room during the GM buyout was the production capacity. The United States cannot afford to lose the production capacity of GM, because in the event of a full scale sustained conventional war we would need its production capacity. The government buyout wasn't only about keeping money in Detroit or helping other GM stockholders or even the fact that the government often buys GM--it was absolutely necessary from the standpoint of defense. That it was done without bringing GM into the military-industrial complex is a good thing.
On a related issue, we should be treating Detroit like it got hit with Katrina. It's probably in worse shape than New Orleans at this point.
-- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!
They'll make it open as soon as we properly regulate it and require them to. And we should properly regulate it and require them to--a certain set of black box information should be publicly available for every car crash in the United States, and possibly the world, in order to identify common factors and trends. Yes, it's giving up a little privacy in exchange for an increased level of safety that there is even a black box in the car. But (1) the black box isn't going away any time soon short of a finding of a violation of Constitutional Law, and (2) the public interest in preventing accidents is more important than my interest in hiding my reckless driving. The only particularly bad thing is that insurance companies might use it to deny claims on illegal but safe driving, if the government lets them.
-- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!
I came here to say THIS. Open systems allow for the free flow of data, and as it applies to this case, if you caused a crash, you SHOULD get owned by the insurance companies. Considering how few times the NTSA/State police do accident reconstruction, this shouldn't be a worry for most people. The only time they do it is where there are severe injuries or death.
Also, for those commenters talking about modchips, etc... the "black box" is NOT the ECU. It is typically positioned in the middle of the car, under the center console. The ECU can be destroyed fairly easily, all things considered. An accident which destroys the black box in the middle of the car is a little harder.
You realize, I hope, that your car will testify against you in court.
Don't piss it off - it WILL Rick-roll your ass.
See: On Star
http://www.onstar.com/us_english/jsp/equip_vehicles/current_vehicles.jsp
Y'all like that commercial where On Star shuts your motor off and allow the Police to have their way with the driver?
(it's in the context of a stolen car)
Can't wait for the first person mistakenly tazed to death for blowing by a cruiser.
Misuse of this will soon be news.
~hylas
Yes, they could appeal, and yes, it could take a long time-- but that's how our legal system works. Long, heated debates ending in a hopefully lawful verdict. Are you trying to tell me the Federal government can't order Toyota to reveal the data on all the cars they are investigating?
'Political power grows out of the barrel of a gun.' - Mao Tse-tung
"Bottom line in this case: we need to pass laws to force all automakers to publish all their code online so it can be peer reviewed by the people who use it."
No, because (to paraphrase Clarkson) you'll end up with some guy named Keith who watches Eastenders who will decide that he knows what he's looking at and will say something is completely wrong, wasting the community's collective time.
"The interface to automobile computers should be a widely used standard such as USB"
Ask yourself this question: "Do I trust my life to a USB cable?" We have CAN, it is a fault tolerant, safety critical bus. Connecting and disconnecting devices from a CAN bus is more complicated than USB. Safety critical systems do not touch non-critical systems, you're suggesting violating one of the fundamental rules of control theory.
Blah. My sons insulin pump has a USB cable. That pump could easily kill him if it decided to pump too much insulin in him. Lots of life support systems have USB ports. Nothing new about that. Cars should too. If it is designed properly, then no signal on the USB port would put the driver in danger. The car's computer wouldn't read files off the USB drive, it would only write some plain text files onto it. They could even electrically isolate the circuitry that talks to the thumb drive with an optical link. That way if you put 10000V on the usb thumb drive, the main car computer is unharmed.
It's more likely retrievable through the OBD-II connector, which is required to be fitted in all new vehicles sold in the US.
I don't think so. With just one laptop (and likely its operator) covering the the US (North America?), it would take a day or two to bring the laptop to the vehicle. Multiply by the (likely increasing) number of court orders, and now you're dealing with delays just getting the data read out. This assumes the the data was even stored for later retrieval (and I suspect it wasn't).
The way the story initially broke, I think they've been aware of their unintended acceleration problems for a while, and was trying to resolve them quietly. They were successful until one of their executives blundered by admitting that they had a problem, then it blew up in their face. Now they're being forced into allocating more resources to deal with existing engineering problems, and additional public relations issues.
I think Toyota just didn't see the potential need for greater post-development support, or they would have been better prepared.
_must_ be publicly reviewable, allowing many eyeballs to easily (& legally;-) discover errors.
i remember when any s/w installed on classified systems _had_ to have a source code walkthru...now they've succumbed to microserfdum:-( and i understand that most cars' lans run an industrial (n/c) version on windoze:-P
the open source concept is the solution to nhtsa's problem: http://yro.slashdot.org/story/10/02/23/2022204/NHTSA-Has-No-Software-Engineers-To-Analyze-Toyota
now is the time for hackers to assume their civic duty & demand access to all s/w that operates in public;-)