Ford Tests DIY Firmware Updates

← Back to Stories (view on slashdot.org)

Ford Tests DIY Firmware Updates

Posted by Soulskill on Thursday March 8, 2012 @09:26AM from the what-could-possibly-go-wrong dept.

wiredmikey writes "This month, Ford is borrowing something from the software industry: updates. With a fleet of new cars using the sophisticated infotainment system they developed with Microsoft called SYNC, Ford has the need to update those vehicles — for both features and security reasons. But how do you update the software in thousands of cars? Traditionally, the automotive industry has resorted to automotive recalls. But now, Ford will be releasing thirty thousand USB sticks to Ford owners with the new SYNC infotainment system, although the update will also be available for online download. In preparing to update your car, Ford encourages users to have a unique USB for each Ford they own, and to have the USB drive empty and not password protected. In the future, updating our gadgets, large and small, will become routine. But for now, it's going to be really cumbersome and a little weird. Play this forward a bit. Image taking Patch Tuesday to a logical extreme, where you walk around your house or office to apply patches to many of the offline gadgets you own."

44 of 164 comments (clear)

Min score:

Reason:

Sort:

Don't worry guys! by fuzzyfuzzyfungus · 2012-03-08 09:29 · Score: 5, Funny

Just leave at least one wireless interface active and I'll handle all the updates for you!

Sincerely, B. Hat,
Honest Gentleman
1. Re:Don't worry guys! by masternerdguy · 2012-03-08 09:59 · Score: 2
  
  On the bright side manual firmware updating = easy way to put custom firmware on the device. Linux for your truck anyone...
  
  --
  To offset political mods, replace Flamebait with Insightful.
2. Re:Don't worry guys! by fuzzyfuzzyfungus · 2012-03-08 12:17 · Score: 2
  
  In retrospect, it is darkly humorous that the 'cypherpunks' of the 80's and 90's thought that strong cryptography would be a force in favor of either freedom or privacy...
3. Re:Don't worry guys! by Ihmhi · 2012-03-08 15:10 · Score: 3, Interesting
  
  Custom ECUs (basically the main computing unit in a car) already exist. It used to be that you'd have to remove a manual piece of the car to get rid of pesky things like speed limiters - now that stuff is coded in software.The car enthusiasts decided to go all Wozniak on these bitches and just make their own car computers.
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
Patch Tuesday... by LoudNoiseElitist · 2012-03-08 09:30 · Score: 4, Funny

"Play this forward a bit. Image taking Patch Tuesday to a logical extreme, where you walk around your house or office to apply patches to many of the offline gadgets you own."
I'm assuming by the time we need to upgrade firmware or software on our refrigerators, toasters, coffee makers, and toilets that they'll all be sentient and just do it themselves.
1. Re:Patch Tuesday... by plover · 2012-03-08 09:36 · Score: 3, Funny
  
  Hey, I have a 10 year old ordinary Ford pickup, and I recently had to reboot it. The transmission wasn't leaving 2nd gear (a.k.a. the "safety" gear), so when I stopped at the next intersection, I shut the engine off, waited five seconds, then turned it back on. It was fine after that.
  I have no idea what went wrong, only that a reboot fixed it. I'm just glad I was able to choose the circumstances, rather than have the truck decide to update itself in the middle of the road because it forgot it wasn't in the garage.
  
  --
  John
2. Re:Patch Tuesday... by LoudNoiseElitist · 2012-03-08 09:48 · Score: 2
  
  Weird that you replied to my post with this problem. I have this same (or similar) problem with my Explorer. Did the OD light start blinking or stay on? Mine does this, and turning the truck off and back on fixes it. The bad part is that it only gets worse, and now I'm lucky to get to work without it kicking in. I've had it not want to shift out of second a few times, but usually it just doesn't want to downshift when accelerating, meaning you have to floor it just to get moving from a stop.
  It's apparently a sensor issue, and it only gets worse. From what I've researched, it also means a new transmission to fix, at least that's what they'll tell you. I haven't found anyone locally that can fix the sensor.
3. Re:Patch Tuesday... by geekoid · 2012-03-08 10:02 · Score: 2
  
  Or the sensor is fine, it's just getting bad data from a faulty transmission.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
Wait a minute there... by 14erCleaner · 2012-03-08 09:30 · Score: 5, Funny

Since when does an automobile entertainment system need security updates? Oh, the wonders of Microsoft...

--
Have you read my blog lately?
1. Re:Wait a minute there... by toadlife · 2012-03-08 09:37 · Score: 2
  
  Sync is a lot more than a fancy radio control interface.
  http://www.ford.com/technology/sync/features/
  If think it's a bit naive to think that a piece of software could be written within typical commercial time and resource constraints and have no bugs.
  
  --
  I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
2. Re:Wait a minute there... by Sir_Sri · 2012-03-08 09:40 · Score: 2
  
  since you could try and buffer overflow an input?
  Even if the system is completely disconnected from everything else on the car, it would still be problematic to have your entertainment system crash constantly.
  Even if the system itself is read only (which has it's own problems) it could still crash if it tries to read in bad data.
  Whenever you use an existing platform you accept that there's going to be some problems, some fixable, some not, in an era of software you have no excuse for not fixing known problems. With hardware, well, other than replacing the unit there isn't much you can do, and it's not worth replacing hardware if it fails on a bad codec or a corrupted file or whatever.
3. Re:Wait a minute there... by X0563511 · 2012-03-08 09:48 · Score: 2
  
  The real solution here is to make sure the entertainment system is totally decoupled (or read only enforced with hardware) the systems that operate the vehicle itself.
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
4. Re:Wait a minute there... by mrquagmire · 2012-03-08 09:52 · Score: 5, Interesting
  
  It's not a security update. This update is more like a complete rewrite and has very little to do with Microsoft. You see, for their first attempt Ford decided to outsource the project to a company called BSQUARE who put the UI together using Adobe Flash Lite. For some reason, the results were slightly less than stellar.
  
  Anyway, the preliminary reviews of the new version sound promising so I am at least a little hopeful. I am still quite frustrated, however, that I've had to deal with such awful software for well over a year on a brand new vehicle that cost almost $40k.
  
  --
  giggity
5. Re:Wait a minute there... by gstoddart · 2012-03-08 09:56 · Score: 2
  
  Anyway, the preliminary reviews of the new version sound promising so I am at least a little hopeful. I am still quite frustrated, however, that I've had to deal with such awful software for well over a year on a brand new vehicle that cost almost $40k.
  That, unfortunately, is a problem with being an early adopter.
  This strikes me as the kind of stuff you wait for version 3 before you buy it. Because if this is essentially a rewrite, it's likely still a Steaming Heap of Innovative Technology with an entirely new set of bugs.
  
  --
  Lost at C:>. Found at C.
6. Re:Wait a minute there... by masternerdguy · 2012-03-08 09:57 · Score: 2
  
  Yep. Its very possible to craft an mp3 that can setup a buffer overflow and execute some arbitrary code. Just recently it turned out the Kindle Fire could be jailbroken by such an attack. Id rather not have unpatched vulnurabilities in a car anyway.
  
  --
  To offset political mods, replace Flamebait with Insightful.
7. Re:Wait a minute there... by sparkyradar · 2012-03-08 10:00 · Score: 3, Interesting
  
  Well, the hardware was made by Sony, so "update" means:
  a) remove functionality
  b) rooting and snitching on your usage
  c) adding requirement for cryptic, lightning-fast keypresses to perform even the most-basic functions, like turning on
  c) new TOS to prevent suing
  I cannot think of a better Marriage Made in Hell than Sony and Microsoft. B*stards forever :-)
8. Re:Wait a minute there... by geekoid · 2012-03-08 10:04 · Score: 3, Funny
  
  I would argue that if gave an unreasonable deadly for a hello world program, many of them would have a bug of some sort.
  "You have 1 minute to write a hello world program...45 seconds of which will be in a meeting to be sure every one knows what is taking place.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
9. Re:Wait a minute there... by Anonymous Coward · 2012-03-08 10:06 · Score: 2, Funny
  
  You mean putting a Bluetooth device running Windows on the same CANBus that runs your car's door locks, steering lock, ignition, fuel injection, electronic power steering, braking and throttle and etc. etc. etc. wasn't a good idea after all?
  Wow, who saw that one coming?!
  Remember, folks, CANBus does not have any authentication; any device on the bus can send arbitrary packets to anything else on the bus. Putting a wireless device on there is probably not a great idea.
10. Re:Wait a minute there... by AmberBlackCat · 2012-03-08 11:21 · Score: 3, Interesting
  
  It reminds me of years ago when my brother bought a Sharp Zaurus. It was our first experience with a Windows operating system on a handheld organizer, Windows CE. It was also the first time we saw a handheld organizer lock up. It's amazing how Microsoft can get car companies, who are trying to earn a reputation for quality and reliability, to put this software in their products.
11. Re:Wait a minute there... by LordLimecat · 2012-03-08 19:46 · Score: 3, Insightful
  
  Maybe the problem is that touch screens are absolutely terrible in situations where you cant devote your whole attention to them. I can adjust basically everything in my '03 car without taking my eyes off of the road because of this fancy feature called "tactile feedback" which comes standard with all the knobs in my var.
  Try doing that with your fancy touch screen. Bonus points if its anywhere near as responsive as the knobs.
*digs out cell* by AuralityKev · 2012-03-08 09:33 · Score: 3, Funny

"Yeah, boss? I can't come into work today. My Ford Focus just BSOD'd in my driveway."
1. Re:*digs out cell* by Anonymous Coward · 2012-03-08 09:48 · Score: 2, Informative
  
  You joke, but the Ford Fusion at least has a "limp home mode" that recently required a visit to the stealership. The diagnosis: throttle body for $900. Had them just clear the code and the car has gone thousands of miles since. The actual cause? A dead battery. A dead battery is a common failure mode and should not throw spurious diagnostic codes that disable the vehicle until reset by the dealership.
2. Re:*digs out cell* by Tongo · 2012-03-08 14:34 · Score: 2
  
  We have a 2011 Ford Explorer with Sync and Nav. It has a BSOD (Black Screen of Death). It also perform "System Maintenance", which is just a reboot, mid drive. The issue isn't necessarily the MS Software, but the flash based user interface designed by a third part. It was a giant piece of shit. Also, it's not 30k USB sticks, it's 300,000 USB sticks, plus SD cards for anyone with Nav.
Re:Wi-Fi? by SirGarlon · 2012-03-08 09:34 · Score: 5, Insightful

What could possibly go wrong with a capability to wirelessly update your car's firmware?

--
[Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
Re:Wi-Fi? by TraumaHound · 2012-03-08 09:36 · Score: 2

The vehicles do have wi-fi and Bluetooth. I can, for example, tether my phone to my vehicle which will, in turn, create a hotspot that other wi-fi devices can connect to (in the days of mobile iPhone and Android hot spots, this seems like a pretty unnecessary feature).
I would imagine that Ford is already sweating the self-server USB updates enough that they wouldn't want to risk over-the-air updates on the first go-round.
Give it a few years.
my car crashed by v1 · 2012-03-08 09:37 · Score: 3, Insightful

no, really. no, not like that. I was just running this firmware update and now there's a note on the dash telling me there was a problem and I need to restart my car? but when I turn the key it won't start anymore?

--
I work for the Department of Redundancy Department.
1. Re:my car crashed by Em+Adespoton · 2012-03-08 10:40 · Score: 3, Funny
  
  At least you didn't get the blue windscreen of death....
2. Re:my car crashed by v1 · 2012-03-09 05:37 · Score: 2
  
  The word "bricking" is used for electronic devices which can't be fixed by taking them apart. With a car you'd just change the ECU or whatever.
  I think most people would consider replacing a car's internal module to be "taking apart".
  A more general description of "bricking" would be "requiring service not normally intended to be performed by the average user".
  "service" broadens the scope to include things like replacing internal modules, electrical repair, reflashing firmware, reseating an internal cable, pressing an internal reset button, doing something under the "warranty void if removed" sticker, accessing an option in a hidden menu, etc. But not to include steps specifically considered "normal user maintenance" like changing the air filer or topping off the wiper fluid or "regular scheduled maintenance" such as rotating tires or changing sparkplugs. (where we start to get into a grey area, regular maintenance overseen by the average user, by a professional)
  Your definition of "average user" appears to be overly-broad. The average user doesn't troubleshoot and replace an ECU on their own.
  
  --
  I work for the Department of Redundancy Department.
Re:Wireless updates by MMAfrk19BB · 2012-03-08 09:41 · Score: 2

Or, if they could be updated like the Kindle (3G or WiFi), Ford could handle them all without the owner getting involved. And they wouldn't need to mail out 30,000 USB sticks or CDs.
Plus, Ford could then get real feedback from how the car is performing.
Because no one ever took advantage of short-sighted manufacturers that aren't security-conscious to do anything malicious to a car. Oh, wait... Also, awesome insurance scam in the works if you can do a hostile takeover of a rich guy's car (the ones that will probably have cars with Wi-Fi) and make him get into a rear-end accident. BAM! Sweet-ass cash truck from his rich guy insurance agency. No cop will believe "My car got hacked."
Magnuson-Moss/bricking your car? by Torodung · 2012-03-08 09:41 · Score: 2

Goodbye Magnuson-Moss, it was nice knowing you! A service pack for your car. Good luck with that. What if it bricks your car? How much does a replacement dashboard computer cost after warranty, due to a faulty update? Who is liable for that if it happens?
Has anyone seen the EULA for this thing? If it isn't significantly different from normal software EULAs, I'm avoiding this sort of technology like the plague.
Re:Wi-Fi? by Sir_Sri · 2012-03-08 09:42 · Score: 3, Insightful

seems more like the sort of thing that should be done routinely when you get your maintenance done, but then mechanic shops would need to have computer techs on staff, and replacement parts for when things go badly.
But wait: How to drop from 5th to 23rd place... by phonewebcam · 2012-03-08 09:42 · Score: 5, Interesting

...in the JD Power IQS Customer Satisfaction Rankings:
"Ford went from a fifth place ranking in the 2011 J.D. Power Initial Quality Study to a mediocre 23rd place showing this year. Sister-brand Lincoln took a similar nosedive, falling from eighth place all the way down to 17th place this year. ... Not surprisingly, MyFord Touch was the biggest contributor to Ford's fall from grace. "
And who designed the MyFord touch? Give you one guess.
1. Re:But wait: How to drop from 5th to 23rd place... by UberOogie · 2012-03-08 09:59 · Score: 5, Interesting
  
  Holy crap. I made a joke in my head about rebooting a car, but MS has again found a way to make truth stranger than fiction (from the wiki):
  "For new car owners whose MyFord Touch systems crash, both Ford dealerships and Ford-sponsored websites have been recommending that owners disconnect the black (negative) lead to the battery for several minutes, reconnect, then run the car for at least five minutes to reboot the MyFord Touch system. Owners have complained that this is extremely inconvenient, even dangerous in many situations, and should not be required of owners who have paid tens-of-thousands of dollars for their new cars."
  
  --
  "Enough of this wretched, whining monkey life." -- Marcus Aurelius, _Meditations_, Book 9, 37
2. Re:But wait: How to drop from 5th to 23rd place... by Anonymous Coward · 2012-03-08 10:14 · Score: 3, Informative
  
  Holy crap. I made a joke in my head about rebooting a car, but MS has again found a way to make truth stranger than fiction (from the wiki):
  "For new car owners whose MyFord Touch systems crash, both Ford dealerships and Ford-sponsored websites have been recommending that owners disconnect the black (negative) lead to the battery for several minutes, reconnect, then run the car for at least five minutes to reboot the MyFord Touch system. Owners have complained that this is extremely inconvenient, even dangerous in many situations, and should not be required of owners who have paid tens-of-thousands of dollars for their new cars."
  As mentioned in many other places, the User Interface software (Which is the crappy part) was written in Flash by a company called BSQUARED, and is pretty much unrelated to the Windows CE underpinning supplied by Microsoft, or the rest of the car designed by Ford...
  
  But hey, when has the truth ever stopped any Microsoft bashing around here?
3. Re:But wait: How to drop from 5th to 23rd place... by afidel · 2012-03-08 10:20 · Score: 3, Informative
  
  It's not Microsoft's fault. The OS is fine (Sync never had anywhere near the problems that Touch has had). The problem is the Flash based UI designed by outsourcing firm BSQUARE that was the major problem for Touch.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
4. Re:But wait: How to drop from 5th to 23rd place... by CanHasDIY · 2012-03-08 11:06 · Score: 2
  
  "For new car owners whose MyFord Touch systems crash, both Ford dealerships and Ford-sponsored websites have been recommending that owners disconnect the black (negative) lead to the battery for several minutes, reconnect, then run the car for at least five minutes to reboot the MyFord Touch system
  
  As much as it chagrins me to jump to the defense of either company, I can tell you from professional experience that pulling the negative cable for 3-5 minutes has been a valid diagnostic tool/repair ever since they started putting computers in cars.
  
  Owners have complained that this is extremely inconvenient, even dangerous in many situations, and should not be required of owners who have paid tens-of-thousands of dollars for their new cars.
  
  No more dangerous than your typical 16-year-old.
  
  Idiot car owners are a lot like idiot users: They don't understand thing 1 about the system they're using, but they won't hesitate to jump your ass and bitch endlessly the first time it does something they don't like.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
5. Re:But wait: How to drop from 5th to 23rd place... by Compaqt · 2012-03-08 21:31 · Score: 3, Interesting
  
  Why should car owners have to understand anything (I'm not talking about the need to change the oil or keep up the tire pressure).
  Why should they have to understand the "need" for a reboot?
  Rebooting may well be a valid diagnostic technique, but it doesn't make it any more acceptable for the car manufacturer. Their anger was not directed at you as a mechanic. Their anger is directed toward the maker who can't get a car to run in the 21st century without "crashing".
  
  --
  I'm not a lawyer, but I play one on the Internet. Blog
Re:Wi-Fi? by Curate · 2012-03-08 09:50 · Score: 2

They should have put Wi-Fi onboard. Park the car in your garage or driveway, hope on your home network, voila.
I enjoyed this typo. It is eerily appropriate.
No way! by miffo.swe · 2012-03-08 09:51 · Score: 4, Insightful

There is no friggin way i would let Microsoft anywhere near my car. They have a much too bad track record for that. This is something that makes me take two large steps away from any Ford car. I was entertaining getting a Ford but after having read this, no way in hell.

--
HTTP/1.1 400
Re:Wireless updates by hawguy · 2012-03-08 09:53 · Score: 2

Or, if they could be updated like the Kindle (3G or WiFi), Ford could handle them all without the owner getting involved. And they wouldn't need to mail out 30,000 USB sticks or CDs.
Plus, Ford could then get real feedback from how the car is performing.
Because no one ever took advantage of short-sighted manufacturers that aren't security-conscious to do anything malicious to a car. Oh, wait...
Also, awesome insurance scam in the works if you can do a hostile takeover of a rich guy's car (the ones that will probably have cars with Wi-Fi) and make him get into a rear-end accident. BAM! Sweet-ass cash truck from his rich guy insurance agency. No cop will believe "My car got hacked."
A USB stick that arrives through the mail is hardly more secure than a Wifi update. It could even be less secure since an attacker could drop 10,000 of them in the mail anonymously without having to risk physical proximity to the car he's trying to hack.
Hopefully Ford uses digital signatures to validate the integrity of an update before the car will accept it, but signature validation works equally well (or poorly) whether its a USB Flash update or Wifi update.
Horrible Summary is Horrible by Thelasko · 2012-03-08 09:56 · Score: 4, Informative

Whoa guys! Ford has been allowing end user firmware upgrades since the SYNC system was rolled out. The salesman even told me how to do it when we bought my wife's car two years ago. I've even done it myself through the Ford website. Also note, that this upgrade does not change the ECU, only the SYNC system. Also note, that this mass USB stick mailing is for MyFordTouch, not SYNC (MyFordTouch is built on top of the SYNC system, but includes a touchscreen, and are commonly confused).

In summary:
User firmware upgrades !new
User firmware upgrades !experimental
Mass USB mailings !SYNC
The only thing experimental is the mass mailing of USB sticks.

--
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
Car Computer Analogy by Cro+Magnon · 2012-03-08 10:05 · Score: 2

Either one is highly vulnerable to bad drivers.

--
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Re:Wi-Fi? by lgw · 2012-03-08 10:17 · Score: 2

Firmware updates are already routine in dealership stops. If you have a recently-built car that you take to the dealership for service, and you look closely at the invoice, you'll often see a handful of "recalls" that were done for free, and that the service advisor didn't even mention. Most of these are firmware fixes.
My brand new luxury car has an annoying problem with the transmission not wanting to downshift occasionally (you can see other threads about such problems, apparantly a common problem these days). My service advisor told me "Yeah, we know about this, the service manager has the same problem on his car. Sorry, we don't have a firmware update from the manufacturer yet." Brave new world.

--
Socialism: a lie told by totalitarians and believed by fools.
If Americans have to reboot their cars... by brusk · 2012-03-08 13:09 · Score: 2

...will Brits have to retrunk them?

--
.sig withheld by request