Slashdot Mirror

← Back to Stories (view on slashdot.org)

Many Lexus Navigation Systems Bricked By Over-The-Air Software Update (theverge.com)

Posted by BeauHD on from the try-turning-it-off-and-on-again dept.

An anonymous reader quotes a report from The Verge: An unknown number of Lexus automobiles have seen their infotainment and navigation head units broken by a bug in an over-the-air software update from Lexus. The glitch, which was confirmed by a Lexus spokesperson, was delivered in a routine software update. In affected cars, it can cause the dashboard screen to spontaneously reset itself and, as a result, both the radio and navigation system can be unusable. It affects cars equipped with Lexus' Enform system with navigation. Lexus social media channels have been flooded by frustrated owners, but the company has been unable to give any estimates for when the problem will be resolved. The company also couldn't say whether customers will see the problem fix itself with another software update or if they will need to head into dealers to get it fixed. Some users on Twitter have reported success with disconnecting their battery for a few moments to force a reset of the system.

69 of 110 comments (clear)

  1. Obligatory nitpick by Yosho · · Score: 5, Insightful

    The company also couldn't say whether customers will see the problem fix itself with another software update or if they will need to head into dealers to get it fixed. Some users on Twitter have reported success with disconnecting their battery for a few moments to force a reset of the system.

    If a reset of the system can fix the problem, it's not bricked. If a software update can fix it, it's also not bricked.

    "Bricked" means it is completely unrepairable and useless as anything other than a brick.

    --
    Karma: Terrifying (mostly affected by atrocities you've committed)
    1. Re:Obligatory nitpick by Anonymous Coward · · Score: 1

      Totally agree. If anything the head units are b0rked.

    2. Re:Obligatory nitpick by sinij · · Score: 2

      Further nitpick - even if you could fix it with some degree of disassembly (e.g. removing CMOS chip) it is still considered bricking. Typically, bricking is related to software issues. As such, the question is - would disconnecting the car battery (hardware fix) disqualify this issue from getting categorized as bricking?

    3. Re:Obligatory nitpick by Anonymous Coward · · Score: 1

      Just because your car doesn't have a reset button (shudder) doesn't mean that disconnecting the battery to reboot the software is an hardware fix.

    4. Re:Obligatory nitpick by sinij · · Score: 1

      Interesting point. So should cars have a reset button? Seems there is a clear case for one.

    5. Re:Obligatory nitpick by Aaden42 · · Score: 3, Interesting

      Personally I draw the line at grease and/or needing tools. If I can't do it with my bare hands or get dirty in the process, it's become a hardware problem. If pulling the battery fixes it, that's not "bricked," but it's gone a bit beyond a software problem if I need a wrench and get sulfuric acid salts on my hands in the process.

    6. Re:Obligatory nitpick by courteaudotbiz · · Score: 1

      "Bricked" is a very relative term.

      For a non-tech and non-mechanic user, this update bricks his infotainment system.

      At the garage, it is not bricked, they probably have a procedure for a full reset of the system.

    7. Re:Obligatory nitpick by Mashiki · · Score: 4, Interesting

      Well in this case disconnecting the battery can be hit or miss, depending on the vehicle. Disconnecting the battery is the equivalent of a hard reboot(in some cases), in others it's a soft reboot because it'll try to update/go previously recorded settings. In the very worst cases, it'll get stuck in an upgrade loop. Also some ECU's kick into a failsafe mode and go back to the previous non-updated version. Some will revert to the last known working state from sensors/active states from the other ECU's(transmission/ABS/etc) and go from there while recording the error(s). In other cases it'll operate with the last known settings and then start throwing a "service engine" or similar warning light after a little while. That's basically meant to get you as far as a dealership.

      Anyway in 90% of cases the entire ECU pack is sealed so it's not something you're going to be fixing with some disassembly. In the very assholish case, you have to replace all ECU's on the vehicle. Everything from the vehicle's center console, to transaxles/transmissions to specific engine computers or body computers(for airbags). So really you could put this down as it is a bricking, or it isn't a bricking all depending on what the auto manufacture has done.

      --
      Om, nomnomnom...
    8. Re:Obligatory nitpick by DoofusOfDeath · · Score: 1

      If a reset of the system can fix the problem, it's not bricked. If a software update can fix it, it's also not bricked.

      I disagree. "Bricking" a Nexus is the thing that happens when its driver illegally parks in a handicap spot. Or so I'm told.

    9. Re:Obligatory nitpick by thegarbz · · Score: 1

      The company also couldn't say whether customers will see the problem fix itself with another software update or if they will need to head into dealers to get it fixed. Some users on Twitter have reported success with disconnecting their battery for a few moments to force a reset of the system.

      If a reset of the system can fix the problem, it's not bricked. If a software update can fix it, it's also not bricked.

      "Bricked" means it is completely unrepairable and useless as anything other than a brick.

      A couple of twitters users say it worked also doesn't mean it's a fix.

      This is actually just fine use of the word bricked. Right now users are shit-outta-luck until someone can come up with a fix, IF someone can come up with a fix.

    10. Re:Obligatory nitpick by Khyber · · Score: 1

      "Just because your car doesn't have a reset button (shudder) doesn't mean that disconnecting the battery to reboot the software is an hardware fix."

      If you need to disconnect hardware to make software work, it's a fucking hardware fix for SHIT SOFTWARE CODE.

      EG. Lexus has no fucking clue what it's doing.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    11. Re:Obligatory nitpick by Joce640k · · Score: 1, Insightful

      Idiots change the meaning of words all the time. It's what they do best.

      And if you think you don't use any words in a way that makes your grandparents cringe ... you're one of them.

      --
      No sig today...
    12. Re:Obligatory nitpick by Joce640k · · Score: 2

      Have you tried turning it off and on again...?

      --
      No sig today...
    13. Re:Obligatory nitpick by CimmerianX · · Score: 1

      If you can even get to the battery.... with newer cars, the days of shadetree mechanics are long gone, how long is it before removing the connectors fromt he posts will require special tools.

    14. Re:Obligatory nitpick by fustakrakich · · Score: 2

      Lexus has no fucking clue what it's doing.

      They don't need a clue. They are selling cars. Next year's models will be more expensive to cover for this year's defects.

      --
      “He’s not deformed, he’s just drunk!”
    15. Re:Obligatory nitpick by stealth_finger · · Score: 2

      That may be the definition you use, but the definition we use around our office is "we currently don't know a way to get it working again". It's a subtle difference, but maybe somebody will figure out a software update to fix it and thus "unbrick it", but at the moment it's as useful as a brick.

      What you should be saying is borked.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    16. Re:Obligatory nitpick by stealth_finger · · Score: 4, Insightful

      If you can even get to the battery.... with newer cars, the days of shadetree mechanics are long gone, how long is it before removing the connectors fromt he posts will require special tools.

      Before too long you want even be able to open the bonnet without specialised tools.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    17. Re:Obligatory nitpick by Anonymous Coward · · Score: 1

      Then you're ab idiot too. You're speaking a version of English with all sorts of spelling, punctuation and meaning differences from what people did in the 1800s.

    18. Re:Obligatory nitpick by Desler · · Score: 1

      English is not and never has been a static language.

    19. Re:Obligatory nitpick by David_Hart · · Score: 2

      That may be the definition you use, but the definition we use around our office is "we currently don't know a way to get it working again". It's a subtle difference, but maybe somebody will figure out a software update to fix it and thus "unbrick it", but at the moment it's as useful as a brick.

      What you should be saying is borked.

      I'm thinking that the term that you are looking for is that the software update causes the system to "freeze" or "lock-up", rather than become "bricked".

      Basically, the term "bricked" is getting the "hacker" treatment, same as any word once it starts being used as a common term, part of the vernacular, if you will...

    20. Re:Obligatory nitpick by Dishevel · · Score: 1

      iCars.

      --
      Why is it so hard to only have politicians for a few years, then have them go away?
    21. Re:Obligatory nitpick by BDF · · Score: 1

      Bricking means that the SOFTWARE OR OPERATING SYSTEM of a device has been destroyed in such a manner that no interface remains that would allow a user to revert the change or reset the device to a factory image. If hardware must be replaced to resolve the issue, it is bricked. If software must be reloaded (and can be without hardware replacement), it is borked. Misusing the term bricked leaves one looking like either a liar or an idiot. The headline should be corrected.

    22. Re:Obligatory nitpick by BDF · · Score: 1

      Shall we compare your net income with Lexus' net income? Seems they know a bit more than you do.

    23. Re:Obligatory nitpick by Khyber · · Score: 1

      I own mines and other businesses and make a good deal of money. Money != correctness.

      Some other idiot tried that same bullshit in an argument about the passivation of titanium being entirely pointless. "They don't get paid to be wrong" he said.

      And then I proved them wrong by demonstrating that non-passivated titanium implants can cause implant rejection disease.

      I've been working with electronic hardware longer than Lexus itself has existed, three years longer in fact.

      I'm more qualified to diagnose this as a hardware fix by matter of experience.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  2. Car manufacturers don't understant InfoSec by sinij · · Score: 5, Insightful

    Car manufacturers do not understand InfoSec and should not be networking cars. It is only matter of short time until someone reverse-engineers update mechanism, inevitably discovering that they did not implement code signing and integrity checking, craft malicious update and bricks (or worse) cars equipped with such functionality.

    More so, in 15 years your networked car could still be on the road. Even if 2015 best-practices are followed, by 2030 how resistant do you think such over-the-air update functionality going to be to, for example, quantum-capable attackers?

    1. Re:Car manufacturers don't understant InfoSec by Viol8 · · Score: 2

      This x10.

      Mod points for parent please.

      These idiots are just shifting Oooh-shiny systems that look good in the dealership to clueless idiots. Luckily its only the infotainment - if it had been the entire dashboard and or one or more critical systems then the car could have been undrivable.

    2. Re:Car manufacturers don't understant InfoSec by ShanghaiBill · · Score: 2

      Car manufacturers do not understand InfoSec and should not be networking cars.

      That may be true, but it has nothing to do with the problem described in TFA. This was just a good old fashioned bug, not a security flaw. It was caused by poor coding and inadequate testing, not poor security.

    3. Re:Car manufacturers don't understant InfoSec by ledow · · Score: 1

      Yep.

      I have a new car. But it's one that has none of this auto-update junk on it.

      Pretty much, update or compromise requires physical access to the internals of the car (game over already), or for the engine to be started (again, game over). There is no remote-start (was an option, removed), there is no over-the-air update (update via physical SD card placed in in-car slot when engine is first started with ignition keys), the attack surface is pretty damn low even for a high-tech car.

      Hell, the in-car entertainment / bluetooth doesn't start until the engine is started from key, and the only other thing is the OBD port which is mandated but - hopefully, from what I've seen - almost entirely read-only except to "clear engine warning lights" which come back on if there's a fault anyway.

      I don't get why you would WANT over-the-air-updates in a car, it just sounds dangerous. My car has in-car sat-nav. I take it to the dealer or buy an SD card from them and put it in myself. How hard is that, honestly?

    4. Re:Car manufacturers don't understant InfoSec by Anonymous Coward · · Score: 1

      In my experience if the testing process fails to identify functionality bugs it's definitely missing security bugs.

    5. Re:Car manufacturers don't understant InfoSec by Khyber · · Score: 1

      "by 2030 how resistant do you think such over-the-air update functionality going to be to, for example, quantum-capable attackers?"

      If I'm still using wi-fi, quantum crackers aren't going to do shit because they're not entangled with my data stream because my data stream cannot be entangled, I utterly (likely) lack the hardware for such a thing to happen.

      Do you even understand the basics of Quantum computing?

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    6. Re:Car manufacturers don't understant InfoSec by MachineShedFred · · Score: 3, Informative

      You would be surprised what you can do with an OBD2 port. On the new F-chassis BMWs (2012+ depending on model) the in-car CANBUS system will measure resistance and voltage on certain pins, and if it sees what it expects, that port stops doing ODB2 and starts signalling ethernet and TCP/IP to talk to diagnostic software.

      They weren't stupid enough to do over-the-air updating, but you can build a cable or buy one for ~$30 to start poking around in the firmware, and even upload values to change how the car behaves in slight ways - turning off the govt. required nanny warnings that display for stupidly long times every time you start the car, increase the short-press on the turn signal stick from 3 blinks to 5, enable rolling up the windows and closing the sunroof if you hold the lock button on the keyfob, etc.

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
    7. Re:Car manufacturers don't understant InfoSec by sinij · · Score: 2

      You are over-estimating your understanding of quantum computing. To simplify - quantum chips will replace your CPU, not network card.

      The issue is that Shor algorithm would effectively solve factorization problem, making any kind of signature-based code signing obsolete. Without breakthrough the solution would be megabytes-long signatures that would not be compatible with any of the existing implementations. This is just one problem based on what we know today, then there are 15 years of expected but unpredictable progress.

    8. Re:Car manufacturers don't understant InfoSec by Grishnakh · · Score: 1

      Sounds similar to my new car (Mazda 3). There's no remote-start (it's an add-on option that very few people bother with; it is keyless like any new car however), there's no over-the-air updates at all (you have to put the update on a USB thumb drive), and the only kind of network access is through your Bluetooth phone, and like you said, that doesn't even start until the engine is started by having your "key" within sensor range (i.e., inside the cabin). It's also only used for a few apps, such as the Pandora app, and of course for hands-free calling, reading texts, etc. The sat-nav is all on a separate SD card.

      The only crappy things are that you have to go to the dealer to either get a system software update (the early versions were rather buggy), and updating the sat-nav maps is expensive (I think you get a couple freebies at first). However, if you know where to look you can download both on the internet and do it yourself for free.

      The other nice thing is the infotainment is running Linux and is easily hackable (once you're physically connected using a USB-to-Ethernet adapter), so lots of people have come up with some handy tweaks and improvements for the system.

    9. Re:Car manufacturers don't understant InfoSec by ShanghaiBill · · Score: 1

      In my experience if the testing process fails to identify functionality bugs it's definitely missing security bugs.

      In my experience, testing for functionality, and testing for security, require completely different test vectors, and the tests for each are done by different people.

    10. Re:Car manufacturers don't understant InfoSec by Anonymous Coward · · Score: 1

      As noted by others, the OBD port is a wide portal to the car. It *is* read/write, and has no real security in its specification. Since it's accessed pretty much every time the car is serviced (unless the oil change geek just uses the Vulcan Nerve Pinch combination needed to reset service reminders otherwise), and the laptops and other systems used for that ALSO have little or no security, the chances of any car less than 20-some years old (OBD2 started in the early-mid 1990s) not having malware already in it are pretty slim. The main question is what can be done with it. If your car has no remote access to things (even locks) and no computer access to key systems (such as older hydraulic steering, and an all-mechanical throttle linkage), then the malware just sits there unable to be used - fail for the hacker due to failure to communicate. If there *is* some kind of remote access, which there is in every car built recently (even yours ... do you have federally-mandated tire pressure warning? Door locks you can trigger with a fob? Bluetooth that links to your phone when on? You have remote access...), the malware installed in the shop through OBD, with or without their knowledge, can be used for things, even as simple as opening the door lock on demand for a thief. Don't be so sure you know what's going on, young master.

    11. Re:Car manufacturers don't understant InfoSec by Anonymous Coward · · Score: 1

      And on a BMW i3 you can make the gas tank larger in the US (it is ~2.5 gal in ROW, in the US it is software limited to 1.9 gals to meet CARB requirements), turn on the generator manually instead of only at 6.5% remaining charge (again, a US CARB requirement), enable the AM radio (shipped disabled because BMW engineers decided there was too much electrical noise in the car and that dropped the quality below acceptable standards, so instead of fixing it they disabled it), and much more. All through an ethernet-OBD2 cable.

      You can also do the things mentioned in MachineShedFred's post.

    12. Re:Car manufacturers don't understant InfoSec by Viol8 · · Score: 1

      "and the tests for each are done by different people."

      Hahahaha. Yeah, sure, maybe in the text books!

    13. Re:Car manufacturers don't understant InfoSec by EndlessNameless · · Score: 1

      Most manufacturers run all devices on a shared communications bus.

      An attack that applies to the infotainment system can reach the ECU, traction control, etc fairly easily.

      Autonomous cars are even scarier in this light because the terrain sensors and navigation unit will be exposed.

      I would hope they fix this before selling fully autonomous vehicles, but we have already gone decades with inertia winning over security.

      --

      ---
      According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
    14. Re:Car manufacturers don't understant InfoSec by EndlessNameless · · Score: 1

      If they don't do enough QA to catch a bricking bug, I can guarantee you they did not spend money developing a secure architecture either.

      Automotive systems security is a joke. In some cars, it is literally nonexistent. Most of them didn't even use code signing the last time I checked.

      On my vehicle in particular, anyone with physical access can plug into the ODBC connector and wipe the ECU. Not just reset---wipe. As in instabrick, call a tow truck.

      And my car has Bluetooth integration so phones can play calls and music over the speakers, which means it may be exploitable from the outside. Everything is on an unsecured CAN bus. At this point, I'm really just hoping no one bothers exploiting a car with somewhat limited domestic sales.

      --

      ---
      According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
    15. Re:Car manufacturers don't understant InfoSec by EndlessNameless · · Score: 1

      That should say ODB port. Guess the muscle memory is too strong.

      --

      ---
      According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
    16. Re:Car manufacturers don't understant InfoSec by BDF · · Score: 1

      The article first says the device was bricked, but then clarifies that it only causes random reboots.

      Android sent an update a couple months back that did the same thing -- I don't recall anyone claiming it bricked millions of android phones....

      Yes, it sucked. But it clearly did not brick anything.

      This is just an example of poor QA prior to release.

    17. Re:Car manufacturers don't understant InfoSec by OffTheWallSoccer · · Score: 1

      Luckily its only the infotainment

      At least on some models it extends to the heating and cooling controls. My buddy's 2014 Lexus SUV was affected, and the A/C and fan controls were unavailable. Lexus said he could either disconnect/reconnect the battery or bring it in to the service dept. He chose the latter, and they "fixed it" in 45 minutes.

  3. that's a $50,000 Toyota for you by known_coward_69 · · Score: 4, Insightful

    underneath the buzzwords and the snobby sales experience it's still a Toyota for a $10,000 premium over a regular Toyota but that is how they make your money, their money

    1. Re: that's a $50,000 Toyota for you by Anonymous Coward · · Score: 1

      In the same way a cadillac is a more expensive chevy, and an Audi is a more expensive skoda. Besides, you say that like a luxury focused Toyota is a bad thing.

    2. Re:that's a $50,000 Toyota for you by thegarbz · · Score: 2

      Yep $10000 well spent for comfort. It may still be a Toyota underneath and have a Toyota engine (that's a good thing), but there's a world of luxury available in the Lexus range that you couldn't buy with any money in Toyota's and I'll be dammed if those $10000 aren't worth it when you compare it to other luxury cars.

    3. Re:that's a $50,000 Toyota for you by Anonymous Coward · · Score: 1

      Yep $10000 well spent for comfort.

      Or you could just spend the $30 on a doughnut shaped cushion if 'comfort' is a real problem with your medical condition.

    4. Re:that's a $50,000 Toyota for you by known_coward_69 · · Score: 1

      yeah, ok i know people with a Lexus RX and it's nothing more than a Camry/Avalon station wagon that's higher off the ground. my in laws have a late model one and the Nav system sucks compared to smartphones. the seats aren't that much better than my Honda. it's nothing more than an upsell and a way to get money out of old people who want to think they accomplished something and treat themselves

    5. Re:that's a $50,000 Toyota for you by MachineShedFred · · Score: 1

      Yeah, I'd hate to have all that reliability of a Toyota with extra comfort and a service plan that takes care of everything except fuel and tires.

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
    6. Re:that's a $50,000 Toyota for you by known_coward_69 · · Score: 1

      it's $30 for an oil change for my Honda CR-V. WTF is there to service on a $50,000 car that's supposed to have top notch reliability and no major service requirements until 100,000 miles? it's like when best buy tries to sell you that awesome TV and then the warranty because the TV is now so bad it will break all the time

    7. Re:that's a $50,000 Toyota for you by thegarbz · · Score: 1

      my in laws have a late model one and the Nav system sucks compared to smartphones

      You could spend $300000 on the best of luxury and this would still be the case. It's a sad state in the car industry. About the only wiggle room you have these days is things like interior finish, automation (climate control vs ability to set temperature), features integrated into the crap dash, etc.

      In this regard low end Lexuses are much like high end Toyotas. That said some of the higher end sedans have no Toyota equal. My neighbour has an ES and my girlfriend's parents an Avalon from the same vintage. Aside from the minor differences in looks they are very similar... including the fact that they were withing $1000 of each other when they bought them. But beyond that, well Toyota don't sell a V8 sedan with 480bhp or anything that equals the next 5 models down in price. There's a very low ceiling for Toyota luxury which is exactly the point of having a luxury brand within the same company.

      Personally I wouldn't own a Lexus because I can't justify the expense for luxury for what to me is a tool to move around. But if someone forced my hand, give me a Lexus over a BMW any day, you get much more bang for your buck.

    8. Re:that's a $50,000 Toyota for you by known_coward_69 · · Score: 1

      i've checked them out and seems Lexus and Acura give you a passenger electronic seat as well as seat memory settings for different people. and a different engine program for more power all for that $10,000 premium i have a honda CR-V and can't tell the difference between it and the Acura RSX

    9. Re:that's a $50,000 Toyota for you by Ol+Olsoc · · Score: 1

      But if someone forced my hand, give me a Lexus over a BMW any day, you get much more bang for your buck.

      But do you have the Lexus attitude? Gotta have the Lexus attitude.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    10. Re:that's a $50,000 Toyota for you by MachineShedFred · · Score: 1

      You do know that proper service is more than just changing the oil and filter right? How much do brakes cost? Radiator flush and fill? Brake fluid flush and fill? Transmission service? Differential service if it's all wheel drive? Tire rotation and re-balance? Alignment?

      There isn't a car manufactured that "has no major service requirements until 100,000 miles". Maybe that's the interval for the timing belt, but you aren't going to go 100k without having to do all of the things I've listed above.

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  4. Re:Can you put aftermarket radios in cars anymore? by Desler · · Score: 1

    Yes.

  5. this is absurd. by nimbius · · Score: 4, Funny

    as a lexus driver im accustomed to certain quirks but this is unreal. First the car comes with "turning signals" which honestly I dont see any reason to use, and now the GPS, my only means of figuring out how to make a left turn against 5 lanes of traffic at 90 miles per hour is broken?! Whats next?? youll tell me the little L on the front of my car hasnt doesnt give me godlike powers over traffic?

    --
    Good people go to bed earlier.
  6. the delaer can fix it and do other updates for $$$ by Joe_Dragon · · Score: 1

    the delaer can fix it and do other updates for $150 + labor.

  7. What about data roaming where a 1-2 GB update can by Joe_Dragon · · Score: 1

    What about data roaming where a 1-2 GB update can cost as much as an new car in data roaming fees?

  8. And then you have the idiots.... by Rick+Zeman · · Score: 1

    ...who video their displays WHILE THEY'RE DRIVING.

  9. What about cars auto staring in the garage to run by Joe_Dragon · · Score: 1

    What about cars auto staring in the garage to run updates / re change battery's (hybrids).

    Let's some acts like the laptop bios updates and says must have engine on to reduce risk of a battery failing / some systems are only on with key on mode and there is some kind of anti battery drain system that may kick in with out the engine on?

  10. Re:Can you put aftermarket radios in cars anymore? by MachineShedFred · · Score: 4, Informative

    It depends on the make, and model. Some asshole manufacturers have the CANBUS running through the head unit (radio) so that if you remove it, things like the power windows stop working. I saw a Dodge truck like this once, and there was enough room in the dash that the owner just shoved the unit back in far enough that he could plug the speaker wires into a new unit that he mounted in the dash - that was the only way to get it done without buying some $300 aftermarket unit that could replicate the CANBUS functions in the radio.

    Other manufacturers play nice and don't do stupid shit like that, so YMMV.

    --
    Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  11. I told you so by smooth+wombat · · Score: 1, Insightful

    I pointed out this very flaw in a comment not too long ago:

    https://slashdot.org/comments....

    Why anyone would let an unknown person send random software to a vehicle I bought and own any time they want without me knowing it is simply begging for this type of situation.

    People are upset about Microsoft forcing updates on them, they should be equally upset at car manufacturers or anyone else who does the same thing.

    But I'm sure there will be hypocritical excuses for why this is acceptable despite large portions of the /. community who would go on a rampage if this were done to their home machines.

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
  12. Welcome! by Ol+Olsoc · · Score: 1
    To the internet of Things, valued customer! How may we randomly bitch up your system today?"

    Get ready for it people, and buy AV software for your cars.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  13. Recovery Mode... by amxcoder · · Score: 1

    What they need to do, is open the right door while holding the brake pedal down as they re-apply power to the vehicle.
    Once it powers on, they open the trunk to enter recovery mode where they can flash the infotainment system back to it's stock kernel! Fixed!

  14. Service Department by ThatsNotPudding · · Score: 1

    "Service Department, have you tried disconnecting and reconnecting the battery?"

  15. It's a bad idea... by Macdude · · Score: 1

    Automatic Updates on any sort of mission critical system is a bad idea. Over the Air automatic updates are even worse.

    How bad does the situation have to get before people will start to build in proper security starting from the design stage. Every industry using electronics in their products needs to hire a bunch of paranoid security engineers and give them veto power over everyone else.

    --
    "Grab them by the pussy" -- President of the United States of America
  16. Re:What about cars auto staring in the garage to r by mink · · Score: 1

    They cant autostart AFAIK. Starting them still requires you to push the power button. The keyfob is required to be within 15-20 feet (from my experiance with a 2010 Prius rental) and unless you want the care stolen no one leaves it in the car lose.

    --
    Well I've wrestled with reality for thirty five years doctor, and I'm happy to say I finally won out over it.
  17. Re:What about cars auto staring in the garage to r by Joe_Dragon · · Score: 1

    What about in your home with the keys in a cup near the car but inside?

  18. Re:Can you put aftermarket radios in cars anymore? by Cramer · · Score: 1

    Or don't buy in to Lexus Enform.

  19. Re:What about cars auto staring in the garage to r by Cramer · · Score: 1

    Actually, it can. In later models, it's part of the Lexus Enform system. That "power button" is just a simple momentary contact that tells the computer to "go". The computer (part of it) is always running to see that button press. You aren't turning a large, high current racecar kill switch. That said, they won't autostart to "charge the batteries", mostly because the charge monitors are on when the car is "off".

    (If that were the case, my totalled HS would've been starting itself every few hours to recharge the partially shorted 12V battery. The high voltage traction batteries don't run the ECU. Also, that's the only time in 5 years I've seen that car "boot". And no, the clips in the fuse box for "jump starting" aren't enough to start the car; you need to get to the actual battery.)