Slashdot Mirror

← Back to Stories (view on slashdot.org)

Software Is Eating the Auto Industry (strategyanalytics.com)

Posted by msmash on from the shape-of-things dept.

Roger Lanctot, writing for research firm Strategy Analytics: There are many more opportunities in cars today for things to go wrong as software takes over an ever-expanding array of functionality from the car stereo to enhanced safety systems and the vehicle powertrain. There are software bugs, updates, conflicts and, lately, cybersecurity vulnerabilities to worry about so it is perhaps no surprise that software is figuring in vehicle recalls. In the latest update of software-based recalls from CX3 Marketing, software-based recalls crept up higher again in 2016, surpassing 6M vehicles. It's a small portion of the overall total but it is growing -- especially as a proportion of the total. This expanding crisis in vehicle recalls is both good news and bad news for the automotive industry. The good news is that software recalls can often be corrected with over-the-air software updates. The bad news is that auto makers are in the very earliest stages of deploying software updating technology and, particularly in the U.S., they have yet to sort out conflicts with state-level dealer franchise laws that require warranty service work such as software updates be handled by dealers. The expanding role of software and the growing number of software-related recalls reflects an emerging battleground in the industry. The creation of software is expensive and labor intensive and also poses an ownership question. Starting approximately 10 years ago with BMW and Intel's mutual effort to bring Linux into cars on a larger scale via the GenIVI Alliance, auto makers have been seeking to segregated hardware from software in such a manner that hardware could conceivably be relegated to sourcing from contract manufacturers (like Flextronics) and software development costs could be reduced by sharing code. At the same time, car makers have sought to take ownership of the code written for their vehicles. Car enthusiasts have taken issue with the ownership question, asserting their right to modify vehicle software as they see fit. That particular struggle is yet to be resolved but has gained new life as more tinkerers experiment with home-grown self-driving car technology.

101 comments

  1. Dealers have to die out by nospam007 · · Score: 3, Insightful

    Soon. It's time. Nobody needs obnoxious vendors who didn't even read their own fucking prospectus.
    What we need is some showrooms and then we buy directly at the manufacturer's site online.
    After all that's what the dealers are doing, besides those brands who have thousands of unsold cars laying around they the have to pay customers thousands to take off their hands.

    1. Re:Dealers have to die out by Anonymous Coward · · Score: 0

      Sure. I'm sure they will disappear right after real estate agents do. Both offer a service that adds very little value while costing you thousands of dollars as a middleman.

      Sure, if you don't know a fucking thing about cars or houses they can clue you in a bit. But for the most part, zero value added.

    2. Re:Dealers have to die out by JohnFen · · Score: 2

      Dealers are very easy to avoid, though. Just buy your cars used from real people. I've been doing that my whole life, except once when I bought one from a dealer. That one was the only lemon I got stuck with.

    3. Re:Dealers have to die out by JohnFen · · Score: 1

      they can clue you in a bit

      I think you misspelled "they can take you for a ride".

    4. Re:Dealers have to die out by Anonymous Coward · · Score: 1

      They can stick around for those who want their 'knowledge' and 'advice', but the rest of us should be able to buy direct.

    5. Re:Dealers have to die out by tquasar · · Score: 1

      There was a time when you could select the options you wanted. My dad ordered a truck with the engine, clutch, transmission, and suspension he wanted. Today you must buy a package that has all the crap the mfgr. adds. Crapware, I've read that term somewhere before....

    6. Re:Dealers have to die out by ShanghaiBill · · Score: 2

      Sure. I'm sure they will disappear right after real estate agents do.

      Bad analogy. You can sell or buy a house without a RE agent. There are no laws preventing you from doing that. But in many states, it is illegal to sell a new car if you are not a government sanctioned dealer.

      Comparing real estate agents to car dealers is like comparing making love to rape. In either case you get fucked, but the difference is consent.

    7. Re:Dealers have to die out by MBGMorden · · Score: 1

      Indeed.

      It's basically a needless service that gets mandated through paperwork.

      That's not even for the sales - it applies to the service too. Since this article talks about software: my new vehicle has one of the new info-tainment systems built it where it does bluetooth, interfaces with my phone, etc. It's pretty neat - when it works. The problem is half the time I plug in my phone and the screen just goes black. Unplug it, replug. Screen goes black again. TURN THE VEHICLE OFF, then back on, and it'll work.

      That's annoying. I'm sure it's software related, but is there a patch available? I don't know. The manufacturer doesn't post any release notes or version histories. They won't let you download an update. The only way to find out anything is to "take it to the dealer".

      Same with the damned remove for unlocking the doors. You can buy a new one on eBay for $25 . . . . but only a dealer can program them. Oh and if they ever die you can't just use the key (which I did with my last car for many years after the remotes stopped working). If you unlock the door with the key . . . the alarm sounds. Completely valid key that goes with that vehicle, but using the key to unlock the door sets off the alarm.

      --
      "People who think they know everything are very annoying to those of us who do."-Mark Twain
    8. Re:Dealers have to die out by R3d+M3rcury · · Score: 1

      Not entirely true.

      You can go to the dealer and order the exact car you want. The dealer will either find it (if it's been built and exists in the area) or will order it from the factory. Of course, you will have to wait.

      That said, the dealer will push you to "settle" for one of the cars at the dealership. "You don't really want a stick shift, right? Tell you what, we'll offer you the automatic for the same price!" So if you want to drive a brand new car off the dealership that day, you have to settle for what they have. If you absolutely, positively, have to have those options, then it shouldn't be a big deal to wait a few weeks, right?

    9. Re:Dealers have to die out by FooAtWFU · · Score: 1

      I can imagine a manufacturer sending you a notice of a recall in the mail. In the same envelope, they include an explanation that you could get this update over the air with no effort in $(nearby_state), and include a business-reply-mail envelope with a form letter addressed to your state congressmen: "Dear Rep. Bork. I just went ___ miles out of my way and spent an extra ___ hour(s) getting a software update at a dealership instead of wirelessly. Please change this law."

      --
      The World Wide Web is dying. Soon, we shall have only the Internet.
    10. Re:Dealers have to die out by MoarSauce123 · · Score: 2

      Most states will require a change in law for this to happen. Tesla found out the hard way not being allowed to sell directly to customers. It is one of these cases where successful lobbying put a law on the books that at first sight seems reasonable, but really is only there to protect a select group from any market changes. In all fairness, dealers are far more than sales these days. Last time I bought a car I pointed to the car on the lot that I wanted, took it for a test drive, and then agreed to purchase it. From then on the dealer did everything including getting me a better loan than I had secured, do all the paperwork with the insurance, all the crap with DMV, the state inspection, warranty, and what have not. The entire process took two hours. If I had to do this all on my own I would have needed more than an afternoon off from work costing me way more than the 120$ I paid as processing fee. If you are unsatisfied with a dealer, tell them and go somewhere else. They tend to have a lot of competition and they go to lengths to make a sale. You might still think the dealer is a loonie, but if that takes a few thousands off the final price it will be a gain for you and enough punishment for them.

    11. Re:Dealers have to die out by sjames · · Score: 1

      Make sure to keep it current. Add releasing __ pounds of carbon into the atmosphere.

    12. Re:Dealers have to die out by toddestan · · Score: 1

      There's still the problems with the options packages. You can't just buy the options you want, you have to buy a package with a whole bunch of things lumped together. Nowadays they've limited the number of configurations (usually grouped into a small number of "tiers") and available colors to the point where I would be surprised if a decently large dealer didn't have a specific configuration of a popular model in their stock.

  2. So how about... by Anonymous Coward · · Score: 0

    ... not stuffing cars to the gills with software, but, you know, let the fscking things be cars?

    That'd be too simple, eh.

    1. Re:So how about... by toonces33 · · Score: 1

      People like to have a fancy infotainment system (with tons of embedded software). The like to have a TFT instrument cluster instead of the old mechanical/analog ones that older cars used to have. And it isn't just that. There are tons of other tech options - each of which requires lots of software, and I haven't even gotten to the engine/transmission yet.

    2. Re:So how about... by JohnFen · · Score: 1

      I wish! But that appears to be a pipe dream.

      I'm just hoping that self-driving cars make owning a car unnecessary before I can't find (relatively) software-free ones anymore.

    3. Re:So how about... by Luthair · · Score: 1

      The infotainment system doesn't need to be integrated with a million different things and really shouldn't be since it makes replacing them near impossible.

    4. Re:So how about... by liquid_schwartz · · Score: 2

      ... not stuffing cars to the gills with software, but, you know, let the fscking things be cars?

      That'd be too simple, eh.

      Next you're going to suggest that phones should be primarily for making phone calls.

    5. Re:So how about... by green1 · · Score: 2

      Depends what features you want. Modern cars often have all sorts of functionality that requires various tie-ins.
      For example, I find it extremely handy to be able to vent my sunroof from the app on my phone, that needs integration between infotainment and the sunroof. I also like being able to turn on and adjust the climate control remotely, so it needs a tie to the HVAC system.
      Some of these other features are maybe more "gimmicky" but I can also unlock the doors and enable keyless driving remotely, these are kind of handy, but I could live without them.

      But it's also a matter of usability, the infotainment screen is probably the largest and easiest to use screen in the car, so any setting you can control, seems like a logical place to do so, it's either that or you're stuck choosing between adding a whole extra settings screen which is only rarely used, or using very clunky steering wheel controls
      in conjunction with the dash display, which is rather unintuitive.

      But once we get cars with more autonomy, we'll want even more tie-ins. Early self-driving will do simple things like pull out of your garage and meet you at your front door, or park in a parking lot at the mall after dropping you at the door. That needs some pretty deep integration. And a full self-driving vehicle would be able to drive across out of town and pick up your kid from summer camp, that's a lot of integration.

      So sure, you don't need to integrate everything together, but if you don't you sacrifice a lot of the newer features and customization.

    6. Re:So how about... by Anubis+IV · · Score: 1

      Honestly, a better headline would have been "Software Is Eating *", given that software is eating anything and everything.

      In some cases that's a good thing, such as dedicated phones and music players going away as we've replaced them with apps on our pocket computing devices. In other cases that's a bad thing, such as with smart TVs that abuse their newfound ability to gather personal information before becoming obsolete far short of the product's intended lifespan.

      People used to joke about putting software in toasters and refrigerators, but that's today's reality.

    7. Re:So how about... by Anonymous Coward · · Score: 0

      I'm still using a nokia 6310 and a 6210, both primarily for making and receiving calls and sending and receiving text messages. And there's the landline phone that literally cannot do anything but making voice calls with. Alright, if it had been a nice and heavy bakelite model it might've doubled as a home defense weapon, but it's not, so I'm just glad I live in a relatively safe country. Of course "smart"phones primarily exist to make you burn way overpriced data plans for no reason, which is exactly why I don't have either.

      Sent from my desktop computer, with a decent screen and a sensible keyboard, while relaxing with a nice cup of tea.

    8. Re: So how about... by Anonymous Coward · · Score: 0

      Nope. Smartphones are for porning.

    9. Re:So how about... by Luthair · · Score: 1

      For example, I find it extremely handy to be able to vent my sunroof from the app on my phone, that needs integration between infotainment and the sunroof. I also like being able to turn on and adjust the climate control remotely, so it needs a tie to the HVAC system. Some of these other features are maybe more "gimmicky" but I can also unlock the doors and enable keyless driving remotely, these are kind of handy, but I could live without them.

      Why are these tied to the head unit? You aren't even in the car.

      The trouble is that manufacturers don't keep your head unit up to date, you're lucky if they even get the system work correctly before they abandon support.

      Nothing dates a car more than its electronics, go play around with a 5-10 year old car. Heck, people are spending $500+ on some of these cars for boxes that add simple bluetooth because the head unit cannot be replaced.

    10. Re:So how about... by green1 · · Score: 1

      Why are these tied to the head unit? You aren't even in the car.

      Apparently you missed this part:

      But it's also a matter of usability, the infotainment screen is probably the largest and easiest to use screen in the car, so any setting you can control, seems like a logical place to do so, it's either that or you're stuck choosing between adding a whole extra settings screen which is only rarely used, or using very clunky steering wheel controls in conjunction with the dash display, which is rather unintuitive.

      You're correct that there's a big problem with aging electronics in vehicles. The average age of a car on the road these days is 10-12 years, just imagine using a 10-12 year old cell phone on a daily basis! But that said, it isn't insurmountable. Things like Android Auto are a step in the right direction, my phone is likely to be updated, if the car can basically provide a big touchscreen, speakers, and a microphone, those things don't need to be outdated quickly. Couple that with a proper API for interacting with vehicle systems through a secure gateway, and you could allow the phone to keep all that stuff without relying on the car's electronics.

      The biggest problem so far with automotive electronics is that manufacturers haven't really taken them seriously, they've been somewhat of an afterthought. That's (slowly) changing, and I think things will get better.

  3. Safety recalls, and feature changes by green1 · · Score: 1

    The other major issue is that manufacturers insist on tying safety and security updates to functionality changes.

    For example, on my Tesla it was determined that if you connect your car to a rogue wifi AP and open the web browser an attacker can gain root access on the car. To solve that issue though I'd have to agree to Tesla nerfing autopilot and making the whole UI exponentially worse. I've chosen instead not to connect the car to random access points or use the web browser on unknown sites.

    On an old fashioned car if there was a problem with the stereo, they'd never change the functionality of your cruise control and move all the interior switches around to solve it.

    1. Re: Safety recalls, and feature changes by WindBourne · · Score: 1

      Bear in mind that it was not just surfing, but the worm was actually on the wifi. How many wifis do u hook up to, other than ur home? We only use our home and I setup so as we are not broadcasting out on out street.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    2. Re: Safety recalls, and feature changes by green1 · · Score: 1

      The exploit required using the browser, not just connecting to wifi. It appears it was really a browser exploit, but making you connect to a compromised wifi was the only way to guarantee you'd go to the page with the correct payload, as you could be redirected.

      The problem with saying you only use your own wifi though is that all tesla cars automatically connect to the service wifi, and you can't turn that off. It's easy for an attacker to spoof that ap and know you'll connect whether you like it or not.

    3. Re: Safety recalls, and feature changes by WindBourne · · Score: 1

      nope.
      It actually required that you were connected to a cracked wifi, and then used the browser to go ANYWHERE. You did not have to hit a certain page. It is NOT a direct browser exploit like we see in MS Exploders. The fact is, that the browser had an opening it should not have.
      The hack requires the car to be connected to a malicious WiFi hotspot and is only triggered when the car's web browser is used.
      And no, tesla does NOT automatically hook up to service AP. The tech has to hook them up. In addition, in order to hack Tesla's AP, you need PHYSICAL access. It is possible, but not likely, that it will happen.

      The other exploit was cracking your phone and then getting you to enter in your information.
      Personally, I am more concerned about the later since Tesla regularly requires you to re-enter your password when new software comes along. In doing that, it makes it quite easy to strip it from either android or iphone

      --
      I prefer the "u" in honour as it seems to be missing these days.
    4. Re: Safety recalls, and feature changes by green1 · · Score: 1

      You specifically state that you have to visit a web page, which is exactly what I stated. That proves that this is a browser exploit, otherwise you wouldn't have to open the browser. The point about a malicious WiFi access point, is simply a way to make sure your browser visits the page that they want you to visit when you open it. Otherwise they would have no way of forcing you to go to the malicious page. But with a malicious access point they can force any page load to go to the specific malicious page they want. As for the service access point I can 100% guarantee that your car will always connect to the service WiFi. It is one of the wifi networks stored in the car and it will always connect to it no matter what. There is absolutely no possible way you can convince your car not to connect to that access point (short of hacking in to the vehicle as I have) Considering that the WPA key for that access point is well known, it is easy for an attacker to spoof that particular access point.

      The fact that you're more concerned about someone pulling login information off of your phone proves that you are completely naive when it comes to security. The risk of that happening is far below someone spoofing the access point of the service network. The former requires that you do something stupid by letting someone access your phone. The latter requires simply that you use normal functionality of the vehicle and use the built-in web browser while connected to a network that you can't tell your car boot to connect to.

      Physical access is required only to open a webpage, something you might do for them if they set up in the right place at the right time. Now there are other methods into the car that do require physical access, those ones I'm not particularly concerned about. The exploits that require you to completely disassemble the dash and rewire the network connections inside are not something that I'm worried about an attacker doing. It is however something I've done myself to gain access to the software on my own vehicle.

      Trust me, I've investigated this thoroughly as I have full root access on the instrument cluster, centre display, and gateway computers of the car and have analyzed the software it contains. In my particular case I've blocked access by both hackers using this exploit and by tesla themselves using their normal access, but most people can't do that and rely on the updates tesla releases, which means they're at the mercy of whatever other changes tesla wants to bundle in with the security updates.

    5. Re: Safety recalls, and feature changes by WindBourne · · Score: 1

      First off, I worked on USA PATRIOT act. Even now, I am trying to get CONgress to go after the REAL back-doors for how Russia is getting in, as opposed to the little garbage that they currently pursue. I suspect that I know a bit more about security then you do.

      Secondly, I said you can go to ANY web page. The exploit is NOT from HTML or other resource parsing. It is through a different mechanism. The fact of having the browser open and having seen ANY SITE, is all that is needed. This was NOT a typical attack, and in addition, it was HIGHLY unlikely to occur, since it would require idiots to connect to any wifi out there, and that it was COMPROMISED.

      Thirdly, when the phones app requires that you enter in a password, it is fine when it was FIRST downloaded. Why? Because 99.9...% of the ppl will enter the password shortly after downloading from playstore/apple site. The issue becomes when later on it supposedly auto updates and it requires a password again. That makes it EASY to spoof this. The fact that you do not find one of the most heavily used routes of breaking into computers, is very concerning and indicates that you have no idea of what security is.

      Finally, saying that you have root on a tesla that you own, or more importantly, that you have PHYSICAL ACCESS TO THE INTERIOR, is a joke. That is like saying that you can log into your phone. BFD. With tesla, you just plug a keyboard/mouse into the usb and you are a normal person it. Then you plug your laptop into the side port that gives you access to the higher ethernet, while allowing easy access to CAN. Is this hard? Heck no. It is TRIVIAL. OTOH, good luck breaking into a tesla without the key, or without breaking a window. And then you will have to listen to a loud alarm while working on cracking it.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    6. Re: Safety recalls, and feature changes by green1 · · Score: 1

      As you obviously have zero grasp on how software or networking work, nor any experience with either computer security in general, or Tesla's systems in particular, I see no reason to continue this conversation.

      To summarize: tesla vehicles always connect to the service wifi automatically without user intervention. If you connect to a compromised ap and visit any webpage, the compromised ap can redirect you to a malicious site and the malicious site can then use a browser exploit to give the attacker root access on the car.

      If you think getting root access to the computers in a Tesla is easy, please post an image of the diagnostic screen in your vehicle with the vin visible for confirmation (to prove you didn't take one of the known screenshots from the internet) You talk a big game, but it's obvious from what you're saying that you can't walk the walk.

      Anyway, I'm done discussing this with you, it's not with my time discussing any further with someone so I'll informed on the topic at hand.

  4. Regulation by Anonymous Coward · · Score: 0

    FAA regulates what kind of software can run on airplanes and it isn't a stretch to imagine deaths occurring due to poorly written software in cars. Of course car manufactures will make the consumers sign a document limiting liability as prerequisite to purchase.

    1. Re:Regulation by mikael · · Score: 1

      Your vehicle crosses the equator in autonomous mode and does a U turn the minute latitude changes sign. Then you are stuck in a car doing loops until manual mode is reactivated.

      --
      Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
  5. Not good news by JohnFen · · Score: 4, Interesting

    The good news is that software recalls can often be corrected with over-the-air software updates.

    Nope. No OTA updates for me. I don't trust companies to have access to my car (or computer, for that matter) any time they want. If I can't disable the communications channel, I'm not buying the car.

    1. Re:Not good news by Anonymous Coward · · Score: 0

      Well John, I guess you won't be buying a new car ever again.

    2. Re:Not good news by jbmartin6 · · Score: 1

      Exactly, now your car can crap out and you'll have no idea. If it craps out while leaving the dealer's lot after an update at least you have a pretty good idea what happened. We've seen so many times reliable software with few to no bugs is beyond human ability. Why would you allow on the fly updates to something as critical as your car? Oh yeah, because the same rule means they will screw it up in the first place. Nuts.

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    3. Re:Not good news by JohnFen · · Score: 1

      Probably not. That's fine, though, because I really dislike buying new cars. My concern is when these things trickle down into the used car market.

    4. Re:Not good news by Anonymous Coward · · Score: 0

      Just wait, soon any taxes related to your car use will be metered by a black box and communicated using a mandatory link, along with the similarly mandatory communication channels with the road infrastructure and other vehicles. OTA channels, they will be everywhere.

    5. Re:Not good news by danomac · · Score: 1

      Didn't we just have an article on here about an OTA (or network) update disabling TVs? I really wouldn't want that happening to cars...

      Just wait until some hacker sends an OTA update to disable vehicles... then maybe shit will hit the fan?

      Really stupid decision.

    6. Re:Not good news by Anonymous Coward · · Score: 0

      You can always sever the antenna and the device doesn't "know" it's been disabled. Systems like OnStar get mad if you disable them in certain ways, but crippling the antenna doesn't trigger any internal protection.

    7. Re:Not good news by Anne+Thwacks · · Score: 2
      My concern is when these things trickle down into the used car market.

      They probably won't. 59 seconds after the warranty expires, they will be dead as dodos.

      And security bug fixes will stop after the third one - just like phones.

      --
      Sent from my ASR33 using ASCII
    8. Re:Not good news by Anonymous Coward · · Score: 0

      Absolutely. OTA is a bug, not a feature. I can't think of anything at all I would need OTA for. I don't even buy nav in cars, since they charge $1500 for something a $99 Garmin can do better. A good example of OTA failure is the Win10 forced update debacle. That's the LAST thing I am going to tolerate on a car I paid for.

    9. Re:Not good news by Anonymous Coward · · Score: 0

      You say that like it's a bad thing. He won! A vendor says "it's my way or the highway" and he says "no, it's my way or the highway, let's see who blinks first." Used cars are easy to find, but I wonder how dealers will keep the lights on and the property tax paid, if they start telling paying customers to fuck off.

      We all know how that one goes. Hollywood basically made "fuck you, customers! we don't need your fucking money! go spend it on something else! WTF, did you just try to pay me?! NO! [spits money at customer] Don't you ever fucking try to pay me again!" their industry slogan and I can't even remember when I last spent money on (or saw ads on) movies or TV. It's a daaamn nice highway and I regret that I didn't take their "fuck off" advice years earlier. The more contempt the auto industry shows for customers, the sooner someone is going to figure out how to download a car.

    10. Re: Not good news by WindBourne · · Score: 1

      Chill out. For example, on Tesla, u can kill ota of both WiFi and 3/4g. I'm sure others will follow suit soon enough.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    11. Re:Not good news by Mr.+Shotgun · · Score: 1

      Didn't we just have an article on here about an OTA (or network) update disabling TVs? I really wouldn't want that happening to cars...

      Two articles actually. At least in the smart lock case there was still the manual option of a normal key, the tv users were screwed. Hopefully these car manufacturers are taking notes and designing their system that if the update fails the car still retains it's "car" functionality, like starting and driving. You're point about a hacker sending code to break a vehicle is a valid one, but imagine being some dude working a 9-5 who can't get into work for a couple weeks because the manufacturer bricked his car with a real update. That has it's own dimension of suck.

      --
      Of all tyrannies, a tyranny sincerely exercised for the (supposed) good of its victims may be the most oppressive
    12. Re:Not good news by Jeremi · · Score: 1

      Why would you allow on the fly updates to something as critical as your car?

      Well, you wouldn't -- you'd download the update automatically, perhaps, but you'd get the user's explicit permission before applying the update. That way the user can decide when or if applying the update is worthwhile (e.g. do it after an important trip, rather than before).

      Pretty much the same way it is done with cell phones and MacOS/X OS updates, no?

      --


      I don't care if it's 90,000 hectares. That lake was not my doing.
  6. Hungry software... by __aaclcg7560 · · Score: 2

    Yesterday it was JavaScripting eating the Internet, today it's software eating the auto industry. That's just the software. The hardware must be starving.

    1. Re:Hungry software... by dmomo · · Score: 1

      Seriously, i came here to say just this. Is the eating analogy devouring slashdot?

    2. Re:Hungry software... by K.+S.+Kyosuke · · Score: 2

      The headline actually said that "Javascript [was] eating the world". Since Javascript is (a subset of) software and the auto industry is a subset of the world, this new headline contains no new information since the old one already subsumes it.

      --
      Ezekiel 23:20
    3. Re:Hungry software... by Anonymous Coward · · Score: 0

      Hungry hungry creimer is eating out slashdot trolls.

    4. Re:Hungry software... by Anonymous Coward · · Score: 0

      Editors, please stop some of the colloquial shit that's been creeping more and more into the summaries. It distracts from the real content (if any).

    5. Re:Hungry software... by Anonymous Coward · · Score: 0

      JavaScript powered cars coming to a road near you.

    6. Re:Hungry software... by __aaclcg7560 · · Score: 1

      Hungry hungry creimer is eating out slashdot trolls.

      I try to avoid eating empty calories whenever possible.

    7. Re:Hungry software... by zifn4b · · Score: 1

      The headline actually said that "Javascript [was] eating the world". Since Javascript is (a subset of) software and the auto industry is a subset of the world, this new headline contains no new information since the old one already subsumes it.

      So basically nothing new on Slashdot for the past 20 years then? :)

      --
      We'll make great pets
    8. Re:Hungry software... by Hognoxious · · Score: 1

      You're a hoot at parties, aren't you?

      That's a hypothetical question.

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    9. Re:Hungry software... by K.+S.+Kyosuke · · Score: 1

      Considering that I don't attend parties, yes, I've never been to a party yet where I wasn't a hoot. So you're correct.

      --
      Ezekiel 23:20
    10. Re:Hungry software... by Anonymous Coward · · Score: 0

      You prefer writing empty ebooks and posts instead.

    11. Re:Hungry software... by Anonymous Coward · · Score: 0

      How about a mouthful of tranny cum? She'll love you for it!

    12. Re:Hungry software... by Anonymous Coward · · Score: 0

      Too bad since it goes perfectly with your empty head.

    13. Re:Hungry software... by Anonymous Coward · · Score: 0

      Yeah, except every morning when you inhale that skinny vanilla latte, huh?

    14. Re:Hungry software... by Anonymous Coward · · Score: 0

      Pacman ate pixels, overdosed on too many power pills, had delusions that he was being chased by ghosts, changed genders, and eventually had his/her mouth ripped wide open!

  7. Shhh .. don't mention the manufacturing industry by OzPeter · · Score: 1

    They probably don't realize that that manufacturing has been running on software since the 60's and when they do we'll get the FUD headline of "ZOMG!!! Software is eating the manufacturing industry!!!!!"

    And then it will be "ZOMG!!! Software is eating the shipping industry!!!"

    Followed by "ZOMG!!! Software is eating the mining industry!!!"

    And then "ZOMG!!! Software is eating the power generation industry!!!"

    etc. etc. etc.

    --
    I am Slashdot. Are you Slashdot as well?
  8. Eating by Anonymous Coward · · Score: 0

    Oh, I see, a new buzzword "eating". Javascript is eating the world. Software is eating the auto industry. Who is eaten by what next?

    1. Re:Eating by Anonymous Coward · · Score: 0

      video ate the radio star

    2. Re:Eating by freeze128 · · Score: 1

      MTV is fat.

  9. software updates be handled by dealers is profit by Joe_Dragon · · Score: 1

    software updates be handled by dealers is way a way to make big profit. and stopping updates after 2-3 years can make for new car sales.

    Just think of an $50-$100 labor change for that or even mark up parts like an HDD X2-X3 bestbuy rental prices.

  10. Not just the car industry... by QuietLagoon · · Score: 1

    ... nearly any and every industry. Look what happened to Samsung. Or those people with the "security" cameras that phoned home, or pacemakers, or... or... or...

  11. the VW Diesel-Cheat issue is why something FAA lik by Joe_Dragon · · Score: 1

    the VW Diesel-Cheat issue is why something FAA like is needed. Even more so with auto drive cars.

  12. limiting liability will not stop an 3rd party vic by Joe_Dragon · · Score: 1

    limiting liability will not stop an 3rd party victim from suing or getting out of an criminal case (say an very bad crash that kills a lot of people)

  13. OTA update? DO NOT WANT by davidwr · · Score: 1

    I do NOT want the ability to do any "hands off" update of a killer robot, er, I mean automobile.

    If the good guys can do it, so can the bad guys.

    Make me come in for service or send someone out to me, just as you would for faulty hardware.

    Now, if you need to update a non-critical system such as the infotainment or air conditioning system that's fine, as long as there is no way for those systems to make changes to the critical systems. Yes, I know this isn't risk-free - a bad guy could make the radio go on full blast and distract the driver, causing a wreck, but at least that's "hacking the human" not "turning your car into a killer robot."

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
    1. Re:OTA update? DO NOT WANT by Rick+Schumann · · Score: 1

      You are not alone, far from it.
      Since it's highly unlikely that they'll have (or would tell you of) a way to turn that off completely: If you have some background in electronics, you should be able to poke around and find the relevant antenna(s) that would be receiving the updates. Disconnect the antenna and connect it to a dummy load instead (most likely 50 ohm). Problem solved.

    2. Re:OTA update? DO NOT WANT by JohnFen · · Score: 1

      There are also websites that are compiling a list of where the antennas are in various makes and models and tell you how to disconnect them. With pictures.

    3. Re:OTA update? DO NOT WANT by Rick+Schumann · · Score: 1

      Heh. Great minds do think alike. :-)

    4. Re:OTA update? DO NOT WANT by Rick+Schumann · · Score: 1

      If you have the URLs, post them. My pickup is very much non-wirelessly connected, but I'd be interested regardless.

    5. Re:OTA update? DO NOT WANT by JohnFen · · Score: 1

      I don't. The last time I dug into this was a year ago, purely out of intellectual curiosity. Sorry!

  14. Regulation Exists. by 0100010001010011 · · Score: 2

    Look up ISO 26262 & ASPICE and other things related to 'functional safety'.

    Not everything in the vehicle is, or needs to be, compliant but your powertrain and anything with life and safety is. This isn't fly by the night programmers coding a Radio GUI.

    This stuff goes all the way down to the hardware level. With dual core CPUs running in lock step, dual memory banks and ECC memory. If there's a mismatch anywhere along the line an error is thrown.

    http://www.nxp.com/products/pr...

    https://www.renesas.com/en-us/...

  15. Not easy for car manufacturers: an example by Anonymous Coward · · Score: 2, Interesting

    The car I bought has a built-in touch-screen Android system as part of the entertainment system. It runs the audio, trip computer, phone address book, the (optional) navigation system, and even has an interface with the air conditioning. It's basically a built-in Android tablet with car-specific software installed that interfaces with the rest of the car. I thought "Wouldn't it be wonderful if I could install any Android program I want?" Nope. It's locked down with a whitelist program in the background that will not allow installation of anything but the vendor-approved programs, the files that control the whitelist are read-only, and developer mode is locked down with a passcode so you can't even connect to it (wireless or through usb). Part of me thinks "Oh well. I guess that means it will be harder for a black hat to hack. Good." As a design decision to prevent people from doing things that could mess with the car in undesired ways (e.g., circumventing regulations preventing use of some types of software while the car is moving, and worse), I can understand it, but on the other hand there are inevitably going to be vulnerabilities.

    Within 6 months of buying it, it was no mere hypothetical. The Android version is old: 4.2.2 (first released 2013). Plenty of known vulnerabilities. People eventually found the hidden menu and code to break into developer mode, connect via USB using adb, and used the Dirtycow Android exploit to root the system via a setuid root program that was already installed. Then came modifying the whitelist to support whatever Android program you wanted.

    It's a mixed result. On the negative side, someone with access to the car interior could definitely hack into this thing no problem and embed any software they wanted, or damage it in nasty ways. Thankfully, only physical access can enable the necessary debug mode to get started unless you are foolish enough to leave it turned on (i.e. wireless debug is locked down by default to OFF, thank god). On the plus side, thanks to the flaws I now have (free, open-source!) navigation software installed in my car that would have cost more than $1000 from the dealer because it only came with other car options I didn't want, and the software has better maps than the vendor's software anyway. Without the flaws, the lock-down attempt by the vendor would have worked.

    I think many car manufacturers are facing a steep learning curve with this stuff. You've got the inertia and legitimate safety concerns of gigantic car companies in conflict with the natural desire of tech-savvy people to use the system to its full potential, all while keeping it secure, up-to-date, and cheap (hardware + software). Good luck with that!

  16. All I want is a small pickup with a 5-speed by Anonymous Coward · · Score: 0

    I don't need 'infotainment' systems, 'bluetooth' everything, 'self driving', or any of that. 5-speed stickshift, AM/FM radio, air conditioning, cruise control, optionally electric windows and doorlocks, and of course a comfy bench seat that I can nap on when necessary. The rest of it is overpriced crap to break that you don't need.
    If electric instead of ICE, then you can skip the 5-speed, won't need it anyway.
    #SimpleCarsPlease

    1. Re:All I want is a small pickup with a 5-speed by Anonymous Coward · · Score: 0

      5-speed stickshift,

      6, goddamnit!

  17. the new tool of assasination. by fish_in_the_c · · Score: 2

    over the air updates of your anti lock break control system.

    Over the air update of auto software is only slightly less stupid then over the air updated of avionics software.

    Or if you prefer, fast and cheap software updates supporting cool new software for vehicles are much more important something as small and insignificant as human life.

    --
    âoeTolerance applies only to persons, but never to truth. Intolerance applies only to truth, but never to persons.
    1. Re:the new tool of assasination. by bws111 · · Score: 1

      how exactly do you 'assasinate' someone with an anti-lock brake system?

    2. Re:the new tool of assasination. by Anonymous Coward · · Score: 0

      It's circumstantial and the details are on the sketchy (and possibly paranoid) side, but...

      https://www.infowars.com/wikileaks-cia-explored-car-hacking-to-carry-out-undetectable-assassinations/

    3. Re:the new tool of assasination. by Anonymous Coward · · Score: 0

      https://en.wikipedia.org/wiki/...

    4. Re:the new tool of assasination. by Jeremi · · Score: 1

      how exactly do you 'assasinate' someone with an anti-lock brake system?

      Ideally by remapping the accelerator pedal to the brakes, and the brake pedal to the throttle. (Note that Toyota may claim prior art regarding this technique)

      --


      I don't care if it's 90,000 hectares. That lake was not my doing.
    5. Re:the new tool of assasination. by Anonymous Coward · · Score: 0

      You don't. he's talking about a break system.

  18. Re:Jews did 9/11 by Anonymous Coward · · Score: 0

    Donnie is that you?

  19. Whats with the "eating" titles? by gweihir · · Score: 1

    Apart from being stupid, they seem to be nonsense as well...

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:Whats with the "eating" titles? by avandesande · · Score: 1

      Betteridge's Law of Hungry Headlines?

      --
      love is just extroverted narcissism
    2. Re:Whats with the "eating" titles? by gweihir · · Score: 1

      Hehehehe, probably.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  20. Car software is terrible by ElizabethGreene · · Score: 3, Insightful

    I travel for work, and rent a lot of brand-spanking-new cars.

    Car software is shit. It doesn't matter what brand of car, it's shit.

    I get in the car, factory reset the radio, reboot the car, connect Bluetooth, sync contacts, and go. Most recently I did this in a Buick Endeavor. Enabling Android Auto locked up the car entertainment system and I had to reboot the car. Apple car play worked, but bluetooth phone calls only worked 25% of the time when the phone rang while Pandora was open.

    That's not an isolated incident. I've locked up the infotainment system on a dozen other rentals. That's extremely frustrating. The best was a Ford Focus that wouldn't reset with a power-off/power-on reset. The system didn't recover until I left it off for an hour.

    It's not just new cars, either. I own a Chevy Equinox that won't Bluetooth pair with an iPhone 6. At least it doesn't lock up.

    1. Re:Car software is terrible by JohnFen · · Score: 1

      Yes, this has been my experience. I haven't seen even one of those in-car computer systems that was actually worth a damn.

      Even the map software universally sucks. So much so that I always end up using my phone for that anyway.

    2. Re: Car software is terrible by WindBourne · · Score: 1

      Try a Tesla. It just works.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    3. Re:Car software is terrible by DNS-and-BIND · · Score: 1

      "I had to reboot the car." This is the first time I have ever seen this phrase written. We're in a new era.

      --
      Shutting down free speech with violence isn't fighting fascism. It IS fascism!
  21. Software is what software does by Kormoran · · Score: 0

    Not surprising at all. They keep using unsafe languages like C, C++ or Java instead of time-tested safe ones for critical environments (ADA). They don't use EAL 5 (or higher) assurance levels, like avionics does, but stay with "it works, see?".

    I was hoping that car software would start a revolution in computer programming, at long last fostering a new generation of languages and best coding practices: I was hoping we would move to the "this class of bugs cannot exist" kind of bug-free, instead of "hey, we can't see any bug from here" that software houses gives us today. Me deluded.

    But maybe the recall catastrophe will force automakers to take software development more seriously. Maybe there is still hope...

    1. Re:Software is what software does by R3d+M3rcury · · Score: 2

      They keep using unsafe languages like C, C++ or Java instead of time-tested safe ones for critical environments (ADA).

      Or Rust. Don't forget Rust.

    2. Re:Software is what software does by JohnFen · · Score: 1

      The reason for the state of software isn't the languages. It's the economics.

    3. Re:Software is what software does by Kormoran · · Score: 1

      Economics. The name of the game. With PC/servers you can get past away telling your customers to reboot, patch, upgrade or just doing nothing, if the complaints aren't really loud. With cars you cannot.

      Your fault (liability? I'm not familiar with legalese) in a car crash/hijack DOES cost you. A LOT. And car makers simply can't afford to recall every single car any time they need to patch a bug. I talked about EAL levels for a reason: with EAL 5 or higher, you can get an insurance for software bugs. With 4 or less (Windows/RedHat/Debian), insurance companies just laugh at you.

  22. sad state by Anonymous Coward · · Score: 0

    In 1985 I was in grad school in a software engineering course. Coming from the hardware engineering side, I was looking at embedded system design and wrote a paper on the need for incorporating proof-of-correctness processes into software design where human safety is concerned. For example, making sure that software-controlled microwave cannot transmit when the door is open must be very well designed, and probably should always have a power safety interlock associated with the door latch. Likewise, automotive design needs careful attention to insure brakes, acceleration, steering, and other functions are controlled correctly. It saddens me that computers have come so far in the intervening 4 decades, but software accuracy really hasn't. I've interviewed young people coming right out of school that don't even really understand proof-of-correctness in software design, let alone recall having heard the term. And when my company hired H-1B workers, they barely had any real training at all.

  23. Put software where it BELONGS, not in CARS by Anonymous Coward · · Score: 0

    And nearly everywhere software is in a car, it is actually NOT NEEDED, making things more fragile and less durable, plus introducing a slew of other problems

  24. Here is the result by lwmv · · Score: 1

    of auto industry being eaten by software: you can't repair your own car, or you violate the DMCA. Farmers Demand Right To Fix Their Own Dang Tractors Why American Farmers Are Hacking Their Tractors With Ukrainian Firmware