[SystemSafety] Hackers take over *control* of a car wirelessly
Heath Raftery
heath.raftery at restech.net.au
Wed Jul 22 02:45:45 CEST 2015
On 22/07/2015 3:44 AM, Martyn Thomas wrote:
> On 21/07/2015 18:27, Tom Ferrell wrote:
>> Stating the obvious, but isn’t there an aspect of this that goes
>> something like, “Just because we can doesn’t mean we should.” To me,
>> there is a fundamental engineering ethics question that comes into
>> play when people start talking about the ‘Internet of Everything.’
>> When someone postulates hooking two systems together that always
>> before have been physically separated, engineers have a moral
>> responsibility IMHO to inject themselves firmly and fully into the
>> benefits vs. risks discussion with a strong bias of when in doubt, don’t.
>
> That sounds like excellent advice, but if I'm happy to connect A to B
> and B to C, and you are happy to connect X to Y and Y to Z, whose fault
> is it when Peter connects one of (A,B,C) to one of (X,Y,Z) and something
> bad happens?
The general philosophical arguments are worth having, but doesn't this
particular case offer a more direct argument?
If you're the one that connects cellular to CAN (via whatever paths
already exist), you ought to be shot, stripped and jailed for gross
negligence, *before* there's even an accident caused.
I'm flabbergasted that Chrysler could have released a vehicle where that
electronic link even exists. No "great new feature"(TM) warrants such a
gaping hole that would get every hacker from here to hell tapping away
at the new door. There is zero evidence that anyone has ever designed a
robust enough system that you could honestly connect the two and claim
it safe.
All the "great new features" that are on the horizon can be achieved
without making that link - updates over the air, Internet connected
entertainment, vehicle location, etc. I see no excuse.
Heath
More information about the systemsafety
mailing list