this post was submitted on 14 Jun 2023
18 points (87.5% liked)
United States | News & Politics
7306 readers
706 users here now
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
One of the biggest concerns is when you start trying to see secure APIs and such, you quickly realize that what you did 5 years ago isn't nearly good enough today.
And most cars stay on the road for 14-some years.
I bet I could straight brute force any consumer grade security measure from like 2009 with the phone I'm typing on right now.
How can we expect auto manufacturers to secure their systems for 15 years?
While over-the-air updates are becoming a thing, it's not going to be financially attractive for auto makers to continue providing security updates for 15 year old cars.
I don't know what the solution it, but it's going to be challenging.
Part of the solution may be the GSA, Government Services Administration. When I was still working in tech, we had to guarantee 5 years of spare parts or replacements for all government contracts. GSA could start requiring software updates for up to 15 years. This would then become the norm and trickle out to consumers.
Sounds good in theory. But the switchover to electric is almost certainly going to have casualties. Not every company will survive, which means a lot of cars will have no support structure.
Maybe have car companies put the source code in escrow and have it released to public domain if the company goes belly up?
Having the software in my car maintained as OS isn't a great feeling. But it beats not having it maintained at all.