The future looks bleak for us.

[Spiffy]

I'm learning more and more about the industry trying to limit access to our own vehicle. I'm talking about auto auth and encryption.
I see a time real soon where we won't be able fix a thing on our own vehicles.
How limiting is encryption with respect to doing our own repairs? Wil we be able to use obd readers to find out what that check light is? Will we be able to diagnos our trucks?

I am starting to understand a bit about auto auth. That doesn't seem to cause much concerns.
What's the future of encryption on some of us?

Sponsored

 

[mau47]

I believe the 24 models added encryption but tools like forscan are already able to work around it. Someone with way more knowledge than me on the subject would be able to provide more info.

It's crazy now much is tracked on these things as well.

 

[CAG61]

There is great concern about someone hacking your car. Possibly while in motion. I would expect less features available on apps, they are a big risk. I have watched demos of phones being hacked from across a room.

There is a reason pilots can't connect their ipads to the planes software.

 

[tbinmd]

OBD interface needs to be open and accessible (pulling codes), it's a requirement for emissions. Coding could be an issue. Encryption tends to be for communications between the modules, prevents a man in the middle or malware attack.

 

[Ziggy73]

I'm learning more and more about the industry trying to limit access to our own vehicle. I'm talking about auto auth and encryption.
I see a time real soon where we won't be able fix a thing on our own vehicles.
How limiting is encryption with respect to doing our own repairs? Wil we be able to use obd readers to find out what that check light is? Will we be able to diagnos our trucks?

I am starting to understand a bit about auto auth. That doesn't seem to cause much concerns.
What's the future of encryption on some of us?

I think you're on to something, however I'm thinking scanning will do be available for awhile. Tuning is another thing, each year they are getting closer to totally locking down the ECU access. The EPA needs to be reined in a bit, they are costing the US millions in over regulation.

 

[scott011422]

OBD interface needs to be open and accessible (pulling codes), it's a requirement for emissions. Coding could be an issue. Encryption tends to be for communications between the modules, prevents a man in the middle or malware attack.

This is true. Basic code pulling will no be affected. Anything more than this would require some kind of authorization. Dodge is already doing this on their new stuff. Plug in a high end scan tool and anything other than basic stuff gets locked out and told they need to contact dodge to authorize the scan tool.

 

[RGrove]

I was thinking about this a few days ago... I only have a vague idea of "right to repair", but it's going to be difficult as hell to work on your own vehicle if the manufacturer will not release the source code...and you don't have hours upon hours to comb through it, even if you know how to read it.
And they could plausibly refuse to ever release it, citing security, road safety, or trade secrets.
Besides that, after you agreed to pay $65k, got your dirty boots on the factory carpet, you then clicked "I agree" to that 700-page software licensing agreement that even a federal judge said no one could be expected to ever read, and gave up your right to ownership of anything but the rubber and metal sculpture of a vehicle that's lifeless without their magic software. You have no right to see the source code, no right to prevent them from changing how it works at their whim (even if they break it), a debatable right to find alternative source code...we effectively gave away the right to work on the vehicle ourselves, other than changing a tire. And that's probably debatable with some TPS systems...but no one's had the audacity to stop a consumer for it, as it would point out how powerless we legally are over our own things...which should trigger a 1770's level revolt against growing subtle tech enslavement.

Most CEO's in the modern world today believe IT and software should be integrated in every aspect of life...a functional product is second priority to a digital-ized product. If it doesn't work, they will let the company go out of business before saying, "If the software is making it fail, redesign it with an on/off switch instead of a microprocessor."
Ford is absolutely a perfect example of that; low-rated quality, high warranty service, high recall numbers, yet they still very obviously prioritize using newer and newer technology. You've been building transmissions for a hundred years; make them shift decently before going all-in on 14" in-dash displays that show the weather in front of the windshield. My truck's body panels and seams didn't line up from the factory, but by G-d they're aluminum, which is cool AF. Also dent easy AF, so I've been driving around with damage for a while...

But really...do the windows need to be controlled by a centralized microcontroller? Zero benefit to the consumer, especially since it's not brought out to an app or keyfob. In some cases, it's a major disadvantage as the software was screwed up and caused undesired operation, leading to uncontrollable windows. That's purely for the manufacturer to be able to say "every function of the vehicle can be controlled by software." Zero benefit and increased risk to the consumer.

My central display gets stuck on the Ford logo for several minutes sometimes, or stuck on the map screen, and there's nothing I can do about it until the module crashes or the truck sits overnight. The stuck map is super-annoying because I do a lot of 3 hour trips, and watching the rotating logo for 3 hours is mind-numbing. I end up with either no control or no idea how I'm controlling the HVAC. What's the advantage/purpose in that being software based? How does the imperceptible advantage outweigh the higher risk of total loss of function by the software crash?

The problem is all-encompassing, though, not just our vehicles. The software industry perverted property ownership through licensing, and everything you need in the world is controlled by software. We own shells of metal and plastic, be it our truck or our phone, while the manufacturer owns the ability to make that metal and plastic useful.

I agree, the future indeed looks bleak for us. Or for anyone that doesn't intend to be a mindless slave to a big tech company, and an old vehicle company that has to run with the big tech companies.

 

[HammaMan]

There is great concern about someone hacking your car. Possibly while in motion. I would expect less features available on apps, they are a big risk. I have watched demos of phones being hacked from across a room.

They've encrypted the buses which is a local thing. It's like HDCP encryption over HDMI from your TV to a discrete device (HDCP has been cracked / has workarounds). This doesn't prevent someone coming in from the TCU which is already a trusted device to the vehicle. It simply encrypts the local module-to-module communications from MITM attacks (similar to how the comma 3x works for instance). Want an attack vector? Crack a trusted device before the encryption as it's already trusted (delays but doesn't prevent attacks, like a more complicated lock simply buying time / having a BG choose an easier target). Ford never really had this issue as the only can bus communications occurred within the vehicle with exceptions of a few devices like the PCM/ABS/PSCM. It's more of an illusion of security, than actual security. It doesn't stop relay attacks or devices that can add keys/fobs to the vehicle like dealer software.

Toyota and some other manufacturers ran can bus to the headlights and simply popping out a light was a means for hacking the bus. Ford uses LIN for lighting and has very limited capabilities if at all to hop onto a critical bus. Not impossible, but more difficult

There is a reason pilots can't connect their ipads to the planes software.

Yeah, poor design. Aircraft can safely run an interface in a sandbox environment that could very basically transmit (basic) information to and from the aircraft and an ipad with very limited information like having the ipad perform a 3rd-man verification of weight/balance and flight planning where the ipad is read only in some areas while having the ability to pass information to the FMS like waypoints / runways (pilot-approving each block as its transmitted), while also read-only verifying several things adding an additional layer of security. There's been a few crashes from incorrect info being entered by the pilot resulting in incorrect takeoff speeds / distances, or getting fuel in the wrong measurement (pounds vs kilograms). With each participant interacting with their own devices adding an additional layer of data between the fuel truck, its operator and his device, communicating to the aircraft, as well as the pilots and their traditional paper hand-off, combined with the devices speaking the variables with the other pilot's device listening as well as the aircraft, combined with digital transmission of the variables, it provides substantial redundancy and accuracy with 2 meat computers, 2 ipads, and the various systems on the aircraft all having to agree the variables/math are GO.

The F35's new processor is based on a 12th or 13th gen intel desktop processor (documentation has claimed both, yes desktop, not server CPU) with a hypervisor in place to allow the more critical systems to sit underneath VMs where the pilot could in theory be running another OS (or groups of OSs) including a DOD windows environment. What will likely sit there is a means of integrating with the latest Ai systems / apps from companies like palantir (the ai powering ukraine's war fighting efforts). This also allows the aircraft to be fitted with "commercial" hardware ala specialized GPUs for providing substantial cutting-edge compute for the sensor fusion capabilities/interpretations (it will likely come in the form of a modular specialized compute cluster unit that will be upgraded every couple years) .

Given the ELINT capabilities of the platform, it can provide a substantial amount of compute at the edge for signals intelligence or drone swarm programming by identifying pop-up threats using uncommon means from all of the frontline airborne sensors from other aircraft in the flight including loyal wingmen. This allows minimal data transmissions from the aircraft (or aircraft to aircraft) while being able to make sense of the Gbs worth of data it's soaking up. On its way home or using other LPI communication means, it can prioritize and transmit the highest priority threats it sees while also being tasked with BDA missions without bothering the pilot of what it's doing. It could also offload its entire dataset before it lands without having to rely on taking its data cartridge to the computer that typically handles the data offload. This is especially true for the raw sensor data collected that could be sent to an AWACs with additional uplink/processing capability looking for HVTs hidden among the noise (think 'weather balloon' that weren't alerted on because the radar was programmed to ignore them; now put an ai behind the raw data to look for otherwise ignored threats and a whole new picture emerges)

For at least 15 years now commercial products in terms of compute capability have really outpaced the fancy govt mainstream stuff and they're taking a page from modern computing practices going forward. Cars aren't the only ones embracing ethernet. The F35 was originally built with fiber ethernet, but it's still a product of the mid/early 2000s. Things have come a long way since then. Quickly hardening the latest CPU/GPU/Ai compute hardware that's cutting edge can/will/does add a tremendous capability to the warfighter. Furthermore it may be found that deploying the latest/greatest hardware's capability as-is provides greater utility than waiting on a 'hardened' dedicated platform. Particularly true of attritable assets where price sensitivity is a big component. Cheap $500 quadcopters have provided a truly game changing edge to the battlefield in eastern europe. Between NV's ADAS hardware and the amount of FPV video footage collected by palantir, I've got little doubt they're testing ~1' sized ai-guided hunter killer quadcopters with beyond nightmarish capabilities.

 

[lrb_35128]

I've got little doubt they're testing ~1' sized ai-guided hunter killer quadcopters with beyond nightmarish capabilities.

My aren't you just the ray of sunshine...

 

[RGrove]

Between NV's ADAS hardware and the amount of FPV video footage collected by palantir, I've got little doubt they're testing ~1' sized ai-guided hunter killer quadcopters with beyond nightmarish capabilities.

Yeah, I don't even want to talk about stuff the gov or defense contractors are coming up with. Besides "AI" being a buzzword to pump stock, the way companies push garbage software updates, I can guarantee malfunctioning "perfectly safe" combat robots will be regularly killing civilians accidentally before my grandkids are old.

 

[HammaMan]

Yeah, I don't even want to talk about stuff the gov or defense contractors are coming up with. Besides "AI" being a buzzword to pump stock, the way companies push garbage software updates, I can guarantee malfunctioning "perfectly safe" combat robots will be regularly killing civilians accidentally before my grandkids are old.

End to end neural nets are powering both current tesla ADAS as well as open pilot (comma 3x). Nvidia sells ADAS hardware capable of running it in a convenient package. Not "buzz words" -- very much a real product. 2 things can be true, you can have grossly incompetent players like ford shipping half baked goods, while also at the same time have players capable of exponentially more advanced products (tesla trashed their entire software stack and moved to end-to-end and has significantly advanced its capability in the last 5 months and are shipping monthly updates now). Artillery shells and multi-ton bombs don't differentiate, nor will the first drone swarms told to kill everything within a sector of the map. It's not a big step up to target combat dressed soldiers. They've already deployed a chain mesh communication system so that a more powerful ai can watch the video feed of cheap drones and command them. Palantir has a mobile compute cluster on a vehicle capable of controlling such a system. The cheap quadcopters need a basic adas that's then told "that's your target" and the basic adas handles terminal guidance. The big ai has a digital twin of the environment that's updated in real-time and feed relevant sections of the map to the kill vehicles going to an assigned area.

As for jamming, well home on jam has been around a long time and has been in HARM missiles as a primary sensor. Furthermore it's very cheap to put a phased array antenna on a basic PCB and it becomes significantly harder to jam such a system especially if it can frequency hop outside of the jammer's capability. To put end-to-end models into context, a little 'brain' comprised of parts found in a modern cell phone are enough for such a component to be put into nearly anything that can fly and by the time it reaches its area of interest, the system has already learned how to fly whatever you've put it into. Furthermore it can share what it's learned about the 'body' you've put it into and it will share the control laws with the other bodies in the group. These are very much real products / capabilities. You can put one in your truck for just $1,200.

A few articles to read about yesterday's capabilities. I follow a few channels that report on what's being seen to put together the current picture of what's going on. Few mentions of drone mesh relays or mothership drones due to their efficacy. They won't officially divulge things that are working as it'd be poor opsec. Public information is always the tip of the iceberg of yesterday's capabilities.
article 1
article 2

 

[Spiffy]

There is great concern about someone hacking your car. Possibly while in motion. I would expect less features available on apps, they are a big risk. I have watched demos of phones being hacked from across a room.

There is a reason pilots can't connect their ipads to the planes software.

What? Where you hear that? . I connect my I pad to my plane all the time. I regularly set my flight plan up from home. I upload my flight plan to my plane and it's ready for the flight.
There seems to be a knee jerk reaction to security. There is common ground and then way overboard reaction.
Encrypting the data buss without regards to how it effectively kills supported business is narrow minded. After market performance shops, aftermarket audio shops. Small repair shops.
What? We are going to be forced to take our vehicles to dealer repair shops. It already takes 3 to 4 weeks just to get in for a scan. Can you imagine when there is no longer ma and pop shops because they can afford all the red tape?
You can't even change a wheel without a scanner or worse yet replace brake shoes without a scanner. So what happens when our scanners can't communicate on the buss?
There are incremental safety things that can be done to protect against hackers. But it's easer and cheaper to just encrypt everything.
I can't change my headlight without coding it to my truck. Now they think it's a great idea to force everyone to have to set up appointments to do some of the most mundane stuff?
And all the while the truck is going to get hacked anyway.
There isn't this level of security placed in any aircraft I know of.
You remember the saga between massy Ferguson and other farm equipment?
They got in the way between farmers and their ability to do their own repairs. Farmers couldn't even change a starter without paying an arm and a leg to some dealership. I believe that's being hashed out in the courts now. Right to repair and shit.
I personally don't recognize any software running on my truck as belonging to ford. I didn't sign any agreement recognizing their rights over mine when it comes to software. Can anyone recall such a agreement they signed when closing on the sale. I would favor any work done to Crack the Encryption. And it will. Everything is hackable. I will just ask ChatGtp to do it. ?

 

[CAG61]

What? Where you hear that? . I connect my I pad to my plane all the time. I regularly set my flight plan up from home. I upload my flight plan to my plane and it's ready for the flight.
There seems to be a knee jerk reaction to security. There is common ground and then way overboard reaction.
Encrypting the data buss without regards to how it effectively kills supported business is narrow minded. After market performance shops, aftermarket audio shops. Small repair shops.
What? We are going to be forced to take our vehicles to dealer repair shops. It already takes 3 to 4 weeks just to get in for a scan. Can you imagine when there is no longer ma and pop shops because they can afford all the red tape?
You can't even change a wheel without a scanner or worse yet replace brake shoes without a scanner. So what happens when our scanners can't communicate on the buss?
There are incremental safety things that can be done to protect against hackers. But it's easer and cheaper to just encrypt everything.
I can't change my headlight without coding it to my truck. Now they think it's a great idea to force everyone to have to set up appointments to do some of the most mundane stuff?
And all the while the truck is going to get hacked anyway.
There isn't this level of security placed in any aircraft I know of.
You remember the saga between massy Ferguson and other farm equipment?
They got in the way between farmers and their ability to do their own repairs. Farmers couldn't even change a starter without paying an arm and a leg to some dealership. I believe that's being hashed out in the courts now. Right to repair and shit.
I personally don't recognize any software running on my truck as belonging to ford. I didn't sign any agreement recognizing their rights over mine when it comes to software. Can anyone recall such a agreement they signed when closing on the sale. I would favor any work done to Crack the Encryption. And it will. Everything is hackable. I will just ask ChatGtp to do it. ?

I take you fly a private plane? I was mentioning comerical. I would think at some point with a proper sandbox and firewalls even commerical might allow connect. It is risky. They are starting to harden machine controls against intrusion. It has happened, remember the hack of the Iranian nuke plant. Hacked routers from China.

Just think ransomware for cars.

I agree Encryption doesn't solve the problem and can be broken. Even iPhones are hackable. Hard but doable.

I think that you should be able to use things like forscan. I fully think you should. I am pissed that Ford took away monitoring my powerboost generator on the app.

 

[RGrove]

I personally don't recognize any software running on my truck as belonging to ford. I didn't sign any agreement recognizing their rights over mine when it comes to software. Can anyone recall such a agreement they signed when closing on the sale. I would favor any work done to Crack the Encryption. And it will. Everything is hackable. I will just ask ChatGtp to do it. ?

I wish I could remember specifics, but there was some point where I remember thinking, "They know it would be effectively impossible to disagree with this and they can demand anything they want. What am I going to do, return the truck?"
It is possible there's no EULA for the software that runs the truck, though, and I'm conflating some other software agreement, but there are definitely EUAL's involved in this truck. I disagreed with one in the app recently after updating, and lost access to that feature, clicking it brings me back to the license agreement or the Ford home page.

Some study showed 95% of people faced with a EULA immediately skip past it, so it's almost guaranteed no one remembers agreeing to one.

And despite the horribly anti-consumer nature of EULA's, and provable case that they're deliberately written to be difficult to comprehend, and that they're almost never truly read, they're legally binding and enforceable.
Software dependence and licensing is evil, and it's the greatest deception of the modern world.

 

[RGrove]

End to end neural nets are powering both current tesla ADAS as well as open pilot (comma 3x). Nvidia sells ADAS hardware capable of running it in a convenient package. Not "buzz words" -- very much a real product. 2 things can be true, you can have grossly incompetent players like ford shipping half baked goods, while also at the same time have players capable of exponentially more advanced products (tesla trashed their entire software stack and moved to end-to-end and has significantly advanced its capability in the last 5 months and are shipping monthly updates now). Artillery shells and multi-ton bombs don't differentiate, nor will the first drone swarms told to kill everything within a sector of the map. It's not a big step up to target combat dressed soldiers. They've already deployed a chain mesh communication system so that a more powerful ai can watch the video feed of cheap drones and command them. Palantir has a mobile compute cluster on a vehicle capable of controlling such a system. The cheap quadcopters need a basic adas that's then told "that's your target" and the basic adas handles terminal guidance. The big ai has a digital twin of the environment that's updated in real-time and feed relevant sections of the map to the kill vehicles going to an assigned area.

As for jamming, well home on jam has been around a long time and has been in HARM missiles as a primary sensor. Furthermore it's very cheap to put a phased array antenna on a basic PCB and it becomes significantly harder to jam such a system especially if it can frequency hop outside of the jammer's capability. To put end-to-end models into context, a little 'brain' comprised of parts found in a modern cell phone are enough for such a component to be put into nearly anything that can fly and by the time it reaches its area of interest, the system has already learned how to fly whatever you've put it into. Furthermore it can share what it's learned about the 'body' you've put it into and it will share the control laws with the other bodies in the group. These are very much real products / capabilities. You can put one in your truck for just $1,200.

A few articles to read about yesterday's capabilities. I follow a few channels that report on what's being seen to put together the current picture of what's going on. Few mentions of drone mesh relays or mothership drones due to their efficacy. They won't officially divulge things that are working as it'd be poor opsec. Public information is always the tip of the iceberg of yesterday's capabilities.
article 1
article 2

Yeah, that was pretty much my point...the tactical version of something that can perform precision surgery is bringing us back to carpet-bombing style warfare...
Lots of experts over the spectrum say the tech won't be ready for kill discernment for a long time, probably never being able to discern between combatant and non-combatant at all. If you would bring up a human sniper on charges for shooting a non-combatant, how can you morally justify allowing autonomous technology to kill everything in it's path?
But ultimately, you'll have countries like Ukraine, being overwhelmed with Russia's endless supply of human fighters, turn in desperation to AI as the decision maker for killing when it's not truly mature for it, and thus have lots of civilian death.
I had read a few years ago about Russia and China investing heavily in autonomous weapons, pushing US policy closer to removing human decision making on kill shots for the sake of staying competitive...basically human approval for a shot makes us late, and then dead.
A few years ago, I had a Microsoft Surface Pro that got an update which fully broke the touch screen, and a coding error in that update blocked all future updates. It had to be replaced by Microsoft, though since I was out of warranty, it basically became a paperweight.
How is a tactical computer protected from those kinds of screwups? But instead of it being a touch screen disable, it's some other broken and isolating fault that can't be shut off? Building machines that are designed to keep fighting even when their link to home is broken or jammed sounds pretty bad...

Basically, I was saying that by the way software companies are so super-dependent on updates, it's only a matter of time before a mistake in an update has severe consequences. It's a bad practice that we all just accept blindly, and so has become the norm. "Why would you be against updates? OMG, that's ridiculous."

Aside from that, "AI" has been in use in the consumer world for along time, and really just became a buzzword to sell stock recently. There are dozens of company's producing garbage software, borrowing someone else's AI, or just adding "AI" to their descriptions so they can ride the train... I saw something on Amazon recently that was like the most basic electronic device ever, but they named it "[Something] AI", while never saying what the "AI" actually stood for... It's a bit hilarious...

Sponsored