The worst thing is, people can hack your car through your 'entertainment system' on your car. I don't even want to know how such a system exists, why my radio has access to brakes?
Because people cry communism or incompetency every time the government tries to write forward-looking rules in matters affecting commercial interests. So politicians can only act retrospectively, once shit has hit the fan.
Who exactly would write these forward-looking regulations? Who is competent enough to foresee years in the future what car manufacturers might want to do, and then imagine how that might go wrong, and then regulate it? Any why would (indeed, should) these people not work for the auto industry, applying these competences in actually developing these new technologies?
And who checks these people's work? How do we make sure they don't risk outlawing ABS and ESP before they're invented?
For a relevant case study, compare and contrast with how heavy regulation, also plenty of forward-looking stuff, totally failed to predict or prevent the financial crash.
The, there's the issue of how the industry would actually adhere to these speculative regulations. You'd have plausibly millions of pages of regulation to evaluate every new development against. In practise, this means the lawyers are running the show. Just like in the banks.
Also, before your righteous anger gets the better of you, let's remember that nobody has actually been hurt due to these problems yet, except of course the manufacturer who must issue extreme expensive recalls. In the meantime, Toyota built cars with a gas pedal that stuck - this issue actually killed people. It was a purely mechanical problem - would these hypothetical forward-looking regulators have caught that issue?
Finally, I'm not one to throw around words like "communism" where they don't apply, and communists certainly didn't and don't care one bit for consumer safety or comfort - but severe overconfidence in the ability of government to plan, predict and prevent things is a central problem with communism.
I would suggest someone else should keep his own righteous anger in check, considering he replied to a simple quip with a comment that is eight times as long.
I won't even bother to fight your strawmen (the financial crash could not be helped by better laws, really?), tbh it's just boring. You are right, why have laws at all? Car manufacturers are so enlightened, they obviously work for the greater good rather than simple profit, I apologize for my stupid remark.
Passive-aggressive much? Sometimes a simple quip requires a long response to accurately address multiple potential issues. In speaking about forward-looking government regulation, bringing up how forward-looking government regulation failed in other cases is pretty relevant. And never was the idea mentioned that these things should not be governed at all, which is you throwing out a strawman. Simply that the nature of modern regulation is to restrict possible outcomes, and that also has negative externalities. "Good" advancements can be just as restricted as "bad" advancements, and it's extremely difficult to tell the difference years or even decades before they happen.
> Sometimes a simple quip requires a long response to accurately address multiple potential issues.
Not sprayed with gratuitous ad-hominems, not really.
> bringing up how forward-looking government regulation failed in other cases is pretty relevant.
I struggled to consider it relevant, considering how it's widely accepted that reduction in regulation is one of the main causes of the recent financial crash. Forward-looking regulation was there and was removed. I think that particular example doesn't make the point he thinks it makes.
> And never was the idea mentioned that these things should not be governed at all
It was basically inferred. If you take his points to the logical conclusions, there is no point in regulating the car industry, they hire the best minds so they will know what to do.
> "Good" advancements can be just as restricted as "bad" advancements
Of course; but it's extremely difficult to prove whether the advantages of outlawing both outweigh the advantages of allowing both. So we came up with this rule that "we legislate only after shit happens". Is it crazy to think this arrangement could be sub-optimal, and there might be a better compromise?
I get that. But how much forward thinking does it take?
Back in the 80's or early 90's when "Drive by wire" was the buzzword and old timers were saying they'd never drive a car that didn't have physical linkages, how much forward thinking would it have taken for regulators to say controls system circuitry needs to be completely isolated from other systems in the car? Something like this would still apply today and maybe we wouldn't be seeing these issues.
a lot. You can start by looking up if any of these old timers raised anything remotely similar to that concern. Remember how insanely unprotected the Internet was in the beginning? How SMTP basically still is? That was build by some of the smartest people in the world, and they didn't have the foresight to predict that there might be adversaries, and thus build (in retrospect, quite simple) protections in.
Also, those old timers were wrong about drive by wire, there is zero evidence that it's any less safe than physical linkages.
One of the reasons it would have been extremely difficult to predict, is that the phenomenon of consumer devices having a general purpose computer (and that this might be connected to the rest of the car), much less one networked in any sense, as its interface is pretty new.
I guarantee you that engineers warned PM's about this kind of thing from the start.
>Also, those old timers were wrong about drive by wire, there is zero evidence that it's any less safe than physical linkages.
Let's distinguish drive-by-wire from FADEC (or what amounts to a poor-version of FADEC). An electronic throttle is fine. An electronic throttle that cannot be overridden by a casual user not. It's the implementation that's problematic.
> controls system circuitry needs to be completely isolated from other systems in the car
What would they define 'other systems' as? Back then carphones were pretty new, and the height of technology, and a car 'computer' was a trip mileage counter and mpg calculator. Amy definition would either be rooted in the technology of the time, and therefore not handle new breakthroughs and inventions, or be so vague as to be unenforceable, I suspect. They would have to be pretty far forward thinking to have envisaged high bandwidth Internet connections or wireless data links, as inputs to the car systems, let alone the amount of compute power that is now routine in vehicles.
The sorts of things that are going to enforce safety here are going to be produced by the car industry engineering standards bodies eventually, but it will take time. Many of the concepts, like CAN-bus firewalls, data diodes and filters are already present in high-assurance avionics networks and (post STUXNET) in process control systems. Note that it took STUXNET for people to realise that vulnerability, now the industry is working on solutions, but so far no power stations or chemical plants have exploded. We are in the same place with vehicle security now.
Why is canbus a bad design? As long as you don't allow untrusted data onto it there is nothing wrong. Physical access exploits are quite irrelevant imo.
