• deranger@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    ·
    edit-2
    7 months ago

    I’m saying upgrade what it’s considered to recall. No OTA hot fix, car goes back to the shop. A proper recall just like any other recall. A software issue is just as dangerous as a hardware issue for something like an accelerator pedal. To be clear, this isn’t Tesla hate, this is modern “sell unfinished products” hate. I’d say the same thing for any other manufacturer.

    If the blinker pattern needs to be updated, that’s fine for OTA in my opinion, and shouldn’t be a recall. Problems with the accelerator, brakes, steering, anything safety critical - nah. Recall for that, proper recall.

    • DoomBot5@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      7 months ago

      Recalls still require the customer to take action. They’re much less likely to go into the shop to have it fixed than press a button on their phone and have the car fix itself overnight.

      Your suggestion for not allowing safety software fixes OTA is dangerous.

      • fubo@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        ·
        edit-2
        7 months ago

        Other way around. Unsupervised OTA updates are dangerous.

        First: A car is a piece of safety-critical equipment. It has a skilled operator who has familiarized themselves with its operation. Any change to its operation, without the operator being aware that a change was made, puts the operator and other people at risk. If the operator takes the car into the shop for a documented recall, they know that something is being changed. An unsupervised OTA update can (and will) alter the behavior of safety-critical equipment without the operator’s knowledge.

        Second: Any facility for OTA updates is an attack vector. If a car can receive OTA updates from the manufacturer, then it can receive harmful OTA updates from an attacker who has compromised the car’s update mechanism or the manufacturer. Because the car is safety-critical equipment — unlike your phone, it can kill people — it is unreasonable to expose it to these attacks.

        Driving is literally the most deadly thing that most people do every day. It is unreasonable to make driving even more dangerous by allowing car manufacturers — or attackers — to change the behavior of cars without the operator being fully aware that a change is being made.

        This is not a matter of “it’s my property, you need my consent” that can be whitewashed with a contract provision. This is a matter of life safety.

        • abhibeckert@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          7 months ago

          It has a skilled operator who has familiarized themselves with its operation

          Um, what city do you live in? Can I live there please? Not many skilled drivers around here.

        • Ultragigagigantic@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          7 months ago

          Wow man, I never thought about your 2nd point before. Every car like this is a kinetic weapon waiting to be activated. And I was worried about the “self driving” mode…

        • DoomBot5@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 months ago

          You do realize your entire first point is invalidated by the comment you’re replying to? I just said the customer has to press a button on their phone to initiate the update. On that same phone they can view release notes that clearly outline the recall. Additional on first use, the car will display those same release notes on the screen.

          Sure, safety vs convenience is a huge factor in software development. The biggest factor to safety is unpatched software. You know, the kind that requires significant effort to update, such as needing to bring your car into the shop to apply.

          Overall your doom and gloom argument against OTA safety updates is pretty weak.

            • DoomBot5@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              7 months ago

              Mr hackerman couldn’t get to the car because it crashed first due to a software bug the customer did not have time to take his car to the shop to fix.

              The real world is quite different than the idealistic one.