Ford and Mazda Promoting a Standard Linux for Automobiles
-
and yet this was just released yesterday saying that any cars that have Ford Sync 3 will get Android Auto and Apple CarPlay
http://arstechnica.com/cars/2016/01/carplay-and-android-auto-coming-to-all-2017-ford-sync-3-cars/
-
@david.wiese said:
and yet this was just released yesterday saying that any cars that have Ford Sync 3 will get Android Auto and Apple CarPlay
http://arstechnica.com/cars/2016/01/carplay-and-android-auto-coming-to-all-2017-ford-sync-3-cars/
The new system is not a production thing yet. so it would not surprise me to see the 2017 announcement like that.
-
@JaredBusch said:
@Dashrender said:
It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.
That has nothing to do with a standardized OS system to run vehicles.
I was mainly referencing Johnhooks comment about not trusting car companies that much.
I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.
-
@Dashrender said:
@JaredBusch said:
@Dashrender said:
It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.
That has nothing to do with a standardized OS system to run vehicles.
I was mainly referencing Johnhooks comment about not trusting car companies that much.
I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.
But if too many join in, then we will have a single OS and a single point of attack for would be attackers.
-
@scottalanmiller said:
@Dashrender said:
@JaredBusch said:
@Dashrender said:
It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.
That has nothing to do with a standardized OS system to run vehicles.
I was mainly referencing Johnhooks comment about not trusting car companies that much.
I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.
But if too many join in, then we will have a single OS and a single point of attack for would be attackers.
Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@JaredBusch said:
@Dashrender said:
It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.
That has nothing to do with a standardized OS system to run vehicles.
I was mainly referencing Johnhooks comment about not trusting car companies that much.
I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.
But if too many join in, then we will have a single OS and a single point of attack for would be attackers.
Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?
Seems like it would be a concern of the utmost importance. Creating a single attack target that is primarily maintained by consumers is what caught Windows, right?
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@JaredBusch said:
@Dashrender said:
It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.
That has nothing to do with a standardized OS system to run vehicles.
I was mainly referencing Johnhooks comment about not trusting car companies that much.
I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.
But if too many join in, then we will have a single OS and a single point of attack for would be attackers.
Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?
Seems like it would be a concern of the utmost importance. Creating a single attack target that is primarily maintained by consumers is what caught Windows, right?
Sure, but cars today aren't maintained at all - by anyone.
-
One could hope that this being an open source project, that the participating auto manufacturers would donate enough to allow the code to be audited by a third party, similar to what happened to TrueCrypt.
All of these companies can split the single bill, allowing it to be much less expensive individually - and eveyone has an incentive to want to have more secure code.
Right now they have security through obscurity - or basically nothing, assuming a hacker wants to go after someone.
This makes me wonder - does the Presidential Limo have custom code running it?
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@JaredBusch said:
@Dashrender said:
It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.
That has nothing to do with a standardized OS system to run vehicles.
I was mainly referencing Johnhooks comment about not trusting car companies that much.
I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.
But if too many join in, then we will have a single OS and a single point of attack for would be attackers.
Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?
Seems like it would be a concern of the utmost importance. Creating a single attack target that is primarily maintained by consumers is what caught Windows, right?
Sure, but cars today aren't maintained at all - by anyone.
Nor do most have a single, shared OS or exposed APIs.
-
@Dashrender said:
One could hope that this being an open source project, that the participating auto manufacturers would donate enough to allow the code to be audited by a third party, similar to what happened to TrueCrypt.
Open source and auditing go a long way but the problems of a single, shared code base remain. It's like any disease, no matter how hardy the hosts, if all the hosts share the same vulnerability then ANY vulnerability is universal.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@JaredBusch said:
@Dashrender said:
It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.
That has nothing to do with a standardized OS system to run vehicles.
I was mainly referencing Johnhooks comment about not trusting car companies that much.
I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.
But if too many join in, then we will have a single OS and a single point of attack for would be attackers.
Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?
Seems like it would be a concern of the utmost importance. Creating a single attack target that is primarily maintained by consumers is what caught Windows, right?
Sure, but cars today aren't maintained at all - by anyone.
Nor do most have a single, shared OS or exposed APIs.
I'll give you they don't have a single shared OS, though exposed (sure not over the internet) APIs, it seems there are more exposed that we realize, just most require local access or something like bluetooth.