November 10th, 2013

Reason to avoid Toyota cars

How not to do embedded development is worth reading. The full testimony was worth reading, too before it disappeared from the web... And yes, I believe the fault is ultimately in laws; mass-produced cars should be certified in similar way to airplanes. No, certification does not catch everything, but hey, Toyota did not even have bug tracking system... and the list of bugs they made was pretty impressive.

There's another problem near: 1) anything on CAN is considered trusted (how could attacker get here?) and 2) car radios now have bluetooth/wifi/USB and CAN connection and are easy to hack (but how could hacked radio be a problem? And yes, from the automotive summit it is pretty clear this will get worse). I actually thought about buying bluetooth odb-2 adapter for the next car, then I realized how bad idea it is.

I'm quite happy that my car does not have power steering or CAN bus, and has mechanical clutch, brakes and ignition key. It _does_ have ABS, so bad computer could probably kill my brakes. [I could probably kill that computer by turning off ignition, but I don't think I would do it fast enough in emergency. There is still vacuum for two/three
brake assists with engine off.]

Unfortunately, my horse is completely fly-by-wire. Unintended acceleration happens basically whenever there are other horses around...