[kwlug-disc] And so it begins...

[Andrew Kohlsmith (mailing lists account)]

> On Jul 29, 2015, at 11:11 PM, B.S. <bs27975 at yahoo.ca> wrote:
> The sad part is ... such access (via cell, even) should never have been enabled or designed in in the first place. Even wi-fi access is doubtful - at least post-delivery. Such capability would have to have been engineered in, passed QA, let alone the spec writers, approval checkpoints ... Bad idea all around. If the first rule of security is physical security (door locks - NOT EXTERNALLY CONTROLLABLE!), the second rule …

See this is where I disagree. I *want* my car to be accessible over the ‘net (cellular or wifi). One of my (many) “spare time” projects (Ha!) is a gateway for my own vehicle, just for curiosity’s sake.

The difference is that I want all those systems gatewayed off/firewalled when the vehicle is in motion. And I most certainly do not want some third party to have access to it, moving or not.

In my mind:
Strike 1: “Hey let’s have read/write access to the engine CAN bus(es) over UConnect!”
Strike 2: “Who needs a physical dongle to be in place to enable such access?”
Strike 3: “Security review? Whats that?”

I actually am very happy and welcoming of the whole idea of IoT. What terrifies me is the fact that embedded guys for the most part pay zero attention to security. There are rules in place (MISRA) which should help with the vulnerabilities, but if the Toyota unintended acceleration gong show is any indication of the state of things, MISRA compliance is paid lip service at best.