Announcement
Collapse
No announcement yet.
Tesla Model S hackable (security patch already updated OTA)
Collapse
X
-
Tesla Model S hackable (security patch already updated OTA)
Life is a bed of roses. Everyone else sees the roses, you are the one being gored by the thorns.
AMD PhenomII555@B55(Quadcore-3.2GHz) Gigabyte GA-890FXA-UD5 Kingston 1x2GB Generic 8400GS512MB WD1.5TB LGMulti-Drive Dell2407WFP
***Matrox G400DH 32MB still chugging along happily in my other pc***Tags: None
-
This is mechanical engineering playing at software engineering... I've seen these pissing matches for going on for 15 years and more (I do a lot of Storage and Compute infrastructure design work for Motion Control Systems). The crux of the issue of security is that hardware development teams who are developing software to go along with their hardware are deluding themselves if they think for a moment they are following "best practices" - they are getting the job done the "best" way they see fit, and for Project Managers, that means fast. Unfortunately, that is myopic. Security needs to be audited from an external, impartial angle and subjected to peer review. Props to Keen for wearing the white hat, and hopefully this will shame Tesla engineers to adopt better software practices (This is hardly a new thing: Boeing, with their 787 Dreamliner, had to delay almost year because of some boneheaded decisions regarding sharing the onboard network for the aircraft control and a planned public internet service... the aircraft's control plane and the public data plane were on a shared network with the flimsiest of security controls: fortunately this didn't pass muster and the air gapped system they replaced it with was far better from a security and lifecycle perspective. The Iranians found out the hard way how rudimentary PLCC security controls were... and the list goes on.)
A lot this comes from a desire to keep costs low. So they use COTS hardware. COTS hardware is great, don't get me wrong, but understand that most COTS hardware wasn't really intended for mission-critical workloads; you can't really run mission-critical software on non-mission critical hardware and reasonably expect a mission-critical result. It used to be that "Failsafe" for something like a automated forklift or a robot arm was fairly easy: shut it down, or freeze it. But if it's a 1500kg vehicle in 110KPH Traffic, or a 2kg drone flying 20m above a crowd of people, that might not be a such a good idea. The very first DARPA autonomous vehicle races proved that in the most ignominious fashion. Fast forward 10 years: competitors are now racing to win... but it's still a race track, not the real world.
Einstein's Corollary is going to keep software and hardware developers busy for a long, long time: "There are only two things that are infinite: The universe and human stupidity, and I'm not sure about the former..."Last edited by MultimediaMan; 20 September 2016, 20:01.Hey, Donny! We got us a German who wants to die for his country... Oblige him. - Lt. Aldo Raine
Comment