September 22, 2015

Volkswagen’s software DRM enabled the scam to fake emission data

Filed under: Business, Technology, USA — Tags: , , , , , — Nicholas @ 04:00

At Boing Boing, Cory Doctorow points the finger of blame at VW’s DRM in their automobile software suite:

The EPA has accused Volkswagen of rigging its software to cheat the agency’s diesel emissions standards so that its cars could be on the road while spewing 40 times the legal limit for diesel emissions.

Volkswagen, like most auto manufacturers, uses digital rights management in its informatic systems. Under section 1201 of the Digital Millennium Copyright Act, it is a felony to tamper with that DRM, punishable by five years in prison and a $500,000 fine for a first offense. The company uses this legal regime to limit which mechanics can service its cars, ensuring that only “official” mechanics, who are bound by nondisclosure agreements — and covenants to only buy their parts from VW and not an aftermarket competitor — can effectively service their cars.

This year, the US Copyright Office held its triennial hearings into possible exceptions to this rule, and one petition asked it to grant an exemption for jailbreaking cars. The car manufacturers intervened to oppose this, but so did the EPA, fearing that drivers would modify their firmware in ways that increased emissions.

But by banning independent scrutiny of cars, the EPA and the Copyright Office have made possible for terrible, criminal frauds like this one to go undetected for long periods, turning cars into long-lived reservoirs of dirty secrets that can’t be reported without risking criminal sanction.

Jazz Shaw has more:

This isn’t a case of any sort of trick carburetor or jury rigged catalytic converter. The vehicle’s onboard computer could sense when it was hooked up to a diagnostics machine for an emissions test and would conveniently turn on all of its emission control features. (It’s being referred to as a “defeat device.”) Then, when the test was completed and it was unhooked from the computer it would simply shut them off again, boosting performance but also increasing emissions. You almost have to admire the sheer audacity assuming this is true. And given the initial responses from the company they don’t seem to be claiming that they didn’t do it.


So far Volkswagen seems to be taking the line of assuring everyone that they will work to recall the cars and “fix” them to eliminate this problem. It likely won’t bankrupt a company that size, but it’s one heck of an expensive piece of humble pie to eat. If they contest the fines and go to court, however, I’m wondering if they will actually lose. This was some mischief designed to short sheet the system no doubt, but would they have an out if the case goes before a judge? I was looking over some of the state level requirements for the testing of vehicles and the boundaries to be followed are rather bare bones at best. Each vehicle in the qualifying categories which was manufactured after 1996 has to be equipped with an On-Board Diagnostics Generation II (OBDII) system. The emissions portion of this is heavily tied into your annoying “check engine” light.

The way most of the regulations are written seems to indicate that the vehicle must have a functional system of this type which is accurately monitoring system performance and meets the maximum emissions requirements at the time of testing. Obviously the VW vehicles in question were doing just that. But cars today have all sorts of bells and whistles which drivers can use to customize their driving experience. They can switch from “performance” mode to “economy” mode with the push of a button. Things like that obviously affect the vehicle’s emissions. Other such options are available. And when you think about it, the “disable device” was really just putting the car into a different mode of operation which includes heavy emissions control. When it was disconnected and ready to head back out on the road it was switching back to a different mode with a bit more performance. None of that changes the fact that the emissions were within the required limits at the time of testing.

September 16, 2015

The fate of pedestrians in Chinese traffic accidents

Filed under: China, Law — Tags: , , , — Nicholas @ 02:00

At Gods of the Copybook Headings, Richard Anderson comments on a story about Chinese drivers ensuring that pedestrians they hurt in traffic accidents don’t survive to sue them … because incentives matter:

Smelling a story that was too interesting to be true, I texted a friend who lives in China. He read the article and texted back that every word was correct. This behaviour was so common that it was a kind of dark joke. The phrase “drive to kill” was considered practical life advice for young and old alike. These are not members of some obscure and barbarous cult. China is one of the oldest and most accomplished of human civilizations.

The legal explanation for this — a moral explanation I suspect is impossible — is a combination of a weak insurance system and easily bribable courts. An injured pedestrian can become a lifetime financial liability for the driver. Murder convictions, even in cases with clear video evidence, are still unusual. Faced with a choice of becoming a bankrupt or a murderer the popular choice seems to be the latter.

Homo homini lupus est. Man is wolf to man.

Mainland China is, of course, a dictatorship. It seems likely that in a functioning liberal democracy, such as those of the West, very basic legal reforms would long ago have been implemented to remove these quite literally perverse incentives. The rulers of China have deigned it beneath their notice to make such minor improvements.

August 25, 2015

Roger Kimball says Elon Musk is crazy

Filed under: Business, Government, Space, USA — Tags: , , , , — Nicholas @ 04:00

Oh, sorry, he actually said Musk is “crazy like a visionary“:

I am an unlikely fan of Elon Musk, the flamboyant, Steve Jobs-like (some would say Tony Stark-like) entrepreneur behind SpaceX, SolarCity, Tesla Motors, and other enterprises that seemed like starry-eyed impossibilities a scant decade ago. Musk’s two governing passions, he has said repeatedly, are “sustainable transport” to battle “global warming” and finding a way to make mankind an interplanetary species, beginning with a space colony on Mars.

For my part, the word “sustainable” has me reaching, if not for my revolver, then at least for an air-sickness bag. I regard the whole Green Lobby as a cocktail composed of three parts moralistic hysteria mixed with a jigger of high-proof cynical opportunism (take a look at Al Gore’s winnings from the industry) fortified with a dash of beady-eyed left-wing redistributionist passion. You can never be Green enough, Comrade, and if the data show a 20-year “hiatus” in global warming (so much for Michael Mann’s infamous hockey stick), that’s no reason not to insist that capitalist powerhouses like the United States drastically curtail their CO2 emissions right now, today, while giving egregious polluters like China a decade or more to meet its quotas.

No, when it comes to energy, I often quote, sometimes with attribution, the Manhattan Institute’s Robert Bryce: what the world needs now is cheap, abundant energy, period, full stop, end of discussion. My motto is: frack early, frack often. Do you want to help the poor/clean up the environment/save the spotted wildebeest? Then you need economic growth, and to achieve that you need energy, which at the moment means you need fracking. Q.E.D.

When it comes to interplanetary travel, I suspect that Musk’s passion for transforming us into “space-faring” creatures was heavily influenced by his youthful reading of Isaac Asimov, Robert Heinlein, and (one of his favorites) The Hitchhiker’s Guide to the Galaxy. Not that those adolescent chestnuts necessarily argue against the plausibility of his ambitions. Behind Musk’s enthusiasm for space colonization is a worry that a future “extinction event” might delete human consciousness from the emporium of the universe.

For what it’s worth, I’m very much split on Musk and his works: I generally agree with his desire to help get humanity expanding beyond our single, frail planet … I just wish he wasn’t guzzling down government subsidies to get there. I’ve read the book Kimball is reviewing (Ashlee Vance’s Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future), and I certainly feel I got my money’s worth from the purchase … Musk is potentially a very great man. Right now, he’s a pretty good man who still takes everything he can get from the government.

August 7, 2015

Hacking a Tesla Model S

Filed under: Technology — Tags: , , , — Nicholas @ 03:00

At The Register, John Leyden talks about the recent revelation that the Tesla Model S has known hacking vulnerabilities:

Security researchers have uncovered six fresh vulnerabilities with the Tesla S.

Kevin Mahaffey, CTO of mobile security firm Lookout, and Cloudflare’s principal security researcher Marc Rogers, discovered the flaws after physically examining a vehicle before working with Elon Musk’s firm to resolve security bugs in the electric automobile.

The vulnerabilities allowed the researchers to gain root (administrator) access to the Model S infotainment systems.

With access to these systems, they were able to remotely lock and unlock the car, control the radio and screens, display any content on the screens (changing map displays and the speedometer), open and close the trunk/boot, and turn off the car systems.

When turning off the car systems, Mahaffey and Rogers discovered that, if the car was below five miles per hour (8km/hr) or idling they were able to apply the emergency hand brake, a minor issue in practice.

If the car was going at any speed the technique could be used to cut power to the car while still allowing the driver to safely brake and steer. Consumer’s safety was still preserved even in cases, like the hand-brake issue, where the system ran foul of bugs.

Despite uncovering half a dozen security bugs the two researcher nonetheless came away impressed by Tesla’s infosec policies and procedures as well as its fail-safe engineering approach.

“Tesla takes a software-first approach to its cars, so it’s no surprise that it has key security features in place that minimised and contained the risk of the discovered vulnerabilities,” the researchers explain.

August 4, 2015

Tallahassee does the right thing about its red light camera system

Filed under: Government, Law, USA — Tags: , , — Nicholas @ 03:00

Last month, Randall Holcombe reported on a sensible decision by the Tallahassee, Florida city government when it was discovered that its red light camera program had achieved the stated goal:

Five years ago my hometown of Tallahassee, Florida contracted with Xerox to set up 19 red light cameras at seven busy intersections in town. The contract had the city pay Xerox about $87,000 a month to operate the cameras, and charged drivers a fine of $142 for being caught on camera running a red light.

When the program was established, city officials claimed that the cameras were installed for safety reasons, to deter drivers from running red lights, not to raise revenue. If we take them at their word, the program worked. Red light violations have fallen more than 90% since the program began. The program has been so successful that the city is not taking in sufficient revenues from fining violators to pay Xerox the fees for operating them.

You can guess the ending of this story. The city has announced that when the contract with Xerox expires in August, it will not be renewed and the red light camera program will end. Here is a program that has been a huge success by the city’s stated criterion, so the city is terminating it.

I see two possible explanations for this. One is that governments tend to terminate successful programs and continue the unsuccessful ones. The other is that the city officials who originally stated that the motivation for installing the cameras was to deter red light violations, and not the revenue generated from fines, were lying. I’m not ruling out the possibility that both explanations are correct.

Other municipalities presented with the same set of facts went in another direction: reducing the amber light time to increase the number of cars that could be caught on camera violating the law. That this had nothing to do with increasing public safety on the roads — in fact, probably increased the danger around traffic lights in the case of drivers braking suddenly to avoid entering the intersection as soon as the light turned yellow — but it did do a fine job of increasing the fines that could be collected (who cares about the safety of drivers and pedestrians when municipal revenue is at stake?).

July 3, 2015

“People with money have alternatives”

Filed under: Cancon, Economics — Tags: , , , — Nicholas @ 02:00

Frances Woolley on the hidden advantages even a modest amount of money can provide:

Less often observed is that wealth itself generates consumption benefits, even if one never spends a dime of it.

I own a 12 year old Toyota Matrix. The front fender has collided with one too many snow banks, and is now held together with string. The exhaust system has seen better days. It breaks down occasionally. But overall it’s very cheap to run.

If I was poor, it would be tough having an old, unreliable car. The unexpected, yet inevitable, major repairs would be a financial nightmare. $750 to repair the clutch. $200 to fix the axle seal. If the car broke broke down, and I couldn’t get to work, I might lose my job.

But because I’m financially secure, I can afford a cheap car. I can self-insure against financial risks: unexpected repair costs, taxi fares, rental cars, and so on. I can afford to get my car towed. If it was beyond repair, I could get another car tomorrow.

The real value of having $10,000 in the bank isn’t $200 in interest income, or the stuff $200 in interest income might buy. $10,000 in the bank creates a little bit of room to take risks. One could call it the “implicit value of self-insurance generated by own capital.” It’s the comfort of being rich (or having rich relatives). It’s real. It’s valuable. But it wouldn’t be taxed if Canada had a consumption tax.

Admittedly, the insurance value of having wealth isn’t taxed under an income tax either. But at least under an income tax some of the return on wealth is taxed, so there is, at least potentially, some shifting of the tax burden onto those with wealth.

The greatest freedom money offers is the freedom to walk away. Your bank doesn’t offer you unlimited everything with no monthly fees? Walk away. There’s always someone else who wants your money. Your phone plan is too expensive? Walk away (o.k., that may not be the best example).

People with money have alternatives, which makes their demand for goods and services elastic. Food may or may not cost more in poor areas. But a rich person can shop at Value Village if he chooses. A poor person may not be able to afford expensive purchases which save money in the long run, like bread machines or high efficiency appliances or pressure cookers. Consumption taxes aim to tax the amount of stuff people actually consume. But if poor people pay a higher price for their stuff than rich people, is a system that taxes only consumption spending, without taking into account the ability to command consumption wealth conveys, fair?

June 30, 2015

Elon Musk – high tech messiah or grasping crony capitalist?

Sean Noble says that the subsidies Elon Musk’s high-tech Tesla and Solar City firms are much higher than he implies:

Tesla, SpaceX, and Solar City head Elon Musk lashed out at the Los Angeles Times following an article that totaled up all the government support that his three-headed corporate-welfare monster receives. The number the Times reported was nearly $5 billion in combined support for his companies, including subsidies for those who purchase Musk’s products, such as the high-priced solar panels of Solar City and the supercars of Tesla.

Musk responded by arguing, “If I cared about subsidies, I would have entered the oil and gas industry.” He further asserted that his competitors in the oil-and-gas industry haul in 1,000 times more in subsidies in a single year than his companies have received in total. Such statements reveal that Musk seems to care as little for facts as he purports to care about the taxpayer dollars propping up his various businesses.

Earlier this year, the U.S. Energy Information Administration (EIA) released the most recent data available regarding energy subsidies provided by the federal government. The data, covering the year 2013, broke down total taxpayer subsidies across the different sectors of the energy industry. While fossil fuels did enjoy some government support through various direct expenditures, tax credits, and R&D programs, the data stands in sharp contrast to Musk’s claims.

Data from the EIA report, combined with numbers from an anti-oil advocacy group regarding state-level government support, reveals that total state and federal support for the oil-and-gas industry is no more than $5.5 billion each year. As stated, Musk’s companies combine for $5 billion in subsidies, a number that he has yet to dispute. Clearly, the difference is much smaller than Musk’s outlandish 1,000-to-one claim.

June 29, 2015

More on the “self-driving truck” issue

Filed under: Business, Economics, Railways, Technology, USA — Tags: , , , , — Nicholas @ 02:00

In the comments to this post, Tom Kelley provided a worthwhile digression on the topic that I felt deserved a wider audience, so with his permission, here’s Tom’s response:

Given that the trucking industry has been my sandbox for quite some time, I can safely extend Megan’s prognosis to also include the low long-term risk of job losses due to self-driving vehicles.

Frankly, I have to be wary of any “expert” who can’t even get the name of his source (the American Trucking Associations — yes, plural — not the American Trucker Association) transcribed correctly.

Apart from the myriad technical issues standing in the way of driverless trucks, the insurmountable barrier is anti-competitive trucking regulations passed on behalf of the government’s favorite white elephant, the rail industry. Invariably, these regulations are tarted up under some guise of safety (Let’s see, was it a truck or a train that blew the town of Lac-Mégantic off the map??? Hmm).

The bottom line is that any change that would have the slightest possibility of making trucking more productive is quickly met with massive dis-information campaigns, and even more massive lobbying from the rail industry. Even the most minor dimensional changes designed to reflect the current realities of truck freight transportation stand little if any chance of making it past regulators with a permanent disdain for free enterprise.

We can’t have electronically actuated brakes on trucks because the regulators have no grasp of brakes or electronics, and somebody wants to replace the driver with electronics? Seriously? Of course these same folks seen to have no problem flying cross-country at 500 MPH in a commercial jetliner that is literally flown by wire.

And even if the government types were perfect actors in this little tale, then you have the American tort law system, run/regulated by, for, and about the trial lawyers. Even with professional truck drivers who can deftly avoid putting incompetent car drivers on their way to a Darwin award, hundreds of four-wheeler drivers still manage to commit suicide-by-truck every year, followed quickly by their otherwise destitute estates suing innocent trucking companies for millions.

Can’t you just hear the jury summation now: “The eeevvilll trucking company wanted to save a few pennies by outsourcing the driver’s job to a microchip! The must be punished! My client, a fourth cousin of the homeless man who jumped off a bridge in front of a truck MUST be awarded $10 million for the pain and suffering from losing a relative he never met. No justice, no peace!”

No insurance company in their right mind would insure a driverless truck for real-world operation.

There’s no question that the technology is available to make the concept work, I was on-board numerous autonomous vehicles of all sizes back in 1997.

It will take several major societal shifts before any serious degree of autonomy makes it into real world trucking operations.

June 26, 2015

The self-driving truck won’t displace many human truck drivers for years to come

Filed under: Business, Economics, Technology, USA — Tags: , , , , — Nicholas @ 02:00

I’m far from being a Luddite, but I find Megan McArdle‘s analysis of the low short-to-medium term risk of job losses due to self-driving vehicles to be pretty convincing:

… my objections are actually to the understanding of the trucking industry works and of self-driving vehicles. Fully automated trucks, with no drivers at all, are probably going to arrive later than Santens thinks, take longer to roll out than he projects, and displace fewer workers than he thinks they will. I’m not saying it will never happen. I’m just skeptical that this is going to be a major policy problem in the next two decades.


Start with what truckers do, and how many of them there are. Santens quotes the American Trucker Association to get 3.5 million. The Bureau of Labor Statistics puts that figure a bit lower, around 2.8 million. More importantly, only 1.6 million of those are long-haul truckers. The rest are “driver/sales” employees or “Light truck or delivery services drivers.” Those are short-haul services that will not quickly be replaced by automated cars, both because chaotic urban roads are harder for autonomous vehicles to handle and because part of the job is loading and unloading the truck (something that long haul drivers may also do).

Also: Why would we assume that the advent of driverless trucks would be bad for trucking support jobs? Those folks are doing stuff like maintenance or loading that still has to be done. Moreover, other jobs will be created, in designing and maintaining the new systems. Someone has to map all those roads.

But I think it will be a while before we get to a fully autonomous vehicle with no people in it. The “driverless truck” that Santens links is not actually driverless; it’s partially autonomous. If it foresees something it can’t deal with, such as heavy snow, it signals to the driver to take over; if the driver doesn’t respond, it slows to a stop. That’s an improvement in the lives of truck drivers, not a job killer.

June 24, 2015

QotD: Surge pricing

Filed under: Business, Economics, Quotations — Tags: , , , — Nicholas @ 01:00

New York just killed every economist’s favorite thing about Uber: surge pricing. Sure, many economists also love convenient car service at the touch of a button. But black-car services have been around for a long time. Explicit surge pricing — which both creates new supply and rations demand — has not, but it’s long been a core feature of Uber Technologies Inc.’s business model. While it can be annoying at times (during a recent rainstorm, I noticed a sudden epidemic of drivers canceling rides, which I suspect was due to the rapidly rising surge price), it also allows you to be sure that you will be able to get a taxi on New Year’s Eve or during a rainstorm as long as you’re willing to pay extra.

Sadly, no one else loves surge pricing as much as economists do. Instead of getting all excited about the subtle, elegant machinery of price discovery, people get all outraged about “price gouging.” No matter how earnestly economists and their fellow travelers explain that this is irrational madness — that price gouging actually makes everyone better off by ensuring greater supply and allocating the supply to (approximately) those with the greatest demand — the rest of the country continues to view marking up generators after a hurricane, or similar maneuvers, as a pretty serious moral crime.

Megan McArdle, “Uber Makes Economists Sad”, Bloomberg View, 2014-07-09.

June 22, 2015

An insurance scam that targets the most vulnerable

Filed under: Bureaucracy, Law, USA — Tags: , , , — Nicholas @ 02:00

At The Intercept, Juan Thompson talks about a burgeoning insurance scam that not only rips off the victims for their insurance premiums but then makes it worse through police action:

Martin was taken in by a widening scam in which crooks, posing as auto insurance agents, prey on working people struggling to find affordable policies. Under the scam, the perpetrator offers auto insurance for a low price — low because the scammer, posing as a broker, will buy an authentic policy using fraudulent means of payment, keeping the policy just long enough to collect a proof of insurance card.

The racket is a growing problem in New York City and South Florida, according to an insurance industry group, but seems most prevalent in Michigan, where premiums are inflated by a state mandate that drivers purchase insurance plans that have unlimited lifetime medical benefits, among other features. Victims in Michigan are thrown even deeper into crisis when police, as is common there, accuse victims of being in on the scam and seize their vehicles and other assets under civil forfeiture laws.

The scam and seizures show how crooks and cops can end up working in concert to further imperil those already on the economic brink. Indeed, in this case, low-income residents are pinched at every turn. They start off with especially high insurance premiums, consumer advocates argue, because insurance companies sometimes charge people in low-income communities more for auto insurance in a practice some have labeled modern redlining.

Bogus agents exploit the need for cheaper policies by selling insurance that’s too good to be true, leaving victims financially exposed, for example, in the case of an accident. As if all that weren’t enough, the police then turn on the victims of the fraud, who are far easier to track down than the original perpetrators.

“You have a blend of crooked agents selling innocent, squeezed drivers bogus policies and insurance cards, and high insurance premiums,” said James Quiggle of the Coalition Against Insurance Fraud, a group that receives funding from insurance companies.

May 24, 2015

Charles Stross proposes “The Evil Business Plan of Evil”

Filed under: Bureaucracy, Business, Government — Tags: , , — Nicholas @ 04:00

Well, “proposes” isn’t quite the right word:

Let me describe first the requirements for the Evil Business Plan of Evil, and then the Plan Itself, in all it’s oppressive horror and glory.

Some aspects of modern life look like necessary evils at first, until you realize that some asshole has managed to (a) make it compulsory, and (b) use it for rent-seeking. The goal of this business is to identify a niche that is already mandatory, and where a supply chain exists (that is: someone provides goods or service, and as many people as possible have to use them), then figure out a way to colonize it as a monopolistic intermediary with rent-raising power and the force of law behind it. Sort of like the Post Office, if the Post Office had gotten into the email business in the 1970s and charged postage on SMTP transactions and had made running a private postal service illegal to protect their monopoly.

Here’s a better example: speed cameras.

We all know that driving at excessive speed drastically increases the severity of injuries, damage, and deaths resulting from traffic accidents. We also know that employing cops to run speed traps the old-fashioned way, with painted lines and a stop-watch, is very labour-intensive. Therefore, at first glance the modern GATSO or automated speed camera looks like a really good idea. Sitting beside British roads they’re mostly painted bright yellow so you can see them coming, and they’re emplaced where there’s a particular speed-related accident problem, to deter idiots from behaviour likely to kill or injure other people.

However, the idea has legs. Speed cameras go mobile, and can be camouflaged inside vans. Some UK police forces use these to deter drivers from speeding past school gates, where the speed limit typically drops to 20mph (because the difference in outcome between hitting a child at 20mph to hitting them at 30mph is drastic and life-changing at best: one probably causes bruises and contusions, the other breaks bones and often kills). And some towns have been accused of using speed cameras as “revenue enhancement devices”, positioning them not to deter bad behaviour but to maximize the revenue from penalty notices by surprising drivers.

This idea maxed out in the US, where the police force of Waldo in South Florida was disbanded after a state investigation into ticketing practices; half the town’s revenue was coming from speed violations. (Of course: Florida.) US 301 and Highway 24 pass through the Waldo city limits; the town applied a very low speed limit to a short stretch of these high-speed roads, and cleaned up.

Here’s the commercial outcome of trying to reduce road deaths due to speeding: speed limits are pretty much mandatory worldwide. Demand for tools to deter speeders is therefore pretty much global. Selling speed cameras is an example of supplying government demand; selling radar detectors or SatNav maps with updated speed trap locations is similarly a consumer-side way of cleaning up.

And here’s a zinger of a second point: within 30 years at most, possibly a lot sooner, this will be a dead business sector. Tumbleweeds and ghost town dead. Self-driving cars will stick to the speed limit because of manufacturer fears over product liability lawsuits, and speed limits may be changed to reflect the reliability of robots over inattentive humans (self-driving cars don’t check their Facebook page while changing lanes). These industry sectors come and go.

May 13, 2015

Driving a Dymaxion replica … Buckminster Fuller’s 1933 car of the future

Filed under: History, Technology, USA — Tags: , — Nicholas @ 05:00

Published on 24 Apr 2015

Buckminster Fuller’s 1933 foray into automobiles gave us the Dymaxion Car, and enthusiast Jeff Lane has one of the only working replicas in the world. WSJ‘s Rumble Seat columnist Dan Neil takes the road zeppelin for a spin…or should we say wobble?

H/T to Open Culture for the link … and do at least check out the over-the-top trailer for The Last Dymaxion on Facebook.

February 15, 2015

The term “carjacking” may take on a new meaning

Filed under: Law, Technology — Tags: , , , — Nicholas @ 05:00

Earlier this month, The Register‘s Iain Thomson summarized the rather disturbing report released by Senator Ed Markey (D-MA) on the self-reported security (or lack thereof) in modern automobile internal networks:

In short, as we’ve long suspected, the computers in today’s cars can be hijacked wirelessly by feeding specially crafted packets of data into their networks. There’s often no need for physical contact; no leaving of evidence lying around after getting your hands dirty.

This means, depending on the circumstances, the software running in your dashboard can be forced to unlock doors, or become infected with malware, and records on where you’ve have been and how fast you were going may be obtained. The lack of encryption in various models means sniffed packets may be readable.

Key systems to start up engines, the electronics connecting up vital things like the steering wheel and brakes, and stuff on the CAN bus, tend to be isolated and secure, we’re told.

The ability for miscreants to access internal systems wirelessly, cause mischief to infotainment and navigation gear, and invade one’s privacy, is irritating, though.

“Drivers have come to rely on these new technologies, but unfortunately the automakers haven’t done their part to protect us from cyber-attacks or privacy invasions,” said Markey, a member of the Senate’s Commerce, Science and Transportation Committee.

“Even as we are more connected than ever in our cars and trucks, our technology systems and data security remain largely unprotected. We need to work with the industry and cyber-security experts to establish clear rules of the road to ensure the safety and privacy of 21st-century American drivers.”

Of the 17 car makers who replied [PDF] to Markey’s letters (Tesla, Aston Martin, and Lamborghini didn’t) all made extensive use of computing in their 2014 models, with some carrying 50 electronic control units (ECUs) running on a series of internal networks.

BMW, Chrysler, Ford, General Motors, Honda, Hyundai, Jaguar Land Rover, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen (with Audi), and Volvo responded to the study. According to the senator’s six-page dossier:

  • Over 90 per cent of vehicles manufactured in 2014 had a wireless network of some kind — such as Bluetooth to link smartphones to the dashboard or a proprietary standard for technicians to pull out diagnostics.
  • Only six automakers have any kind of security software running in their cars — such as firewalls for blocking connections from untrusted devices, or encryption for protecting data in transit around the vehicle.
  • Just five secured wireless access points with passwords, encryption or proximity sensors that (in theory) only allow hardware detected within the car to join a given network.
  • And only models made by two companies can alert the manufacturers in real time if a malicious software attack is attempted — the others wait until a technician checks at the next servicing.

There wasn’t much detail on the security of over-the-air updates for firmware, nor the use of crypto to protect personal data being phoned home from vehicles to an automaker’s HQ.

February 12, 2015

Petty fines and “public safety” charges fall heaviest on the poor

Filed under: Bureaucracy, Government, USA — Tags: , , , , , — Nicholas @ 05:00

Megan McArdle on the incredibly regressive way that American municipalities are raising money through fines and other costs imposed disproportionally on the poorest members of the community:

During last summer’s riots in Ferguson, Missouri, reporters began to highlight one reason that relations between the town’s police and its citizens are so fraught: heavy reliance on tickets and fines to cover the town’s budget. The city gets more than $3 million of its $20 million budget from “fines and public safety,” with almost $2 million more coming from various other user fees.

The problem with using your police force as a stealth tax-collection agency is that this functions as a highly regressive tax on people who are already having a hard time of things. Financially marginal people who can’t afford to, say, renew their auto registration get caught up in a cascading nightmare of fees piled upon fees that often ends in bench warrants and nights spent in jail … not for posing a threat to the public order, but for lacking the ready funds to legally operate a motor vehicle in our car-dependent society.

So why do municipalities go this route? The glib answer is “racism and hatred of the poor.” And, quite possibly, that plays a large part, if only in the sense that voters tend to discount costs that fall on other people. But having spent some time plowing through town budgets and reading up on the subject this afternoon, I don’t think that’s the only reason. I suspect that Ferguson is leaning so heavily on fines because it doesn’t have a lot of other terrific options.

Older Posts »

Powered by WordPress