Ford and Mazda Promoting a Standard Linux for Automobiles


  • Service Provider



  • @scottalanmiller said:

    Ford and Mazda are the first in on a standard base operating system for automobiles according to eWeek.

    My Veloster uses Windows CE and it bugs a decent amount. Hopefully they have someone who has at least somewhat of an idea of security involved with this. Considering Chrysler sent out updates for a hack for their head units on a flash drive in the mail, I don't really trust car companies that much.



  • It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.


  • Service Provider

    @Dashrender said:

    It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.

    That has nothing to do with a standardized OS system to run vehicles.


  • Service Provider



  • and yet this was just released yesterday saying that any cars that have Ford Sync 3 will get Android Auto and Apple CarPlay

    http://arstechnica.com/cars/2016/01/carplay-and-android-auto-coming-to-all-2017-ford-sync-3-cars/


  • Service Provider

    @david.wiese said:

    and yet this was just released yesterday saying that any cars that have Ford Sync 3 will get Android Auto and Apple CarPlay

    http://arstechnica.com/cars/2016/01/carplay-and-android-auto-coming-to-all-2017-ford-sync-3-cars/

    The new system is not a production thing yet. so it would not surprise me to see the 2017 announcement like that.



  • @JaredBusch said:

    @Dashrender said:

    It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.

    That has nothing to do with a standardized OS system to run vehicles.

    I was mainly referencing Johnhooks comment about not trusting car companies that much.

    I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.


  • Service Provider

    @Dashrender said:

    @JaredBusch said:

    @Dashrender said:

    It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.

    That has nothing to do with a standardized OS system to run vehicles.

    I was mainly referencing Johnhooks comment about not trusting car companies that much.

    I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.

    But if too many join in, then we will have a single OS and a single point of attack for would be attackers.



  • @scottalanmiller said:

    @Dashrender said:

    @JaredBusch said:

    @Dashrender said:

    It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.

    That has nothing to do with a standardized OS system to run vehicles.

    I was mainly referencing Johnhooks comment about not trusting car companies that much.

    I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.

    But if too many join in, then we will have a single OS and a single point of attack for would be attackers.

    Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?


  • Service Provider

    @Dashrender said:

    @scottalanmiller said:

    @Dashrender said:

    @JaredBusch said:

    @Dashrender said:

    It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.

    That has nothing to do with a standardized OS system to run vehicles.

    I was mainly referencing Johnhooks comment about not trusting car companies that much.

    I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.

    But if too many join in, then we will have a single OS and a single point of attack for would be attackers.

    Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?

    Seems like it would be a concern of the utmost importance. Creating a single attack target that is primarily maintained by consumers is what caught Windows, right?



  • @scottalanmiller said:

    @Dashrender said:

    @scottalanmiller said:

    @Dashrender said:

    @JaredBusch said:

    @Dashrender said:

    It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.

    That has nothing to do with a standardized OS system to run vehicles.

    I was mainly referencing Johnhooks comment about not trusting car companies that much.

    I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.

    But if too many join in, then we will have a single OS and a single point of attack for would be attackers.

    Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?

    Seems like it would be a concern of the utmost importance. Creating a single attack target that is primarily maintained by consumers is what caught Windows, right?

    Sure, but cars today aren't maintained at all - by anyone.



  • One could hope that this being an open source project, that the participating auto manufacturers would donate enough to allow the code to be audited by a third party, similar to what happened to TrueCrypt.

    All of these companies can split the single bill, allowing it to be much less expensive individually - and eveyone has an incentive to want to have more secure code.

    Right now they have security through obscurity - or basically nothing, assuming a hacker wants to go after someone.

    This makes me wonder - does the Presidential Limo have custom code running it?


  • Service Provider

    @Dashrender said:

    @scottalanmiller said:

    @Dashrender said:

    @scottalanmiller said:

    @Dashrender said:

    @JaredBusch said:

    @Dashrender said:

    It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.

    That has nothing to do with a standardized OS system to run vehicles.

    I was mainly referencing Johnhooks comment about not trusting car companies that much.

    I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.

    But if too many join in, then we will have a single OS and a single point of attack for would be attackers.

    Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?

    Seems like it would be a concern of the utmost importance. Creating a single attack target that is primarily maintained by consumers is what caught Windows, right?

    Sure, but cars today aren't maintained at all - by anyone.

    Nor do most have a single, shared OS or exposed APIs.


  • Service Provider

    @Dashrender said:

    One could hope that this being an open source project, that the participating auto manufacturers would donate enough to allow the code to be audited by a third party, similar to what happened to TrueCrypt.

    Open source and auditing go a long way but the problems of a single, shared code base remain. It's like any disease, no matter how hardy the hosts, if all the hosts share the same vulnerability then ANY vulnerability is universal.



  • @scottalanmiller said:

    @Dashrender said:

    @scottalanmiller said:

    @Dashrender said:

    @scottalanmiller said:

    @Dashrender said:

    @JaredBusch said:

    @Dashrender said:

    It's already been shown to them how cars can be completely taken over via the internet. I think the cellular vendor in that case turn on a firewall that disabled this - for now.

    That has nothing to do with a standardized OS system to run vehicles.

    I was mainly referencing Johnhooks comment about not trusting car companies that much.

    I agree that this project can only be a good thing - hopefully more manufacturers will join and we will all have safer, more secure systems in our future cars.

    But if too many join in, then we will have a single OS and a single point of attack for would be attackers.

    Is that really a concern? While there are many versions of Linux, How many servers are running the most popular versus how many cars there?

    Seems like it would be a concern of the utmost importance. Creating a single attack target that is primarily maintained by consumers is what caught Windows, right?

    Sure, but cars today aren't maintained at all - by anyone.

    Nor do most have a single, shared OS or exposed APIs.

    I'll give you they don't have a single shared OS, though exposed (sure not over the internet) APIs, it seems there are more exposed that we realize, just most require local access or something like bluetooth.


Log in to reply
 

Looks like your connection to MangoLassi was lost, please wait while we try to reconnect.