This is bullsh*t

  • manitcor@lemmy.intai.tech
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    Snaky lanugage in that article

    At this point, some of our more security-minded readers might need to have a lie down because, yes, that language does essentially mean there would be no proper security controls preventing someone from remotely connecting into a car.

    this is already true, they just pretend its not.

  • navydevildoc@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    It mentions there are federal regulations working through congress, which to be honest is better for everyone in the end as long as it’s not nerfed.

  • nackmack@plesiosaur.net
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    @hedge It’s really telling that having an API that allows controlled access to the car’s state is equivalent to “no security” when uh… that’s how the rest of the world works.

    • Celivalg@iusearchlinux.fyi
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      A tad more complicated as car software does need to be much less prone to security vulnerabilities than a random software (as it has the responsibility to handle human life)

      But yeah… what about their existing telemetry? same thing could be argued.

  • Square Singer@feddit.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Are they dumb? Interfaces with publicly available documentation doesn’t mean that they don’t have access control/authentication.

    Hiding the documentation doesn’t actually change anything security-wise, except that nobody can review these interfaces.

    Hackers are gonna hack, no matter if they have a documentation or not.