| >OBD2 is incapable of doing any of those things. This is false. OBD2 is utilized very differently by different manufacturers. I am capable of applying brakes through the ABS system, applying any given throttle percent, shifting the cars sequential manual gearbox, forced over-pressurization of the transmission hydraulic system (for pressure vessel testing and relief valve testing) , or reflashing ANY of the ECMs available to the CANBUS network via the normal OBD2 interface on my BMW E46 M3 using the (bootlegged) OEM Rheingold/INPA software. (Among many many other things) The ONLY ECM on the E46 M3 that is cordoned away from the OBD2/CANBUS interface is the SRS system (thankfully) This software is freely available on most public trackers. It's by no-means rare or uncommon. OBD2 is MUCH more capable than most are aware, especially on manufacturers like BMW or Audi that needed to shoehorn additional tech and diagnosis capabilities into the system. P.S. I know you mentioned that manufacturers make the interface unsafe; I just wanted to clarify to those reading that it is by no means uncommon for manufacturers to do so nowadays. A consumer should by no means make a judgement about the control of their car by thinking "OBD2 is incapable of doing any of those things." when that's demonstrably not the case for many modern cars. |
Of course, one thing you could do is have the AutoPi locked down to only reply to a certain IP, VPN connection, etc, but the underlying security issues once connected, remain.