[bonestamp2]

> no DRM locking me out of reparing my own car

That's going to be nearly impossible to avoid in the future. I do some software work for one automaker and every 2019+ model has a firewall on the data bus. It's not because they want to lock you out of repairing your car, it's because the pen testing and Defcon hacking has been accelerating over the past few years and they don't want headlines that say their cars can be hacked. That's bad for sales. They'll lose sales from guys like you too of course -- your concern is certainly valid, but more people are concerned about the security of their car than being able to repair it themselves.

[vbezhenar]

Why firewall prevents repair? IPtables on my Linux box does not prevent me from replacing a memory or resolder failed capacitor. It's like completely different layers.

[bonestamp2]

If you opened an ECU in your car, you could resolder a failed cap. There is nothing preventing you from doing that. The repairs it might prevent would be if you replaced an ECU that needs to be authorized to communicate over the bus. I can't speak for other automakers but at least in our case you don't have to go to a dealership if you don't want, there are third-party repair shops that are authorized to use our software for these kinds of repairs.

[captainmuon]

OK, but I should be able to buy any part - OEM if it is "computerized" or aftermarket if it is not - and have it installed by any trained mechanic, no matter if they are licensed or not.

I read stories that Tesla disabled cars that have been repaired too much, and that you have to have them certified and unlocked again. They always claim security and user experience grounds, but of course the main motive is maximizing profit. Apple does this, John Deere does this, basically every company who can afford to does this.

I wish they would be honest enough to say first, yup, we do this so we can charge more money for repairs and spare parts. Second, we have no other choice because our competitors do this too and we have to maximize profit. And then I hope third we get strong right to repair laws as a result. I heard in the US the situation for cars is actually not too bad as the manufacturer cannot void your warranty for installing third party parts, but there is always room for improvement.

I don't need the ability to "tinker" with my car. But in the end, I buy it, and I want it to be 100% "loyal" to me and not to the manufacturer - like a stupid hammer, or a bicycle. That should be a legal principle IMO.

[bonestamp2]

> I want it to be 100% "loyal" to me and not to the manufacturer

That is ideal, but inevitably I think there has to be a bit of a give and take there because the manufacturer is likely the most trustworthy party to handle the security of their vehicles (they have the most to lose).

For example, it's very difficult to make new keys for modern cars. Most manufacturers require that you go through them, and in fact a very secure department within the company, to get a "keycode" to make new keys. I think most people would agree that is a reasonable security benefit because it makes it almost impossible for a thief to make a new key even though it adds some extra hoops for the legit owner when they want a new key.

But Chrysler, for example, allows you to buy a new keyfob from anywhere you want, even repurpose an old one and program it yourself if you have two existing keyfobs for your car (that way a valet or service center with only one keyfob can't do it, only the owner with both keyfobs can do it).

Tesla was the first to encrypt their vehicle firmware and I believe they had to do this in order to do over the air updates, and I think that was also a necessity given the way they chose to do service operations (which also made sense since their goal was to have very few moving parts and therefore reduce the need for service center visits altogether).

I think eventually the head unit will be powerful and secure enough that they will be able to initiate many of these secure "repairs" from there. But, that will require that unit to be very locked down, likely to the same level that some of Apple's devices are (you can't self-swap the secure enclave in iPhones or macbooks since that is what manages security for those devices). The car's head unit would become the "secure enclave" for the car. Right now, the car is more of a distributed system, with no particular ECU being responsible for others... which is why you need an OEM tool to reprogram them.

I hope cars become more modular at the same time. Electric cars should last a lot longer and making it easier to swap key components, like Tesla is doing with their main AI computer, with faster better units will be great... especially if the head unit becomes the hub for the rest of the car, it would be nice to upgrade those when new advancements warrant it.

[stephengillie]

Oh, automakers are finally putting security on their wide-open Car Area Networks - like the one that let a hacker stop a reporter's car - and this you see as only a bad thing?

[bonestamp2]

Maybe you misunderstood me -- I don't think it's a bad thing. I think there are people who will think it's a bad thing and my comment is just stating what I've seen on the inside -- I've never once heard anyone talk about trying to lock out owners from doing their own repairs. Most of these people are owners themselves and their neighbors are owners, etc. From what I've seen, the firewall is to protect the car and its owner, not to prevent them from doing their own repairs (that is only a side effect from making the car more secure).