[roland35]

This sounds like a pretty common scenario for zipcar and certainly cell phone coverage coming in and out is something that they should be planning and designing for! Maybe a series of one-use pass codes or something like that could help. I always make sure there is a failsafe when I have two microcontrollers talking on the same circuit board! Never fully trust anything external.

[sly010]

There are many things they could do with software only without having to change their current scheme.

- Use exponential backoff when looking for network (although I find this part of the story hard to believe, my phone survives much longer when there is no network)

- Have a larger grace period. Let the key card just work for an extra day or indefinitely if the car's last known location is not the garage. Charge the customer for the usage.

- Fail open especially if the battery is low. Once the car starts, you have all the electricity you need to do updates.

- Make the updates small and efficient, so long as a few signed UDP packets get through, you can update the schedule. You can even use SMS. Sync non critical things (e.g. logs) opportunistically and asynchronously.

[parliament32]

>my phone survives much longer when there is no network

Interestingly I've had the opposite experience (with a Pixel 2 XL, and before that a Nexus 6P). With both phones, when going on out-of-service hikes the battery drained significantly faster than usual -- despite not using the phone at all, I'd see a 40-50% power drain over ~8 hrs. Putting the phone in airplane mode when I knew I'd be out of service solved the problem, as expected.

[roland35]

My Pixel 3, on Fi, also seems to heat up quite a bit whenever I am at a bad network location!