[sterlind]

I do wonder about the CAN bus. there's no access control on the CAN network, there's one shared bus for the whole car, and any controller can starve the bus by spamming with a high address, unless that's changed.

you'd hope that there'd be some kind of filtering to prevent the infotainment system from sending (arbitrary) CAN messages, but I recall some crazy demos of researchers pwning a car's accelerator after rooting the center console.

[fallingknife]

Is that really a security issue, though? If someone has access to your center console, they have access to your car. If someone has access to your car, they can cut your brake lines or do a million other things that are impossible to defend against.

[sokoloff]

The concern is that the attack could be carried out remotely.

https://www.wired.com/2015/07/hackers-remotely-kill-jeep-hig... is one such example (might be the one GP is referring to).

[fallingknife]

I agree that is a serious concern, then. I thought it sounded like voting machine hacking where the dramatic headlines are hiding the fact that the hackers had physical access to the machine.

[mulmen]

Voting machines are scary for different reasons.

1) The general public has private physical access by design.

2) The chain of custody is unclear and hard to prove. This undermines trust in the system.

[sokoloff]

That depends on the jurisdiction. When I voted in Maryland, there was a machine that I directly cast my vote into.

When I vote where I live now in Massachusetts, I fill out a paper form in private and then I manually feed the forms into a voting machine where I have only supervised physical access.

I think it's entirely possible to have machine-counted ballots without giving unfettered and unsupervised access to the counting machines and I prefer the MA system (for the reasons you describe), but I also recognize the Constitution is clear in its reserving the power to each state for how to conduct the election (at least for President) in Article 2, Section 1, Clause 2.

[mulmen]

Counting machines are different than voting machines.

Here in Washington we vote on paper but the results are counted by machine. The counting process is overseen by representatives of both parties. In a recount the paper votes could be manually counted to reconcile with the machine. I’m not worried about any of that.

What is scary about voting machines is that the output isn’t guaranteed to match the input. This is for any number of reasons. The best defense against this is to print the choices in a human-readable format… on a piece of paper. Which means you don’t really need the machine at all. If it’s on the network you can’t trust anything.

[sokoloff]

Most modern cars have more than one CAN bus.

(And it’s lower ID messages which have priority over higher, which is more trivia than argument against your premise.)

[mulmen]

The Tesla Cybertruck doesn’t use CAN for steer-by-wire. It uses Gigabit Ethernet. According to my mechanic my ABS system is using something similar. CAN isn’t the only bus in the car. According to Wikipedia the LIN bus is intended to supplement CAN with non-critical components.