[bflesch]

Just to clarify: We accept the security risk of kill switches in networking equipment, smartphones, laptops, servers, clouds, processors, bluetooth firmware and nvidia driver blobs, but we draw the line at civillian cars?

And in contrast to the listed items above, for civillian cars you can choose from dozens of countries who produce them. And if you cannot accept security risk of owning a "kill switch" car then you can still go back to gasoline or diesel.

I feel it's crazy to collectively accept security risks in vital electric equipment but suddenly cars are the one product that becomes a political issue. An unlike cars there are very limited alternatives with electrical equipment.

[scottbez1]

This doesn’t seem that crazy to me - a broadly applicable coordinated OTA zero day applied across cars during US rush hours has the potential to result in likely hundreds of thousands of deaths in a few hours if safety critical systems like airbags can be tampered/inhibited by OTA-capable systems.

The scale of car travel plus the inherent kinetic energy involved make a correlated risk particularly likely to lead to a mass casualty event. There are very few information system vulnerabilities with that magnitude of short-term worst case outcome.

[viccis]

Sure but you could just nuke us too, given that the response to a mass civilian death event would be the same. Same reason the US would be foolish to destroy the Three Gorges Dam.

[beeflet]

It doesn't need to be a mass civilian death event. They can wait, collect data and kill 90% of our most important soldiers, heads of state, spies and everyone needed to maintain critical sectors of our economy. They could kill everyone who is anti-china. They could kill all the members of one political party (any one) as a false flag and cause a civil war.

Surveillance technology is nessisarially selective, so these "all or nothing" hypotheticals do not apply.

See also "slaughterbots". https://www.youtube.com/watch?v=O-2tpwW0kmU

[viccis]

Again, they could just nuke us. Because if they did what you're suggesting, we would absolutely nuke them in response.

[beeflet]

How would we know who did it? As I said earlier, it could be a false flag attack triggering a civil war, or a war with another mutual enemy.

China could kill every anti-russian politican with robots, and start a nuclear shootout between the US and Russia.

[epolanski]

Nonsense, if that's the goal the countries are at war and you have to worry about nukes, not your car being switched off.

I'd expect HN crowd to be smarter than nonsense security propaganda, yet it seems to work.

[swolios]

There was already a million vehicle recall for a vulnerability that allowed remote control of safety features (steering/breaking/acceleration control) that could be abused by anyone with a sprint mobile sim.

https://static.nhtsa.gov/odi/rcl/2015/RCRIT-15V461-4869.pdf

[PaulDavisThe1st]

.... and the second US civil war starts up and one side has hacked into the automobile kill switches ...

"security" and "war" come in all sizes and shapes. Even inter-national warfare can be of the "cold" variety, in which nobody is nuking anybody else, but making automobiles randomly unreliable could be extremely effective (for a while, anyway).

[bflesch]

Not really convinced by your argument. If you want to achieve your scenario you just take a sysadmin from the Tesla shanghai plant and next time they go to the US HQ they gain access to a coworkers laptop and deploy an OTA update to the tesla fleet. And this is assuming that the Tesla OTA update deployment mechanism is actually separated between countries, and not simply accessible from the Tesla intranet.

No need to design & ship another low-cost car model for this.

[beeflet]

The security risk of backdoors in your IT may drive you crazy, but backdoors in your car may drive you off a bridge.

I agree with your point. But cars are the last line of defense, and they are technology most people understand. With computers, you can just unplug them at the end of the day. A backdoor in a car or a drone or something just kills you.