back to article Jeep hacking lawsuit shifts into gear for trial after US Supremes refuse to hit the brakes

A class-action lawsuit claiming Fiat-Chrysler knew about, but failed to fix, significant cybersecurity holes in its cars will go to trial in America later this year. This week, the US Supreme Court refused to hear [PDF] the company's appeal to a lawsuit that was filed after security researchers revealed, back in 2015, they …

  1. The_Idiot

    So...

    ... don't buy network connected vehicles? Software will always have flaws, flaws will always be found, found flaws will always be used by someone at some time.

    1. G.Y.

      switch Re: So...

      At least the network should have an on/off switch (default: off!)

    2. Remy Redert

      Re: So...

      I don't know about this particular case, but in other cases it's been the DAB+ radio (max range for a hack of a few dozen km, provided a legal transmitter power is used) that was responsible for the initial hole.

      How about manufacturers simply go about not putting important vehicle functions like engine, brake and lock controls on the same physical network as things that have no business interacting with those controls, like radios, heaters, Bluetooth handsfree phone systems, etc.

      1. Amos1

        Re: So...

        If I recall, a vendor left access open from the Internet in general to a system that was never supposed to be exposed to the Internet and they figured it out. I've certainly never heard of that being a problem before (vendor screw-up, no monitoring, ports left open) (rolls eyes).

      2. muhfugen

        Re: So...

        Because those systems do have business being on the same bus. So people cant watch video or browse the internet on their head unit while the vehicle is being driven. So you can display diagnostic information such as the TPMS sensor values on the head unit. Thats like asking why would you ever want a monitor to be connected to your computer, because someone could hack your computer because DisplayPort can carry USB data.

        1. Marcus Fil

          Re: So...

          Data diodes? It is a balls up - automotive needs to speak to the mil an int communities and fast - much as I like FCA I hope this proves an expensive warning to all automotive companies that this sh*t matters and you have no excuse for not using the very best practices.

        2. Anonymous Coward
          Anonymous Coward

          Re: So...

          Well, if the choice is:

          1. Be able to watch video while driving (!), and possibly get hacked then killed remotely, or

          2. Not be able to watch video while driving, but (aside from physical problems) remain in control of the car

          I'll pick option 2. Feel free to prioritise your watching video, over your safety, that of your passengers, and that of potential collision victims you may drive near.

          > Thats like asking why would you ever want a monitor to be connected to your computer, because someone could hack your computer because DisplayPort can carry USB data.

          Unless used as a blunt force weapon or you having problems with flashing lights, someone taking over your monitor remotely probably won't kill you.

          You haven't really thought this through, have you?

        3. overunder

          Re: So...

          "So people cant watch video or browse the internet on their head unit while the vehicle is being driven."

          Great point!! Keep them coming!!

          -

          Sent from my Android phone (car_dashboard).

        4. Version 1.0 Silver badge

          Re: So...

          A lot of audio systems have the option to increase the volume as the vehicle speed increases. But this can be fixed by making the communications one-way.

          1. Michael Wojcik Silver badge

            Re: So...

            A lot of audio systems have the option to increase the volume as the vehicle speed increases. But this can be fixed by making the communications one-way.

            For many years we did not have this feature, and many of us survived.

        5. John Robson Silver badge

          Re: So...

          "Because those systems do have business being on the same bus."

          No they don't. I can see that you might want a one way data signal from the ECU etc to the display system of the car, but there is no reason to have unrestricted bidirectional data flow.

          I can't think of anything that would want to be displayed that couldn't be gathered from:

          - A GPS receiver.

          - A unidirectional stream (i.e. rev counter, TPS readings, error codes)

          There is nothing that needs the radio to talk to the ECU.

    3. Voland's right hand Silver badge

      Re: So...

      don't buy network connected vehicles?

      Not enough. Most vehicles try to connect to the network by various clandestine ways nowdays.

      The "phone app" shipped for your vehicle is actually a proxy and most manufacturers tell you very little about what it does. AFAIK only BMW is fully honest telling you what it is going to send to the mothership and the list makes for some scary reading. Nobody tells you what can come the other way around and with an OBD-2 interface on the back of the stereo and the stereo running an obsolete 3+ years old build of Android nearly anything can come that way.

      1. Michael Wojcik Silver badge

        Re: So...

        The "phone app" shipped for your vehicle is actually a proxy and most manufacturers tell you very little about what it does.

        Indeed. I declined to install the Volvo app when my wife bought her XC60 last year, and I suspect I'll never buy another new Volvo - or any other make of car. My 2015 Volvo XC70, with its blissful lack of "connectivity", might be the last new car I ever have. I know too much to trust any of the manufacturers.

      2. LucreLout Silver badge

        Re: So...

        Nobody tells you what can come the other way around and with an OBD-2 interface on the back of the stereo and the stereo running an obsolete 3+ years old build of Android nearly anything can come that way.

        Wait, there's a what at the back of the radio???

        I use my cars OBDII port regularly for diagnostic information and to check there's no trouble brewing at t'mill. Quite why there would need to be a second port hidden behind the radio, to which the radio is connected is a mystery to me.

        Surely if the head unit needs diagnostic information displaying, there should be a few diodes wired in to ensure communication is one way only?

    4. GnuTzu Bronze badge

      Re: So... -- Market Prices

      Still wondering how much the price of per-networked vehicles is going to go up.

  2. Scoular

    History not favourable

    History suggests that if companies can find a way to betray your trust they will.

    Then we have the non company hackers.

    We have managed so far without network connected vehicles so we have to consider the possible advantages against the fairly obvious disadvantages.

    1. ThatOne Silver badge
      Facepalm

      Re: History not favourable

      > We have managed so far without network connected vehicles

      We have also managed so far without Internet connected tea kettles, yet here we are...

      Marketing dictates that everything should be "connected" because it sounds "cool", even there is no real use to it (Do you really need your shoes to automatically update your Facebook status to "walking"?).

      1. annodomini2

        Re: History not favourable

        > Marketing dictates that everything should be "connected" because it sounds "cool",

        And they can sell all the lovely data it collects to advertisers.

    2. EveryTime Silver badge

      Re: History not favourable

      > "We have managed so far without network connected vehicles..."

      You might be surprised at how long we have had connected vehicles.

      How old is your car?

      I was taking apart the telephony interface of a turn-of-the-century BMW. This was advertised as a feature that charged specific cell phones, used the car audio system as a speakerphone, and connected to an amplified external antenna. I expected it to be a relatively simple speaker and microphone interface. Instead it was a complete data interface. Inside was a significant microcontroller, an audio modem, and even an unpopulated section of the board for a dedicated cellular radio. This was a car built almost two decades ago, and it had full call-home connectivity capable of accessing engine and chassis status and the navigation system.

      1. DropBear Silver badge

        Re: History not favourable

        My car...? Pre-OBDII. Old enough? Because it's exactly as old as I like it.

  3. David 132 Silver badge
    FAIL

    If FCA are going to be sued for anything...

    ...it should be their counterintuitive and utterly needless redesign of the standard gear shifter.

    Just ask the Star Trek actor Anton Yelchin. Oh wait, you can't. Ask his next of kin then.

  4. Big Al 23

    Mo brands and models vulnerable

    Watch this space for the announcement of Mo compromised vehicles as the hackers continue to break into and steal vehicles.

  5. Kev99 Bronze badge

    Bogus Bovine Excrement

    "The Jeep owners claim that they would never have bought the cars in the first place if they had known about the security risks, ..." And are these same people going to quit using the internet, cloud, cell phones, etc because of all the security holes in them? What a bogus claim. The net / cloud is just a bunch of holes held together with string ./ vapor. And Jeep recalled the vehicles and patched the software. Hmm...I wonder if these owners patch their copies of Windows, Acrobat, etc. And where's the proof the value of the vehicles has dropped? Did every vehicle owner have an independent appraisal performed or did some Philadelphi lawyer just claim the values dropped? Chrysler hasn't exactly been a paragon of quality the past few years.

    1. Scoular

      Re: Bogus Bovine Excrement

      We have little real choice about using the Internet, like electricity decades ago it has become a practical necessity of normal life.

      Buying a vehicle with network connected risks is not (yet anyway) at that point. Buyers had real alternatives and may well have decided not to purchase a Jeep.

    2. SMITCH79

      Re: Bogus Bovine Excrement

      Exactly, I couldn't agree more. £50k per car - who are they kidding - just an opportunist suit. Would think a Jeep would depreciate like a stone anyway.

      I had a call from a lawyers office the other day wanting me to get involved (i.e. do a load of paperwork for them) in a class action suit against a timeshare company I used to deal with due to their high maintenance fees. After asking where the hell they got my details they told me they got them as part of the discovery process. Colour me dubious - I used to get a load of calls offering to help me sell it for an upfront fee which were dispatched with the contempt they deserved but this was something new.

      The young lady then excitedly told me it was "no win no fee". I pointed out that usually this meant the lawyers got all the cash and the plaintiffs got sod all after the case was settled. I obviously declined their offer.

      I'll be watching this one with interest though. If car manufacturers can be successfully sued for software holes that are patched it'll set a interesting precedent. Very interesting.

    3. Grinning Bandicoot

      Re: Bogus Bovine Excrement

      As appropriate with your header I must note the Texas lawyers are the current bottom dwellers. Philadelphia lawyer is now in the category of cats pajamas.

      Well Twenty-three skidoo

  6. sisk Silver badge

    I asked this before and I'm going to ask it again. WTF is the entertainment system able to talk to the engine management system at all? To my mind that one is right up there with housing your PDC and your public website on the same server on the list of bad ideas.

    1. getHandle

      I think we're a bit too far gone for that...

      Even our fairly boring Golf has a performance monitor mode on the entertainment unit that shows engine power output, turbo boost and g-forces.

      You can also set the throttle, braking and cruise responsiveness via it, so it's not even just reading engine management info but setting it as well.

    2. Flywheel Silver badge

      Re WTF. Because it saves money. Simple as that - they don't give a f*ck about anything that endangers the bottom line.

    3. vtcodger Silver badge

      WTF is the entertainment system able to talk to the engine management system at all?

      - Vehicles already have way too many wires threaded around through holes and in nooks and crannies. Separate data buses for entertainment, emissions, engine management, ABS, etc would add more wires. More complexity. Less reliability. Higher repair costs

      - The entertainment system, pathetic though it may be, has by far the best User Interface in the car. Do you really want to try to decode which tire needs air by entering an inquiry in some Morseish code using the ignition key (if you have one) then counting flashes of the dash lights? That's pretty much exactly what was done to read engine management/emissions codes prior to the advent of OBD2 connectors in 1996.

      Sharing the bus and UI hardware/software probably isn't something that most engineers would be overly happy about. But it's probably the least bad solution.

      1. Someone Else Silver badge
        Facepalm

        @vtcodger --

        Vehicles already have way too many wires threaded around through holes and in nooks and crannies. Separate data buses for entertainment, emissions, engine management, ABS, etc would add more wires. More complexity. Less reliability. Higher repair costs

        Perhaps losing a few of these lawsuits might make it a better "value proposition" to engineer bigger holes and better wiring?

  7. Headley_Grange Silver badge

    Safety Standards

    Serious question - don't they have to design and qualify to recognized safety standards - e.g SIL, or an automotive equivalent of SW01? A hazard analysis would quickly come up with "software bug gives hackers wireless access to safety critical systems" with the resultant high level requirements, for example to isolate all safety-critical elements from the wireless system (other, better options might be available), which the manufacturer would have to prove by testing and maintain when updating.

    If I design a widget that's going to be installed in an air traffic control system in Europe then I have to demonstrate compliance to SW01 and have it signed off, ultimately, by the CAA before it can go into service. Is it just that the auto industry hasn't caught up and the regulators focus on indicator visibility and airbags?

    1. Someone Else Silver badge

      @Headley_Grange -- Re: Safety Standards

      Good question. But understand, the air traffic control system is not a for-profit operation. That single fact makes all the difference in the world (especially here in the US of A, Co. Inc.).

      1. Headley_Grange Silver badge

        Re: @Headley_Grange -- Safety Standards

        @Someone Else - that might be the case in the USA, but in the UK, ATC provision is privately run and operates in a competitive market. ATC providers (NATS, SERCO and ANS at the moment) compete for work and they can make profits. They have to have CAA safety approval to operate.

        1. Someone Else Silver badge
          Facepalm

          Re: @Headley_Grange -- Safety Standards

          Headley, words fail me....

  8. Starace
    Alert

    Proper design

    The system in my car uses a datapool shared memory system to get data between the infotainment system and the vehicle buses. It doesn't matter how much you compromise the infotainment system, it just can't read or write anything to the rest of the vehicle that the interface module wasn't explicitly designed to allow. And modifying the interface module isn't possible without basically replacing it completely.

    Chucking a CAN interface straight onto the application processor would have been cheap and simple but pushing that off to another board means you don't have to trust the infotainment system at all. It has firewalls, every single file is signed, etc. etc. but regardless it's treated as untrusted and isolated.

  9. GnuTzu Bronze badge

    Faraday Cage

    Has anyone determined if these things run inside a Faraday cage? Maybe there's a market for aftermarket shielding kits.

    1. Someone Else Silver badge

      Re: Faraday Cage

      Or perhaps 3rd party firmware that doesn't slurp....

  10. Michael Wojcik Silver badge

    extraordinary recall?

    an extraordinary 4.8 million vehicles

    I suppose that's literally true, in the sense that it's out of the ordinary, but it pales in comparison to Ford's 1980 recall of 21M vehicles. Or their 1996 14M-vehicle recall. Not picking on Ford here - they just have three of the top five. And, of course, the size of a recall will be affected by how popular the brand is, and how much the manufacturer is able to achieve efficient reuse of components and designs across the product line.

    Sure, Jeeps and other FC products generally suck, to a first approximation. I don't think they're extraordinarily sucky, though. Just ordinarily.

    (Also, to be fair, cars these days are much better in pretty much every way than they were in the 1970s, with a few exceptions for value or aesthetics; much better in most ways than they were in the 1980s; and significantly better than they were in the 1990s. I'm not a fan of today's huge, overpowered vehicles, but they are far more reliable than the ones I drove when I were a lad.)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019