Re: Mandate open source
For example at the moment it looks like VW's
European non-USAian customers will get no meaningful compensation.
To be honest, if static analysis was as effective as implied in the article, our antivirus products would work much more effectively. All a rogue company would have to do is push through so many changes that trigger false positives in the analytics tools that the regulators would not be able to practically do their job.
The simpler solution here is to ban all sales of any make for 3 months plus the amount of time taken to repair defective vehicles already sold if caught.
Provide other manufacturers the ability to self report any past misdeeds with VW-esq penalties. Any new model caught playing similar games, or any existing model that hasn't been caught would trigger the 3 month+ ban.
Finally, rather than pay they own coffers when someone gets caught, set aside a large proportion (say 50%) as a bug bounty style payment to private researchers who discover and report cheat devices to the regulator.
Avoiding cheats is simply making compliance less costly than any benefit they would have had by cheating.