There is nothing new under the sun…turn, turn, turn

Archive for the tag “automobile”

The benefits and drawbacks of autonomous vehicles, courtesy RAND Corporation

The RAND Corporation (not to be confused with Rand Paul) has released a study entitled “Autonomous Vehicle Technology: A Guide for Policymakers.” The study, which can be downloaded for free, analyzes the benefits and drawbacks of the emerging technologies behind self-driving cars.

It’s always important to remember that the development of a technology itself is not the only thing that needs to happen. The environment around the technology, such as the legal environment, often has to change. In my industry, it’s technically possible for an automated fingerprint identification system (AFIS) in state A to talk to an AFIS in state B, even if the two systems come from different manufacturers. However, until the two states complete various agreements for the transfer of the data and the resulting increases in workload, AFIS data transfer isn’t going to happen.

Returning to autonomous vehicles, the RAND corporation notes that there are several benefits to the technology. In addition to increasing mobility for people who cannot drive today, the study asserts that the accuracy of autonomous vehicles over human-driven vehicles will result in a decrease in accidents. This also solves parking issues in urban areas, since the cars don’t have to park next to your workplace; they can go off and park somewhere else, kind of like how valet services work.

However, there are drawbacks:

Because the technology would decrease the cost of driving, congestion might increase, rather than decrease.

Occupations and economies based on public transit, crash repair, and automobile insurance might suffer as the technology makes certain aspects of these occupations obsolete.

The latter point is important, as Jason Calcanis reminds us, and as Goodyear France’s most recent hostage crisis reminds us.

Now some may doubt the findings, since it runs counter-intuitive to anecdotal evidence to think that a “robot car” could be more accurate than a car with a “real driver.” As I have previously noted, Loren Feldman prefers human-driven cars to autonomous ones, and raises valid points about possible infection of driverless cars. And, of course, cars can be hacked.

However, the RAND Corporation study is a real study, and I can cite clear evidence that the study is a real study. Look at the study’s first recommendation:

Further research should be conducted to better quantify the likely costs and benefits of the technology and, just as importantly, to whom they will accrue.

When a study states that further research is needed, you know that it’s legitimate.


Now the U.S. Senate is asking about carhacking

Back in August, I shared a post that detailed how two DARPA-funded engineers were able to hack the electronic controls of a car.

For its part, Toyota pooh-poohed the results, since in this particular test the hackers had to be physically present in the car to perform the hack.

Well, Toyota – and 19 other manufacturers who sell cars in the United States – will have to pay attention, now that Senator Edward Markey of Massachusetts is asking questions.

As car companies incorporate more navigation and other technologies that could potentially collect increasing amounts of information from and about consumers [delete] into cars, Senator Edward J. Markey (D-Mass.) today sent letters to 20 major automobile manufacturers requesting information about how consumers are protected from cyberattack or unwarranted violations of privacy.

It turns out that Markey isn’t only concerned about hacking, but is also concerned about privacy issues such as geolocation.

Here are some of the questions that Senator Markey is asking:

How does the company assess whether there are vulnerabilities related to technologies it purchases from other manufacturers as well as wireless entry points of vehicles to ensure malicious code or other infiltrations cannot occur?

Does the company utilize independent third-parties to test for vulnerabilities to wireless entry points?

Do any vehicles include technology that detects or monitors for anomalous activity or unauthorized intrusion through wireless entry points or wireless control units? And how are reports or unauthorized intrusion or remote attack responded to?

Has the company been made aware of any intentional or inadvertent effort to infiltrate a wireless entry point, and what, if any, changes were made to protect vehicles from vulnerabilities in the future?

What types of driving history information can be collected by navigation technology or other technologies, and is this information recorded, stored, or sold?

Has the company received any request for data related to the driving history of drivers, and what were the reasons and final disposition of the requests?

Which vehicles include technologies that can enable the remote shut-down of a vehicle, and are consumers made aware of this capability before purchase, lease ore (sic) rental of the vehicle?

Markey’s questions touch upon an important point – namely, that your modern car includes hardware and software from a number of manufacturers. So even if everything that Toyota manufactures is highly secure, what about the content from LoJack, Sirius/XM, or your insurance company?

Why Luddites will value old cars over new ones

So people are turning to typewriters so that the NSA won’t monitor their communications. In the next move of, um, reverse engineering, people may want to start driving old cars. Really old cars. This 2010 model is too dangerous:

Stomping on the brakes of a 3,500-pound Ford Escape that refuses to stop–or even slow down–produces a unique feeling of anxiety. In this case it also produces a deep groaning sound, like an angry water buffalo bellowing somewhere under the SUV’s chassis. The more I pound the pedal, the louder the groan gets–along with the delighted cackling of the two hackers sitting behind me in the backseat.

Yes, two engineers, funded by DARPA, have demonstrated ways to hack the computers in your car. And anyone who knows anything about security is not impressed with Toyota’s response:

Toyota, for its part, says it isn’t impressed by Miller and Valasek’s stunts: Real carhacking, the company’s safety manager John Hanson argues, wouldn’t require physically jacking into the target car. “Our focus, and that of the entire auto industry, is to prevent hacking from a remote wireless device outside of the vehicle,” he writes in an e-mail, adding that Toyota engineers test its vehicles against wireless attacks. “We believe our systems are robust and secure.”

Frankly, this is sort of like saying that “no one would ever fly two airplanes into a tall skyscraper.” Even if a hacking attempt depended upon physical access to a car’s data port, it’s easy enough to attach an electronic device to the data port, and communicate with the port via wi-fi. And, as the Forbes article notes, you don’t need physical access to a car’s data port; the car’s wi-fi can be hacked also.

I’m sure that Toyota’s internal conversations don’t mirror its external ones. Perhaps internal car ports will require extra security before someone can access them. And, of course, the hackers will defeat that extra security, and the merry cycle will continue.

You’ll note that I used the word “value” in the title of this post. It probably won’t happen, but it’s theoretically possible that people could create an economic demand for pre-computer cars, in the same way that Americans value older toilets that use more water.

Of course, the Amish come out ahead in any of these discussions. In fact, the Amish can even have a “driverless car” – if the horse knows the way.

P.S. As an added bonus, this investigation is going to be discussed at DEFCON – a conference at which DARPA itself (who funded the endeavor) is not welcome. Because DEFCON organizers know that if you tell someone that they can’t do something, they will always obey.

Post Navigation