Axel Arnbak
The Internet of things is dangerous. That reality is after the much-discussed Jeep hack to deny a few weeks back no more. The security researchers were able to leave home from a slow-moving Jeep, give full throttle and the brand new car so send in the ditch. After all the fuss pulled Fiat Chrysler Jeeps 1.4 million from the market. It was so wrong because software developers and Fiat Chrysler – because that they are – liability to indemnify the damage in terms which in other industries already legally pay for culpable errors. That should also be the rule for software, now in the Internet of things besides our data also, our lives are at stake.
The security researchers hacked the Jeep through the audio system uconnect that audio streaming via the mobile network of telecom provider Sprint. Through uconnect they reached the central board computer and all functions of the car. Furthermore, they discovered that by using a Sprint SIM card could not only manipulate an already familiar Jeep, but the entire Sprint Network could scan for vulnerable uConnects in Jeeps. Extremely serious.
For the Jeep hack is seeking cooperation with the experienced Wired journalist Andy Greenberg. In a movie you see Greenberg on the freeway losing control, while researchers at the kitchen take the Jeep. They also approached two US senators who proposed the date of publication legislation to make political capital out all the fuss. This Spy Car Act should regulate security guarantees in automotive software and liability cyber incident.
Jeep full of rookie mistakes. Why are your car radio and accelerator at all interconnected? Why all uconnect audio systems findable with a Sprint network scan? The answer is simple. Security costs time and money. And why waste time and money as a software maker, if you do not have to give access to your software and your liability to indemnify the small print of the contract? Fiat Chrysler have received $ 100 million fine from the traffic authority NHTSA for years ignoring warnings, but the record fine is child’s play compared to the potential damage if not researchers, but attackers had to crash ten thousand Jeeps. The experienced researchers argue that this hack is possible with many other brands.
Back in 1750 v. Chr. Hammurabi’s Code introduced Babylonian homebuilders liable for culpable errors during construction. From chainsaws to kitchen appliances and even car manufacturers are now liable by law. Even if you do a test drive and the brake is not braking. This ensures quality guarantees in advance. But fails because of a car brake software, software developers like spring Fiat Chrysler legal dance. Recently, the EU cybersecurity legislation. Software would be too complex. That’s right and correct a problem. Microsoft Windows was already ten years back from 35 million lines of code and is still as leaky as a sieve. Each additional line of code can mean a leak. The company built a software monopoly, without turning on security for wreck
Another crucial issue is secrecy:. Just like Windows, is the software of the Jeep not public. They can not be judged on software quality. Open source software is indeed public. This transparency leads to rigorous quality control, minor leaks and much faster updates.
Legislation should reward it. Provides a software no disclosure, he must pay by law for culpable errors. What culpable errors and damages are, right by sector and case will have to determine. Fiat Chrysler, supplier uconnect and Sprint would have to fight it in court.
Without robust security not connected cars, self-propelled car , smart boiler or care robot. All those Internet things are potential murder weapons. Software liability encourages developers to finally put to order. Of course, keep calling software developers which liability is the death knell for the current software industry. The submitters of the Spy Car Act will say, to save human lives was exactly the intention
axelarnbak
No comments:
Post a Comment