- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Authorities in Denmark are urgently studying how to close an apparent security loophole in hundreds of Chinese-made electric buses that enables them to be remotely deactivated.
The investigation comes after transport authorities in Norway, where the Yutong buses are also in service, found that the Chinese supplier had remote access for software updates and diagnostics to the vehicles’ control systems – which could be exploited to affect buses while in transit
Over the air updates and remote diagnostics are both things that are sold as features and are often even requested by the transportation companies.
To be honest I am a bit surprised that they are surprised this exists.
To be completely honest: there are even ECE regulations regarding software updates over the air.
This is nothing new and nothing special. Almost all vehicles these days are connected to their manufacturer.
Also regarding deactivating this „feature“. It is usually quite simple, just unplug the connectivity ECU.
Guess they didn’t request this feature. Not this way at least
It’s a very dangerous feature that can and will be abused by China. Many devices made in many countries having the same feature does not make it any less dangerous for China’s adversaries.
Sorry, but this is not a China discussion. If it was a American vehicle which was controlled from the US, it wouldn’t be any less dangerous.
It is simply dumb to rate long term Cyber Security threats only based on current political climate.
Saying that the bus itself is dangerous when the “danger” is that auto-OTP can be used to remotely make it unable to run is a bit weird. But, let’s go with your phrasing.
Why would the danger be the same? (And how is this argument of yours anything else than whataboutism?)