[ProtectOurFreedom]

I did a bit of reading on automotive cybersecurity standards (which I was unaware of).

A SINGLE AUTOMOTIVE CYBER SECURITY STANDARD AT LAST: WP.29
21 OCT 2023

There's the usual scare that somebody can remotely take control of your car. But this is interesting: "...the more likely threat is that bad actors will intercept car data for financial reasons. For example, they are installing malware into a vehicle's operating system and demanding payment for removing it."

---

Wow, imagine getting a ransomware message on your car's panel saying they essentially own your car until you send them a lot of Bitcoin?

---

I didn't know that car firmware can receive Over The Air (OTA) updates. These changes in the standard make sense:

The most significant change is adding new requirements for the security of OTA software updates.

The new requirements require vehicle manufacturers to implement several security measures, including:

• Authenticating the OTA software updates to ensure they are from a trusted source.
• Encrypting the OTA software updates to protect them from unauthorised access.
• Verifying the integrity of the OTA software updates to ensure they have not been tampered with.
• Securely installing the OTA software updates to prevent unauthorised access to the vehicle during the installation process.

[Don W]

I find it very interesting that even though I do NOT and never did have a Sirius subscription in my car, I received a message on the in-car display screen at 0625 hrs 2 days in a row last week informing me that the Sirius had been updated.

Why would something that has been dormant and unused the entire time I have owned the car suddenly received an update?

Admittedly, I am not the original owner, but I’ve had it for just under 2 years. I didn’t even activate the “free trial” offered through the dealership, and it hasn’t “updated” before.

[Disambiguator]

Glad I have a few 90s vehicles without a lot of computerized garbage on them.

I think the 90s was “peak automotive” in many ways.