GPL v3
GPL v3
Posted Aug 9, 2012 3:01 UTC (Thu) by Richard_J_Neill (subscriber, #23093)Parent article: GENIVI: moving an industry to open source
i.e. Users should be free to modify their device's software, but with some clear restriction to "experts only, at your own risk" would be a reasonable balance.
As for "(and in most automotive architectures they are not fully isolated)", that sounds to me completely crazy. I don't think that feeding a music player with a malicious file should ever be able, even in theory, to interfere with the brakes!
Posted Aug 9, 2012 3:22 UTC (Thu)
by epa (subscriber, #39769)
[Link] (1 responses)
Posted Aug 10, 2012 13:58 UTC (Fri)
by ewan (guest, #5533)
[Link]
Posted Aug 9, 2012 8:40 UTC (Thu)
by mkerrisk (subscriber, #1978)
[Link] (24 responses)
If we broadly consider the car-with-IVI-system as a consumer device, a car is a consumer device with a distinctive property: it can kill the user (and of course nonusers). As a consequence, lawyers at car companies are extremely cautious: accidents where liability can be demonstrated to lie with the manufacturer can be catastrophic for business. (I think it's enlightening to place oneself in the position of a lawyer at a multibillion dollar car company. Knowing that the decisions you make could fatally affect the business would likely make any of us extremely conservative.) Even cases where, legally speaking, the automotive manufacturer is not at fault, there is still the possibility of damage to reputation, which can likewise be bad for business.
IVI systems are not fully isolated from other networks in the car, since in practice they take information from other parts of the car (e.g., speed, engine diagnostics). In practice, it would probably be extremely difficult to trigger an effect on another network in the car via software on the IVI system. However, lawyers worry (reasonably) that there might be a nonzero chance that this can occur.
As I explained in the article, "modify the IVI system and the warranty is void" approaches are not a solution that keeps lawyers happy.
Automotive manufacturers are not taking this stance on the GPLv3 easily. Deciding not to use GPLv3-licensed software has costs for them. One might wonder if there is a hidden agenda, for example, maintaining control of the device in order to profit from an apps market. While this is possible, I've concluded by now that it's improbable. Some industry studies have shown that drivers in practice spend an extraordinarily small amount of time interacting with IVI devices. Thus, while the market in novel apps for the IVI unit may exist, because the consumer mental bandwidth available for interaction with IVI systems is orders of magnitude smaller than for tablets or smart phones, the apps market seems unlikely to be profitable for automotive manufacturers
Posted Aug 9, 2012 9:31 UTC (Thu)
by miahfost (guest, #51602)
[Link] (3 responses)
But that does not mean that the entire customer relationship is not worth protecting jealously. For example, certified auto parts are a huge business, as is the automotive aftermarket in general. The OEMs are very interested in blocking third party success in that market and keeping that revenue for themselves.
The OEMs have not been successful so far blocking software updates, there exists software to modify your ECU today. That software is significantly more prone to catastrophic failure because it bypasses things like the air to fuel mixture that the car maker carefully calibrated for safety and efficiency. Good article on this very topic: http://nyti.ms/Nf4Vry
I think allowing car owners to update their IVI systems would be much more appropriate and the argument currently being used by automotive legal eagles may not be particularly persuasive, i.e. blocking the GPL v3 is for safety's sake. I think there are a lot of business considerations that are behind this.
Posted Aug 10, 2012 2:28 UTC (Fri)
by dlang (guest, #313)
[Link] (2 responses)
I disagree with this in the long run.
Think of the money to be made by allowing the kids in the back to install their games, watch movies, and do all the other things that they could do with android apps running on the car IVI system (assuming that the car companies charge some markup for their branded store)
All it will take is one company doing this and all of the sudden, the others will change their tune to cash in on the windfall.
Posted Aug 23, 2012 13:26 UTC (Thu)
by miahfost (guest, #51602)
[Link] (1 responses)
Posted Aug 24, 2012 2:27 UTC (Fri)
by dlang (guest, #313)
[Link]
besides, it's easier to just install a plain android device in the car for this, it handles so many formats, functions, networks, etc without any development effort.
Posted Aug 9, 2012 10:25 UTC (Thu)
by NRArnot (subscriber, #3033)
[Link] (19 responses)
Actually that argument could be applied to a toaster as well. (If the user trusts the firmware and the firmware has a bug that one day causes the toast to catch fire and set fire to the kitchen ....)
I'd suggest going a bit further than merely a "warranty void" sticker that might fall off (or be caused to fall off. WD40 works great :-) Put the device in a case that cannot be opened without cutting through something. Have a program-enable jumper that cannot be set without irreversibly recording that fact in (say) a fusible-link PROM. Surely that would suffice to prove "not our fault" in law.
Posted Aug 10, 2012 8:17 UTC (Fri)
by fb (guest, #53265)
[Link] (18 responses)
The question is not just whether it 'can' kill the user, but how 'likely' that is. One way to determine that is to ask:
- How often are people killed by toaster accidents?
Posted Aug 10, 2012 15:05 UTC (Fri)
by dlang (guest, #313)
[Link] (3 responses)
I suspect that if you measured by the number of hours they are in use, the numbers would be a lot closer than you expect.
Posted Aug 10, 2012 15:24 UTC (Fri)
by fb (guest, #53265)
[Link] (2 responses)
I honestly measure the totals (as in total # of injured or killed by per year), as that gives the cost of the toast/car safety to society (which are different words for "how likely a citizen to suffer from it").
It amounts to my original question asking how many are killed (or injured) by either per year in total.
(Now for the absurd argument...) Active volcano's are far more dangerous than toasters or cars /per minute/ but since the amount of minutes I get exposed to them is so low, I tend to worry a lot more about cars. (No, I don't have any idea of how we could hack a volcano (sorry)).
Posted Aug 10, 2012 15:38 UTC (Fri)
by dlang (guest, #313)
[Link] (1 responses)
to compare the risk you need to evaluate the costs compared to the amount of usage.
or you can do a risk analysis from a cost/benefit point of view, but there you again can't just compare the cost, you would have to quantify the benefits of the particular tool/technology.
Just comparing the resulting costs leads to absurd conclusions.
Posted Aug 10, 2012 15:55 UTC (Fri)
by fb (guest, #53265)
[Link]
Go back and re-read my post.
I am not -in the least- interested in measuring the absolute danger level of something per minute (see the volcano example). I am interested in much danger that is for me, or my family, or my neighbor (I don't worry about volcanos).
The total is already the combination of danger per minute and rate of usage thought society.
> or you can do a risk analysis from a cost/benefit point of view, but there you again can't just compare the cost, you would have to quantify the benefits of the particular tool/technology.
My whole point in this discussion is that using toaster analogies with cars is pointless. Cars are far more dangerous, as in `the actual likelihood one will suffer from it in the next 12 months`.
Posted Aug 10, 2012 15:20 UTC (Fri)
by nix (subscriber, #2304)
[Link] (13 responses)
I think you'll find that most toaster-induced fatalities are fires and electrical-system failures (particularly in the US with your literally terrifying electrical regulations, plugs that can shoot sparks when you unplug devices and all that): modifications to toasters are rare and generally the worst you'll do is make it not work. I think you'll find that most car-induced fatalities are caused by human error and/or the car functioning as designed, or by failure of manufacturer-provided systems. Car hardware is modded all the time: do those mods increase the fatality rate perceptibly?
I have no idea if this is true: I don't drive. I know that *some* mods, e.g. bull bars, *do* increase the fatality rate, but in the US, land of the SUV, bull bars are probably provided by the manufacturer and don't count as end-user mods. Heck, I wouldn't be *too* surprised to find the manufacturers providing sharp spikes on the front to get inconvenient pedestrians out of the way, and hood-mounted cannon to rapidly clear those unfortunate traffic jams. :P
I note that it is perfectly legal to modify your car to do all sorts of things, but that in the UK at least you have to regularly pass a test to make sure the thing is roadworthy before you can drive it anywhere but on a private road: so mods that made the car notably more likely to roll over onto pedestrians would probably be detected. It seems unlikely that mods to in-car entertainment systems would be anywhere near that dangerous -- but it is also true that your average garage owners cannot possibly diagnose faults in the software the way they can diagnose problematic hardware mods, and there's not much chance of government regulation keeping up with it either (at least in the UK, this is regulation enabled by legislation, not legislation itself: the MOT is routinely revised without Parliamentary involvement, but revisions to cover software mods seem hard to implement).
So I am of two minds -- and literally an outsider in this, since I'm about as likely to learn to drive as I am to learn to swim in molten rock.
Posted Aug 16, 2012 19:08 UTC (Thu)
by Kluge (subscriber, #2881)
[Link] (12 responses)
Posted Aug 16, 2012 21:37 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link] (10 responses)
Most European countries adopted a plug design where the plug is recessed into the socket so any sparks are contained within it and naked live wires can't be physically touched.
Besides, US voltage is 110V versus 220-240V in Europe, so it gives rise to much higher (4 times) currents and much higher ohmic heating of wires.
Posted Aug 16, 2012 21:47 UTC (Thu)
by dlang (guest, #313)
[Link] (5 responses)
that must be a relatively recent development (it wasn't that way the last time I traveled)
what do the power strips and extension cords look like that have this sort of protection?
by the way, as for the voltage difference, the argument can also be made that the higher European voltage is more dangerous.
but voltage differences are not "terrifying regulations", nor are they regulations that allow "shoot sparks when you unplug devices" (something that's more likely with higher voltages)
Posted Aug 16, 2012 23:47 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link] (1 responses)
>but voltage differences are not "terrifying regulations", nor are they regulations that allow "shoot sparks when you unplug devices" (something that's more likely with higher voltages)
Posted Aug 17, 2012 12:16 UTC (Fri)
by man_ls (guest, #15091)
[Link]
Posted Aug 17, 2012 13:19 UTC (Fri)
by ekj (guest, #1524)
[Link] (2 responses)
No, this ain't new. It's been this way for atleast a decade, possibly 2.
Posted Aug 24, 2012 22:24 UTC (Fri)
by JanC_ (guest, #34940)
[Link]
Posted Aug 24, 2012 23:49 UTC (Fri)
by anselm (subscriber, #2796)
[Link]
As a matter of fact, that type of plug was standardised in the early 1960s. It has been around literally for generations.
This »Europlug« design is popular for devices requiring up to 2.5 A which do not need to be grounded, in all European countries except the UK, Ireland, and a few other places that use the UK system like Malta or Cyprus. The Swiss system is also subtly different. There are other, more sturdy plugs used for equipment that requires stronger currents, must be earthed, or is used outside.
The UK system uses large plugs with three rectangular prongs. These plugs are usually fused, and are incompatible with the Europlug, although UK bathrooms will often feature Europlug sockets to accommodate electric shavers. It is possible to manufacture »converter« plugs that fit around a Europlug, contain the requisite fuse, and have the three prongs required for a UK socket.
Posted Aug 17, 2012 13:21 UTC (Fri)
by nix (subscriber, #2304)
[Link] (3 responses)
Posted Aug 20, 2012 9:50 UTC (Mon)
by etienne (guest, #25256)
[Link] (2 responses)
Ever seen someone using a pair of scissor in the earth of a UK socket to open the live holes and plug-in by force a european 2 pin plug?
Posted Aug 20, 2012 12:08 UTC (Mon)
by BlueLightning (subscriber, #38978)
[Link] (1 responses)
Posted Aug 20, 2012 22:25 UTC (Mon)
by nix (subscriber, #2304)
[Link]
It is perhaps thirty years since I saw anyone resorting to *that*. :)
Posted Aug 17, 2012 13:19 UTC (Fri)
by nix (subscriber, #2304)
[Link]
There are minimal regulations regarding electrical equipment in waterlogged areas like bathrooms: the UK forbids anything not internally earthed, anything running at above trivial voltages and in certain parts of the bathroom forbids anything electrical at all modulo pull cords. You never, ever see things like washing machines in bathrooms, and it is very rare for people to get electrocuted in bathrooms (the primary cause is manufacturing defects in electric showers).
Electrical fires and fatal electrocutions still happen in the UK, but they are so rare as to be national news when they do happen. So, yes, from my perspective US domestic electrical regulations are terrifyingly lax.
The real reason for all this of course is that electric kettles are ubiquitous in the UK, and we need our cups of tea fast! :)
Posted Aug 9, 2012 16:27 UTC (Thu)
by ScottMinster (subscriber, #67541)
[Link] (2 responses)
Quite frankly, it would be much better if the various pieces of firmware and IVI software were open source and available. Then third parties, like auto mechanics, could have access to this information and be able to do repairs. As it currently is, all SW repairs have to be done through the dealer. They are bad enough with proprietary diagnostic tools (why the "check engine" light is on).
IANAL, but I believe there have been cases in the past where car manufacturers tried similar tricks on hardware to prevent third party repairs and were smacked down by the courts. I don't see why SW would be so fundamentally different, there just haven't been enough court cases yet.
When you buy something, be it a car or a computer, it should be yours to tinker with as you please. Manufacturer lock downs should be as unwelcome in cars as they are in computers or tablets. Of course, if you do change something, and you hurt or kill someone as a result, you better be prepared to accept the consequences.
Posted Aug 9, 2012 21:16 UTC (Thu)
by rvfh (guest, #31018)
[Link] (1 responses)
Posted Aug 10, 2012 0:35 UTC (Fri)
by dlang (guest, #313)
[Link]
Posted Aug 9, 2012 19:26 UTC (Thu)
by iabervon (subscriber, #722)
[Link] (3 responses)
Posted Aug 11, 2012 8:58 UTC (Sat)
by jospoortvliet (guest, #33164)
[Link] (2 responses)
Moreover, you think a journalist would bother checking if the car software was modified? No, headlines will just say "4 killed in $CARBRAND".
I understand the reluctance to adopting GPLv3. I hadn't thought of these issues but they make it rather clear to me that GPLv3 has a big problem...
Posted Aug 11, 2012 9:59 UTC (Sat)
by dlang (guest, #313)
[Link]
What makes software so different?
Posted Aug 12, 2012 0:48 UTC (Sun)
by iabervon (subscriber, #722)
[Link]
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
a car is a consumer device with a distinctive property: it can kill the userGPL v3
GPL v3
- How often are people killed by car accidents?
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
I think you'll find that most toaster-induced fatalities are fires and electrical-system failures (particularly in the US with your literally terrifying electrical regulations, plugs that can shoot sparks when you unplug devices and all that)...GPL v3
This is waaay off-topic, but I would be very interested in hearing how and why the US electrical regulations are so terrifying.
GPL v3
GPL v3
GPL v3
Sparks probably also happen within European plugs, but they happen _within_ them.
Yes, sparks do happen and I've seen them even recently (due to a voltaic arc between socket and plug pin, I believe). But as you say they are contained in the socket. With the old flat design sparks could come dangerously close to fabrics or even your own hand.
GPL v3
GPL v3
GPL v3
GPL v3
It's been this way for atleast a decade, possibly 2.
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
GPL v3
