This article is one-sided and shortsighted. There are many reasons why engine controls must include anti-tampering measures. There is a business case to extend these principles to other control modules in a car. Disclosure: I've been an automotive DMCA violator for nearly a decade.
An obvious reason is that the manufacturers do not want to deal with warranty issues. Of course you can probably understand that the possibility is there that bad software can result in engine damage. This applies to other systems, too, for instance the guy who demonstrated that he could alternately flash his headlamps like a police car by sending traffic to the lamp controller probably does not realize that he should not be reigniting the HID lamp every couple of seconds, because this will shorten its life.
The automakers are liable to laws in every developed country. The United States has these average fuel economy laws that the carmakers must meet, and in some states, harsh emissions regulations must be adhered to and guaranteed. The emissions testing regime in some of these states has done away with exhaust gas analysis and relies on the engine control's self-diagnosis to show that the vehicle is performing to spec.
However in other countries, increasing pollution emitted by a car constitutes tax fraud.
Road safety is also important. One German carmaker uses the same diesel engine for a range of vehicles which have differing performance levels. I thought it was clever when I found that you could change the low market six cylinder from a cheap model to give the power output of the top model of the range simply by carefully changing eeprom data. But the low market model has a lame exhaust and small brakes. Triple the engine output power and this is potentially a disaster.
For as long as the universe of tinkerers will include those without experience or scruples, the carmakers will have to keep developing anti-tampering measures to show that they are attempting to guarantee that their products will perform within the bounds of the law, and indemnify them against bogus liability and warranty claims. Some tinkerers are smart enough to see the big picture and think about the results of what they are doing. Others either don't realize that these systems were designed by teams of engineers with more degrees and experience than them, or figure that they can sell genitalia enhancements to any twentysomething that walks in the door. These are the guys that scare me.
Road safety is an admirable goal, but that's an issue that you tackle with liability law, car registration and inspection regulations, road users code &c. The DMCA is such a badly written piece of law that lends itself to overreach, and it doesn't need to be extended to yet another area.
Besides, people have been tuning their cars for 100 years now, you'd think that by now the police had some experience keeping the worst specimens of the public roadways.
We have computer-controlled braking and throttles now, and while I figure it's unlikely that someone will tinker with the brakes software (as long as it's not integrated into something he wants to tinker with) there has been a famous case where a factory throttle control has been alleged to be bad.
The emissions (and taxes in the countries where taxes are a function of emissions) aspects are more likely to be the justification of any repercussions against these activities.
I don't really understand the emissions argument, though? If I'm trying to break the law (either tax law or emissions laws), why would copyright law (or laws around reverse engineering) deter me?
We have computer-controlled braking and throttles now
Couldn't the same case be made for doing your own mechanic work, though? We have braking, which is hydraulic and throttles which operate by wire. There's nothing preventing you from replacing the tried and true hydraulic brakes with something that runs on bluetooth. That would be just as dangerous as messing with the software of modern car brakes. More so, since one would hope modern car software has some failsafes built in[0].
[0]: they probably don't, but I know Sevcon does. Sevcon is a company that makes electric vehicle controllers for EV vehicles. They're popular with the DIY e-motorcycle crowd. Messing with the settings directly affects the power delivered to the motor.
Pulling out your old throttle system is hard. It's self-protecting, the difficulty keeps the uninitiated from doing anything too stupid.
Copy/pasting code from the internet is easy, so it has to be made artificially difficult. We live in a world where people put their iPhones in microwaves because they heard it would charge the battery. We have to keep these people very far away from the internal workings of their cars.
Have you ever tried to program a controller? It's hard too. You need special hardware, special software and know how to connect them all up. It's not just copying and pasting code from the internet. It's sufficiently discouraging for those who think microwaves are wireless battery chargers. :)
I appreciate the link, but at this point I'm not going to buy a car if I don't trust and like the engineers who built it. My "improvements" generally aren't :)
Even with needing special hardware and software I'm not happy about it the tinkering. Cars are too much: 3,500 lbs of metal going 40 mph with 10 gallons of gas in it is a lot to go wrong.
I hate DRM, I really do. And I think we should have kids programming Arduino's and Raspberry Pi's by junior high, but part of me thinks they should bury the computers so deep in the engine bay you have to pull the engine to get to 'em. It's just my opinion, but if you don't have a (relevant) PE license, minimum, you shouldn't be allowed to mess with ECU's in cars that go on public roads.
A solution to the road safety and emissions issues is to come up with a public standard for ECU software. Make adherence to that standard a requirement to pass the annual tests in states that have them. States that don't (I'm looking at you, Florida) have already stated indirectly that they don't really give a shit about these issues.
What about tuning an autonomous car? What if the autonomous car kills somebody? What if it wasn't your algorithm? You bought it off some guy? Is that a false sale? Who pays for the hospital bill?
An obvious reason is that the manufacturers do not want to deal with warranty issues. Of course you can probably understand that the possibility is there that bad software can result in engine damage. This applies to other systems, too, for instance the guy who demonstrated that he could alternately flash his headlamps like a police car by sending traffic to the lamp controller probably does not realize that he should not be reigniting the HID lamp every couple of seconds, because this will shorten its life.
The automakers are liable to laws in every developed country. The United States has these average fuel economy laws that the carmakers must meet, and in some states, harsh emissions regulations must be adhered to and guaranteed. The emissions testing regime in some of these states has done away with exhaust gas analysis and relies on the engine control's self-diagnosis to show that the vehicle is performing to spec.
However in other countries, increasing pollution emitted by a car constitutes tax fraud.
Road safety is also important. One German carmaker uses the same diesel engine for a range of vehicles which have differing performance levels. I thought it was clever when I found that you could change the low market six cylinder from a cheap model to give the power output of the top model of the range simply by carefully changing eeprom data. But the low market model has a lame exhaust and small brakes. Triple the engine output power and this is potentially a disaster.
For as long as the universe of tinkerers will include those without experience or scruples, the carmakers will have to keep developing anti-tampering measures to show that they are attempting to guarantee that their products will perform within the bounds of the law, and indemnify them against bogus liability and warranty claims. Some tinkerers are smart enough to see the big picture and think about the results of what they are doing. Others either don't realize that these systems were designed by teams of engineers with more degrees and experience than them, or figure that they can sell genitalia enhancements to any twentysomething that walks in the door. These are the guys that scare me.