6 questions to ask in evaluating modern cars

The Department of Trade and Industry has formed a panel to hear complaints about a certain brand of SUV reported to be susceptible to “unintended sudden acceleration.” According to some reports, out of 80 complaints filed in the DTI, all but two have been dismissed; presumably, with the mishaps attributed to driver error, or to carpets or hardened lubricant jamming the accelerator in a high-speed position. There is a claim that only the automatic transmission models seem to be liable to unintended sudden acceleration, not the manual transmission models.

A local expert interviewed on TV said that onboard computers of all car brands are programmed by default to shut the car down should a malfunction occur in the computerized systems, and that accidents can be avoided by shifting to neutral and stepping hard on the foot brake. Unfortunately, some researchers say this technique from the last century no longer works with a wide range of car brands produced after 2010; it works only with some cars whose manufacturers have been meticulous in ensuring onboard computer safety from deliberate interference (hacking) or inadvertent interference (stray signals from random emitters).

For any modern car under evaluation, these questions should be asked: (1) Are its wireless circuits (intended to enhance the owner’s enjoyment or monitoring of his vehicle, such as Wi-Fi, bluetooth, keyless entry, and smartphone connections) kept separate from the circuitry that operates the car’s driving systems such as the steering, brakes, accelerator and automatic transmission? (2) Is there a guard portal that can block any invasive signal at any unavoidable connection between the two circuits, like in computerized automatic parallel parking systems? (3) Is the circuitry operating the car’s driving systems adequately physically shielded by grounded metallic housing from deliberate and inadvertent external signals? (4) Might any after sales add-ons allow external wireless signals access to the driving system controls, such as the tiny gadgets that some insurance companies plug into modern cars’ driving system circuitry to report any dangerous driving habits that increase insurance risks? (5) Have any devices been installed to enable a mortgage company to remotely shut down the vehicle, to aid in ensuring timely payments or in repossession? (6) Have the car’s operating systems been designed to interact with the owner’s smartphone to enable him to operate comfort features, for example, starting up the engine and precooling the car before he drives off?

Two now-famous security researchers, Charles Miller and Chris Valasek, have called the world’s attention to how little-known vulnerabilities of many of today’s high-tech cars can be exploited without having to gain access to the vehicles, and can possibly expose their owners to risks, as increasing Internet connectability inevitably increases the vehicles’ susceptibility to external interference. They have drawn up a list of 24 cars sold in the United States.

How have some of the world’s car manufacturing companies responded? Some just buried their heads in the sand, mistaking the incomprehensible arcaneness of the wireless devices as true security. Others have taken serious note of the duo’s research and recalled vehicles without fanfare or explicit reasons, to fix the vulnerabilities quietly. The US Senate has introduced a bill requiring reasonable security measures even as cars become more connected to the Internet.

—BENJAMIN AGUNOD,
[email protected]