Comment by pinkmuffinere 4 hours ago
Ya, that is shockingly scary. It makes me think we need some new standards about software updates to vehicles in general (or perhaps these already exist but were missed for some reason?). I can totally imagine that software used to be this ancillary selling point that didn't need such tight regulation, but as it becomes core infrastructure for the vehicle this is less of an IoT toy, and deserves stricter standards.
I don't think that Jeep would have sent out a message saying that one of the changes would brick your machine.
It seems that the ability to trivially roll back any update would be a better choice, at least for this. (But I'm sure there are downstream effects I haven't thought about if that were implemented.)
How do you roll back a fatal car accident caused by the faulty update?
Giving user’s control over when the update runs allows them to be in a safe and secure setting when that update happens. Allowing them time, gives them and Jeep the ability to slow roll the update so they can halt it if initial feedback is negative.
I say this as a Mac user who does not allow auto updates for MacOS. I wait a week or so until the chatter validates it as non-breaking. They pushed an OS update several years ago that broke a few things I rely on. So I don’t trust them now, but these things just happen on OS’s with third party software. I expect it. But, I also don’t want to be forced to deal with the headaches immediately. I’d rather let the third parties run updates and advise how to deal, before I have to dive into fixing things. With car firmware, there’s really no excuse for this except poor engineering / processes.
Giving user’s control over when the update runs allows them to be in a safe and secure setting when that update happens
FTFA:
> The buggy update doesn't appear to brick the car immediately. Instead, the failure appears to occur while driving — a far more serious problem
And from the GP upthread:
> There is no way to tell if you received the bad update.
> There is no way to tell if you received the 'fix' either.
Good points, I did miss those. However, if I had this vehicle and I was reading this article today - and had the ability I'm asking for - I would just keep my current version running until they figure this mess out. It's the advantage of letting other people run the updates first, you get to hear about issues before you experience them.
It's not perfect but seems reasonably easy to implement and would certainly help. If the user needs to approve each update and can see what the changes are most updates will either be skipped or delayed long enough that catastrophic bugs will only hit the small subset of cars that update immediately.
I would bet most updates, especially from a company this bumbling, will be more along the lines of increasing telemetry or pointless UI changes than releasing actually useful features and bug fixes.
You might not accept an update with a bunch of changes that didn’t sound relevant to you.
I certainly wouldn’t accept one while I was still driving the car!
The update didn’t happen while people were driving. Rather, the bug took time to occur, well after the update had been applied.
There is no need to invent new regulations. We already have criminal liability, endangerement from gross negligence, and manslaughter!
I do not see reason, why CEOs of big companies should be exempt from this!
If bus driver makes mistake, or someone drives drunk.... They get punished. This is the same thing!
> There is no need to invent new regulations.
The current regulations are written for a time where cars didn't have rolling computers in them. And even then, the regulations don't account for Tesla-style linked systems. So I say we do need new regulations.
NHTSA's power is simultaneously very broad and narrow. They're empowered to investigate potential safety issues after the fact, but this may not be a safety issue in the very pedantic sense often used. NHTSA can proactively set standards, but the standards they've set (FMVSS) largely ignore modern electronics. So on and so forth.
How about: you get to say whether you want to update and when and manufacturers are required to very explicitly list all of the changes in an update? That would seem to be an acceptable minimum.