Build more trains
As corporations start to paywall features in cars, features which are clearly physically present but must be subscribed to in order to activate, I expect to see a boom in the number of mechanics educating themselves on the new systems and charging fees for “car feature unlock” services. It’s been happening with mobile phones locked to specific networks for decades, and car mechanics can recognise a good opportunity to make some quick cash as readily as a mobile phone salesman can.
In the short term, car manufacturers can reserve access to the software for their own dealerships, but that only delays the inevitable, because older cars will inevitably have to be maintained by smaller, independent garages, which tend to be cheaper than the main dealerships. By the time the cars are 5 years old, maximum, the independent garages will need to be able to perform repairs and updates to the onboard computers, and from there it’s only a matter of time before some clever, innovative mechanic figures out how to remove blocks on features and bypass subscriptions.
And that’s assuming that as cars become increasingly computerised, nobody figures out FOSS operating systems and software for them.
It’s already a pain just to access diagnostic tools on modern cars, my current car needs a CAN Bus module that basically modifies the behavior of the module it replaced and allows you to access the bus unencrypted over the OBDII port.
Though admittedly there’s a decent argument that the manufacturer implemented this for real security concerns. Its real purpose as far as I can tell is to interpret signals from the infotainment system so it cannot send things it shouldn’t to the rest of the car. I’m not too concerned that my individual car is open to this, but if every car was there might be a worthwhile attack to disable them all etc. They could have easily made it disable itself when diagnostic hardware was detected IE a physical lockout that requires a specific resistance on a pin.
Considering modern cars have throttle by wire, brake by wire, electric power steering with assists all hooked up over CAN bus to an infotainment system that may have its own 5G modem it’s not too paranoid to consider that an attack vector that could compromise the safety of a vehicle, even if it’s slim. Which is unfortunate because I really want to just say make it all open so I can fix stuff and mess around with my car that I own.
Yeah, there’s definitely a solid safety argument for keeping modern car computers secure, but… I dunno, my feeling is that as the overall car population shifts towards the newer models, the more opportunities and motivations there will be for people to get around software limitations. That pressure isn’t quite there yet, I don’t think, because there’s still an awful lot of older vehicles on the road. Or around here there is, anyway, and there’s not much in the way of computerised elements on a 10+ year old car. But in 10 years time, when the majority of cars on the road are the models being released today, there is going to be a much larger desire to get around feature blocks.
I know a fair number of people who work with mobile phones, and those went through the same cycle. When the very first smartphones were released, it was hard to do quite a lot of things with them that we now take for granted. As smartphones became more popular and everybody had one, there were both more reasons to break through security blocks and more people trying to do it. There’s now a wide variety of tools available for modifying phones, which can break through manufacturer-installed blocks in minutes, which used to take hours to do without tools (if it was even possible at all). These days, when a new model is released, somebody has found a way to break through blocks within a few hours, and posted it online within 24.
Now, the majority of people won’t modify their cars, just like the vast majority buy a phone and never modify it. But enough people will want to - or need to in specific use cases - that will create a market for engineers and mechanics to figure out a way of doing it. It’s just human nature. So there’s going to be this push and pull between manufacturers saying “the car’s software needs to be locked down so malicious actors can’t mess with the brakes” and individuals saying “I don’t want to mess with the brakes, but I want to unlock the heated seats”. Bypasses for features that have been locked behind a paywall are going to be the most popular.