WBUR explains Question 1 is about access to engine and mechanical data that newer cars store - not location data, despite claims by its opponents, who have put up that ad about how its passage will let sexual predators hunt you down in a deserted parking garage and then lock your car so they can have their way with you.
Free tagging:
Like the job UHub is doing? Consider a contribution. Thanks!
Ad:
Comments
If car manufacturers are that
By anon
Wed, 09/16/2020 - 9:18am
If car manufacturers are that scared of hackers exploiting the wireless access to car computers, they should stop including it as a feature. Or allow the customer to opt in or out, which would be part of opening up the standard.
More to the point
By BostonDog
Wed, 09/16/2020 - 10:27am
A law should mandate opt in only with no hidden agreement in the paperwork you sign when you get the car.
There is no reason for any car to be sending data back to the manufacture or dealer without the car's owner active consent.
And irrespective, the idea that some local car dealer is able and willing to safeguard your personal data is laughable. These guys get hacked all the time. You think the "Rt. 1 automall" employs the brightest minds in data security?
This isn't about manufacturer's systems
By conoryunits
Wed, 09/16/2020 - 10:44am
Question 1 would require them to start from scratch, and create one single standardized open platform that connects to every vehicle and a single app.
Question 1 creates no safeguards for this platform or app. It has no language on who creates it, maintains it, pays for it or protects it, other than to say manufacturers cannot be involved with it.
The National Highway Traffic Safety Administration (NHTSA) wrote to MA legislators in July that is the exact wrong way to go:
Please explain
By SwirlyGrrl
Wed, 09/16/2020 - 10:52am
Why is all this okay when car dealers do it already?
After all, car dealers have this ... issue ... with trust as it is.
The existing law covers this
By conoryunits
Wed, 09/16/2020 - 10:57am
Any information necessary to diagnose and repair a vehicle that is only available through telematics and is made available to dealer repair shops MUST be made available to independent repair shops. That is specifically addressed and required by the existing law:
As you can see, telematics information NOT necessary to diagnose and repair a vehicle, such as navigation, are explicitly prohibited by existing law. Question 1 would change that.
This is good:
By DrewD
Wed, 09/16/2020 - 11:39am
This is good:
The MA legislature shouldn't be in charge of determining security processes. There's no reason that the system can't be encrypted and only accessible to the vehicle owner. At this time, most vehicles are not encrypted and the only security is that it's annoying to figure out what message means what.
Despite that, there is a community of people that decodes the messages anyway. You can find tons of information posted on GitHub.
I haven't read through the whole question, so I haven't made up my mind, but "security by obscurity" is the absolute worst method.
This is just not true. It requires only
I'm not sure I like that particular requirement, but that does not require the underlying system to be rewritten from scratch, nor does it require a single app. A simple interface could access the important information and relay that to the user.
Personally, I think the mobile requirement is a bad idea. It's hard to hack things to do what you want, but it's relatively easy to hack things to not do what they are meant to do. I'm not worried about somebody gaining access to my car and driving it all around town, but DoS'ing it so there's lag in my control could still kill me. I'd prefer hardwired access in a clearly visible place.
The NHTSA's comment isn't wrong, but it's silly to deny people the ability to maintain their cars only so that auto manufactures can use security protocols that are less than the web browser you are currently using to view UHub.
I'm a software architect with
By anon
Wed, 09/16/2020 - 11:31am
I'm a software architect with over twenty years of experience developing enterprise software, with many years in the financial sector and several researching malicious software. This is a ridiculous argument that a single standard is less safe and is patently false. You're talking about security by obscurity which is seldom a good strategy.
Most of the world runs on common standards, if you log into a website or pay with a credit card, use an atm etc. you're relying on a common standard. The mass adoption and openness is exactly why these standards are safer. When you have a group of 5 engineers writing proprietary software against thousands of malicious actors trying find flaws in it they're vastly outnumbered. An open and common standard levels that playing field as thousands of experts review and address flaws on a continuous basis. There is an incentive for everyone to find and fix flaws.
In a closed system you risk a company ignoring a fix to a known flaw due to the cost of implementation and patching it. Other times they don't want the bad PR that comes with acknowledging it in the first place. This is why we see so many data leaks uncovered by third parties, in many cases the companies knew about them for months but did nothing.
That's assuming the people at these car companies are concerned with or care about security in the first place. In the many many years I've spent working in the industry I can assure you this most product owners don't want to spend time on fixing security and tech debt at the cost of time lines shifting. There is constant and enormous pressure to cut corners. I can promise you That Ford or GM aren't going to delay the launch of thier new car because they're waiting on the software team to fix all their bugs.
From NHTSA: "Look, we tried
By baustin
Wed, 09/16/2020 - 12:27pm
From NHTSA: "Look, we tried using a common national standard for roads, and look how dangerous driving turned out to be!"
Quite honestly the statement
By anon
Wed, 09/16/2020 - 2:53pm
Quite honestly the statement from the NHTSA is akin to your financial advisor recommending that you bury your life savings in a random spot in the woods rather than trusting a bank because it's public knowledge that banks store your money in vaults.
Connor Yuntis?
By John Costello
Wed, 09/16/2020 - 11:40am
Connor - Would you please mind disclosing your lobbying ties to this question? Thanks.
I am the lead spokesperson for No on 1
By conoryunits
Wed, 09/16/2020 - 12:23pm
That is in the very first sentence of my response post.
Identify which response post
By cinnamngrl
Wed, 09/16/2020 - 12:44pm
Identify which response post you mean.
It's his top level post below
By DrewD
Wed, 09/16/2020 - 1:02pm
It's his top level post below this one.
I'm not sure I agree with the representation and analysis of the question, but he did state that he's here as an official spokesperson.
As others have pointed out
By bgl
Wed, 09/16/2020 - 1:39pm
Who are also software engineers and architects, why are you making completely wrong and factually incorrect claims in your opposition? Why don't you answer any of the criticism and questions asked of you?
That's all I have been doing
By conoryunits
Wed, 09/16/2020 - 1:50pm
I am responding to as many issues and questions as I can.
Hi Conor,
By anon
Thu, 09/17/2020 - 10:57am
Hi Conor,
Can you please list where your funding comes from?
It is major automobile manufacturers, correct?
Thanks,
Concerned citizen
Vehicle wiresless systems are in no way secure
By tysmith
Wed, 09/16/2020 - 2:57pm
Some bean counter heard about 256 bit encryption and likely said "WOW. That's a lot of bits. Must be 256 better times 1 bit encryption.".
Vice has a great video of some guys hacking a Jeep as it's driving down a highway:
https://youtu.be/MK0SrxBC1xs
Other reports have also shown thieves exploiting RF keys:
https://youtu.be/zIveLwq0p5o
Pols thinking that they can deter, or even stop this by creating laws, are wasting tax payer money.
This is my final post on this topic. Question 1 opposition by vehicle manufacturers is dumb.
It's also about being able to
By cden4
Wed, 09/16/2020 - 9:20am
It's also about being able to fix other electronics such as computers and cell phones more easily. For example, Mac laptop batteries are designed not user replaceable, but with this new law, I believe they would be. So instead of having to send out your laptop and spending $300, Apple would have to redesign it so that you'd be able to buy a new battery and just pop it in yourself.
So instead
By Will LaTulippe
Wed, 09/16/2020 - 9:38am
Of just not buying Apple products, we're going to voluntarily involve government force in the transaction?
Picture in this scenario
By A
Wed, 09/16/2020 - 10:01am
Picture in this scenario government as a body with arms and legs. It is simply pushing its arms open to keep space open for you and keep companies from encroaching on your rights.
I get the disdain for government control but in this case "government force in the transaction" is an emotional distortion.
An alternative way of looking at it
By SF
Wed, 09/16/2020 - 10:02am
don't you think that a company's ability to control your use/repair of a product should end when they sell it to you?
Boycotts don't work against monopolies
By Angry Dan
Wed, 09/16/2020 - 10:16am
We need to defend the right to repair or corporations will use government forces to eliminate it.
Vote YES on question 1.
Yes, that's exactly what we're going to do.
By BostonDog
Wed, 09/16/2020 - 10:23am
For smartphones you have three choices: Be submissive to Apple, be submissive to Google, or don't own a smartphone.
Boycotts don't work when there are no alternatives. They are monopolies.
Voting with your wallet is not a replacement for voting with a ballot.
Well
By Will LaTulippe
Wed, 09/16/2020 - 10:34am
Google phones provide me the same services as the Apple phones, but for cheaper.
Apple is a business only because status consumerism is a thing.
You are not Google's customer
By BostonDog
Wed, 09/16/2020 - 11:12am
I have no love for either company. Google is "cheaper" because they are selling your personal data to everyone. You are not their customer, advertisers are.
Apple is a bit better about keeping personal data personal but in exchange they want full control over your device. They demand to be the gatekeeper and sole decider of what you can and can't do with your phone.
If the people writing the laws had any spine they'd prohibit Google from collecting data unchecked. Meanwhile, Apple should be prohibited from being the sole middleman between the phone and developers.
^ Exactly
By ElizaLeila
Wed, 09/16/2020 - 11:49am
You are google's product, not their customer.
Not exactly.
By tysmith
Wed, 09/16/2020 - 10:40am
There is a third option that does exist, and takes owner privacy serious. Made by Purism.
https://puri.sm/products/librem-5/
"Librem 5" phone is popular with privacy enthusiasts. Supply can't keep up with the amount of sales that this phone is getting.
I've almost eliminated Apple and Google products from my life. Some sites, and services make it nearly impossible to get away from either one of them.
Not much of an option
By BostonDog
Wed, 09/16/2020 - 11:20am
I love the concept but that phone is not a viable option. It's not even shipping according to the website. It also won't work with Verizon (my carrier) and lacks a number of features. Since it won't run iOS or Android applications, it can't be used in place of any service which requires a smartphone app.
The quickest way to get phones like that to be mainstream is to support laws that regulate Apple and Google.
The Librem 5 phone is constantly on backorder
By tysmith
Wed, 09/16/2020 - 2:26pm
Owners do have them in-hand now, and they're being used. Going extreme privacy requires somewhat of a life change. You're right, many people won't do it. I've managed to wean many of my daily tasks off of Google. It's an ongoing effort.
but is there an app for that?
By anon
Thu, 09/17/2020 - 12:15pm
It's a nice idea.
But in the direction our society is heading, where you can't even get food at Herb's Burritos without installing the Herb's Burritos app, how will it work for a phone OS that isn't widely supported?
Bye bye Ma Bell!
By Lecil
Wed, 09/16/2020 - 10:51am
I'm guessing you don't remember when you couldn't buy a phone or service from anyone but AT&T...
You can now. Hint: This isn't because there was a boycott.
I know my history
By Will LaTulippe
Wed, 09/16/2020 - 10:58am
That's not analogous to this.
You couldn't buy a phone from
By anon
Thu, 09/17/2020 - 12:10pm
You couldn't buy a phone from AT&T either. You had to rent it.
That would be nice. But this
By anon
Wed, 09/16/2020 - 9:48am
That would be nice. But this ballot question is very clearly about vehicle telematics systems, so it would not affect laptop batteries.
This particular ballot question is about cars
By CuteUsername
Wed, 09/16/2020 - 10:31am
"Right to repair" as a general concept is about any sort of manufactured product and in general it is a good idea, but this ballot question (and for that matter the one from 2012 that is currently law) is specifically about motor vehicle diagnostic data.
Right - this is only about vehicle telematics systems
By conoryunits
Wed, 09/16/2020 - 10:46am
No other electronics are covered under Question 1. That is a completely separate issue.
Question 1 is NOT about Right to Repair. Right to Repair for vehicles is already law in Massachusetts, and has been since 2013.
Question 1 only covers vehicle telematics systems. It does not cover any other electronics.
Oh, bummer.
By cden4
Wed, 09/16/2020 - 4:50pm
Oh, bummer.
I replaced the battery in my
By TheDot
Fri, 09/18/2020 - 8:34am
I replaced the battery in my Mac. Micro Center in Cambridge sells them.
Do you have an older Mac? I
By cden4
Fri, 09/18/2020 - 10:33am
Do you have an older Mac? I replaced the one in mine from 2011 and it was like doing surgery: 25 steps to take the computer apart and 25 steps to put it back together, and I needed some specialized tools to do it.
That's one yes vote from here.
By Vicki
Wed, 09/16/2020 - 9:23am
I was leaning toward "yes" anyhow, but that sort of fear-mongering by people who want me to vote "no" clinches it.
Blame your rep
By Rob O
Wed, 09/16/2020 - 9:24am
The people already expressed their will on this issue several years ago.
The legislature should have fixed any issues with the law instead of kicking this back to Referendum2. But because they were too cowardly to do so, we are left with this campaign full of lies. What a disgrace. I can't believe we pay these people to write and pass laws.
Well, they hardly pass laws.
By anonhere
Wed, 09/16/2020 - 10:14am
Well, they hardly pass laws. See this 2020 session with multiple bills just stuck in committee. They need lots of time to campaign, you know.
For what it's worth
By conoryunits
Wed, 09/16/2020 - 12:38pm
The people behind Question 1 filed for a ballot question before their legislation even had a hearing.
They never had any intention of letting the legislature work through this.
And the ballot question should have been denied
By roadman
Thu, 09/17/2020 - 2:21pm
on that basis alone.
Its the car makers software
By cinnamngrl
Wed, 09/16/2020 - 9:44am
How stupid do they think we are, that all these stalker resources are an integral part of maintaining our cars. If my safety is at risk, it is because of the car maker, not a local mechanic.
The funny thing that they don't put in the commercials is the black box aspect. If there is a crash, your car knows how fast it was going and what you were doing.
Again - this is not about the car maker's software
By conoryunits
Wed, 09/16/2020 - 10:47am
Per post above, this is about the open access platform that would be created by Question 1.
To be honest ...
By SwirlyGrrl
Wed, 09/16/2020 - 10:54am
I trust my local mechanic a hell of a lot more than the car dealer who lost my registration and lied about it.
Completely understand
By conoryunits
Wed, 09/16/2020 - 10:58am
And nothing in Question 1 would change your ability to get your car fixed by your local mechanic.
A NO vote on Question 1 keeps the Right to Repair law the same. The existing law already ensures that independent repair shops have access to all the information they need to diagnose and repair your vehicle.
Tell that to the BMW
By Agingcynic
Thu, 09/17/2020 - 11:57am
dealer who wouldn’t allow my mechanic access to the computer on my 535. The HID articulating headlight that repeatedly died during the warranty suddenly needed to be replaced by a dealer only for $5,000 once warranty expired. They’re behaving like thugs. (BTW, didn’t Brockton used to have a politician named Yunits?)
Tell that to
By Agingcynic
Thu, 09/17/2020 - 12:03pm
BMW of America. Ever replaced a $5,000 headlight? Quite the experience.
The two campaigns have made
By brianjdamico
Wed, 09/16/2020 - 9:55am
The two campaigns have made for a great point/counterpoint.
Point: It's your car, you should be able to decide who repairs it.
Counterpoint: Why would you want to be stalked and raped?
The stalker in the Ads
By BostonDog
Wed, 09/16/2020 - 10:26am
Should be played by Herb Chambers.
You can already decide who repairs your car
By conoryunits
Wed, 09/16/2020 - 10:48am
That is covered under the existing Massachusetts Right to Repair law, which has been settled in Massachusetts since 2013.
A NO vote on Question 1 makes no changes to the law.
you keep regurgitating this response
By Marco
Wed, 09/16/2020 - 12:02pm
without fully understanding the issue, which is that car manufacturers are using a LOOPHOLE in the existing law to get around it, that being wireless information transfer and an app one must use to get that wirelessly transmitted information. The eight year old law you cite only deals with OBDII compliant vehicles that extract codes with a WIRED DEVICE you PLUG into the car under the dash. Since then companies have come up with this wireless bullshit and hold the keys to the apps to get that information.
If people are worried about getting their cars wirelessly hacked they should seek to BAN that technology altogether. There is absolutely no reason for it, other than skirting the current right-to-repair laws. To retrieve ANY info from a vehicle you SHOULD need access to the inside of the vehicle, meaning the keys from the owner whose property the vehicle is. The entire argument over the wireless transmission of this information is a problem created by manufacturers hell bent on keeping you at their mercy until the car is over 10 years old.
So NOT changing the exiting laws means all cars newer than say 2013 will be particularly hard to find an honest place to repair it at (hint: NO car dealership on the face of the planet operates honestly).
I have no skin in this game since the newest car I have ever owned was a 1997 model. Modern cars are rubbish. For all the advanced tech they offer, all the "safety" features and cameras and self-braking and lane assistance....aka making humans LAZIER and less aware of their surroundings...they cost a fortune to fix when some un-necessary system failure makes the entire thing inoperable or unable to get a safety inspection sticker.
On a much simpler base level a YES vote helps small independent business and a NO vote helps big corporations with trade groups and lobbyists paying for scare-mongering ads about rape and stalking when we are talking about NOX emissions readings from a fucking vehicle CPU.
The choice is pretty clear if you're not a capitalist bootlicker.
^^^^^This
By MainStreetLuv
Wed, 09/16/2020 - 7:34pm
Thank you, Marco, for pointing this out. The "No On 1" contingent wants us to believe that car manufacturers will continue to use the OBDII port for all information, despite the prevalence of wireless options now. A shift to wireless transmission of this type of data would exclude local shops from being able to diagnose problems.
That is why I'm voting Yes on 1.
Conor, if you had led with
By brianjdamico
Wed, 09/16/2020 - 10:01pm
Conor, if you had led with ads that made THAT argument, I'd be more willing to listen. When you scare people, or try to, you are going to get a fight or flight response. Unfortunately for you, it isn't always flight.
I like facts, I like data, I like references. A good argument lets me prove to myself you are right. A bad argument makes me not want to listen at all.
Stock ideas
By A
Wed, 09/16/2020 - 10:04am
Adam may I ask you be more thoughtful about what language like "have their way with you" implies, even if such people doing such things is not something you would ever support. It is reinforcing the sexualization of predation of women. Thanks
I thought about that
By adamg
Wed, 09/16/2020 - 11:07am
And then I watched the video again, and, really, it's pretty much that cliche: Young woman, alone, defenseless, in a deserted parking garage at night. Whoever's behind it is the one that should answer for it, and I'm not sure how I could write about it without pointing out what the ad explicitly says (which is nothing at all to do with "telematics").
Misplaced humor
By CityGarden
Wed, 09/16/2020 - 1:42pm
n/t
I don't think it's funny at all
By adamg
Wed, 09/16/2020 - 12:01pm
Did you watch the ad linked in the original post?
"Bro" culture
By CityGarden
Wed, 09/16/2020 - 1:42pm
n/t
Thank you for taking time out
By Milwaukee Mike
Wed, 09/16/2020 - 1:08pm
Thank you for taking time out of your busy schedule to serve as arbiter of the culture on these comment pages. I'm sure that we all have much to learn from you.
To be fair, the No on
By Refugee
Wed, 09/16/2020 - 10:09am
To be fair, the No on Question 1 people are not singling out "violent men", but sexual predators of all genders.
Qanon 1?
By SwirlyGrrl
Wed, 09/16/2020 - 10:57am
Funny how a simple initiative about plugging a loophole in a car repair law got morphed into OMG STALKERS!
I keep waiting for an ad with children tied up in the basement of the local pizza joint, because Question 1!
It's not just about Massachusetts
By AMcoffee
Wed, 09/16/2020 - 10:09am
The auto makers know that if this passes in Massachusetts, it basically opens up the technology for all car owners NATIONWIDE. They can't engineer the software to say "you're in MA so it's open to you" and stop it in the other 49 (and DC). Interstate commerce and all....
The original ballot measure on open access, it opened the door to all car owners to get the benefit of seeing the OBD codes to anyone with the scanning equipment.
If it were an innocuous measure, they would not be pouring $ millions into trying to defeat the bill.
Perhaps
By adamg
Wed, 09/16/2020 - 11:08am
But perhaps there are other ways to make that argument than with an offensive, lying ad.
The ad is based on testimony
By conoryunits
Wed, 09/16/2020 - 11:11am
From Domestic Violence and Sexual Assault prevention advocates in both California and Massachusetts.
Wow, then I guess the whole
By Milwaukee Mike
Wed, 09/16/2020 - 1:11pm
Wow, then I guess the whole thing is completely beyond reproach--my bad.
The ad is stupid, and in poor taste
By tysmith
Wed, 09/16/2020 - 2:36pm
This is an attempt at fear mongering. Best thing to do is take down an add this dumb. Way to target less educated voters. Congratulations.
Response on Question 1
By conoryunits
Wed, 09/16/2020 - 10:41am
Here to respond as the spokesperson for No on 1/the Campaign for Safe and Secure Data, which, yes, is funded by automakers.
First, on the location data - it is absolutely included, and the best source for that information is the main group behind Question 1.
Question 1 requires the creation of a mobile app that links to an open access platform connected to all connected vehicles in Massachusetts (beginning with model year 2022).
The Auto Care Association, one of the lead funders of Question 1 and the group who has been pushing this idea nationally, has been presenting at trade shows and showing exactly what they want the app to look like. Their app includes location and behavior data. The Yes on 1 group is flat out lying when they say they do not want location data.
Second, on the risk of sexual assault/domestic violence. This is not about local repair shops. Again, Question 1 creates an open access platform that can be accessed through a mobile app. It will present an easy, high level target.
Here is what Jane Doe Inc, the Massachusetts Coalition Against Sexual Assault and Domestic Violence told the legislature in January about Question 1:
Pages
Add comment