machdaddy

Well-Known Member
Joined
Feb 8, 2020
Threads
2
Messages
69
Reaction score
172
Location
SoCal
Vehicles
2021 Ford Mustang Mach E Premium
Country flag
I'm glad Ford finally provided an update with this important feature that I feel should be part of the new norm for vehicles. Going to a dealership to do a service advisory software upgrade for the infotainment system on my 2016 Honda Civic took 2 hours. That's archaic.
Sponsored

 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Threads
63
Messages
6,729
Reaction score
13,758
Location
New Jersey
Vehicles
Solar powered 2021 MME ER RWD & 2022 Corsair PHEV
Occupation
Software Engineer
Country flag
I'm glad Ford finally provided an update with this important feature that I feel should be part of the new norm for vehicles. Going to a dealership to do a service advisory software upgrade for the infotainment system on my 2016 Honda Civic took 2 hours. That's archaic.
Just to play devil's advocate, having OTA opens up a giant security hole that dealer installed or "thumbdrive" updates do not.
 

machdaddy

Well-Known Member
Joined
Feb 8, 2020
Threads
2
Messages
69
Reaction score
172
Location
SoCal
Vehicles
2021 Ford Mustang Mach E Premium
Country flag
Just to play devil's advocate, having OTA opens up a giant security hole that dealer installed or "thumbdrive" updates do not.
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
 

pbojanoski

Well-Known Member
First Name
Peter
Joined
Jan 4, 2020
Threads
14
Messages
304
Reaction score
326
Location
Pennsylvania
Vehicles
Jaguar I-Pace
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
I'm sure Ford will keep it secure, just like I assume Tesla does. Obviously, there is never anything that can be deemed 100% secure. At that point, you have to ask yourself the likelihood of mass infiltration or why someone would go out of their way to single out you. I assume the chances of either of those happening is extremely small, but it's not zero, unfortunately.
 

Mach Dad

Well-Known Member
First Name
Jeffrey
Joined
Jan 29, 2020
Threads
2
Messages
48
Reaction score
65
Location
Oxford, MI
Vehicles
2010 Ford Fusion Hybrid, 2014 Ford Explorer
Occupation
Consultant
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.

The idea of OTA is great and I know Ford is really pushing this as a feature of the Mach E. In reality this could and should become standard for all their vehicles. Let's hope they embrace it product wide going forward. The only issue for ICE is you might need to have it running to have the appropriate systems available.
 


hybrid2bev

Well-Known Member
Joined
Dec 4, 2019
Threads
75
Messages
4,071
Reaction score
11,091
Location
USA
Vehicles
2021 Job 1 Premium4X - EAP Member
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.
It’s two minutes to install the update not download.

“Updates can be activated in under two minutes”
 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Threads
63
Messages
6,729
Reaction score
13,758
Location
New Jersey
Vehicles
Solar powered 2021 MME ER RWD & 2022 Corsair PHEV
Occupation
Software Engineer
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
All of which just make it harder to hack, and not impossible. Particularly if quantum computing continues to develop.
 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Threads
63
Messages
6,729
Reaction score
13,758
Location
New Jersey
Vehicles
Solar powered 2021 MME ER RWD & 2022 Corsair PHEV
Occupation
Software Engineer
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.

The idea of OTA is great and I know Ford is really pushing this as a feature of the Mach E. In reality this could and should become standard for all their vehicles. Let's hope they embrace it product wide going forward. The only issue for ICE is you might need to have it running to have the appropriate systems available.
Right, but as Hybrid2bev said the download os saved "off to the side" while the car is running. It won't be until later when the car is turned on (or some other "safe" state) that the new software can be activated; until then you will continue to drive down the road on the old software. Current supposition is that it follows a partitioning scheme wherein the current software is in one partition and the next version is downloaded into another. To activate, a pointer is merely flipped at startup to the new partition and that is the software that boots. A failsafe mechanism is in place if the new software doesn't successfully load/start, then the pointer is flipped back automatically to prevent the car from "bricking".
 

machdaddy

Well-Known Member
Joined
Feb 8, 2020
Threads
2
Messages
69
Reaction score
172
Location
SoCal
Vehicles
2021 Ford Mustang Mach E Premium
Country flag
Right, but as Hybrid2bev said the download os saved "off to the side" while the car is running. It won't be until later when the car is turned on (or some other "safe" state) that the new software can be activated; until then you will continue to drive down the road on the old software. Current supposition is that it follows a partitioning scheme wherein the current software is in one partition and the next version is downloaded into another. To activate, a pointer is merely flipped at startup to the new partition and that is the software that boots. A failsafe mechanism is in place if the new software doesn't successfully load/start, then the pointer is flipped back automatically to prevent the car from "bricking".
This is precisely correct, at least how computer motherboards with dual BIOS image storage (like gaming motherboards) and network routers/switches work. I would say that there should be a factory default firmware image in the Programmable Read Only Memory (PROM) and then two partitions in the flash storage. The first for the current firmware image and the second for the upgrade image to be utilized on next boot. That way, the car can never be "bricked".

About your comment about quantum computing, I would be much more worried about quantum computing breaking the certificate authorities chain of trust (by fake certificate impersonation or MITM attack) that we rely on for secure banking, trade and communications far more than my car firmware. We have much bigger problems if we get to that point. ?
 

ab13

Well-Known Member
Joined
Feb 17, 2020
Threads
3
Messages
584
Reaction score
469
Location
California
Vehicles
Rav4 Hybrid
Country flag
I'm sure Ford will keep it secure, just like I assume Tesla does. Obviously, there is never anything that can be deemed 100% secure. At that point, you have to ask yourself the likelihood of mass infiltration or why someone would go out of their way to single out you. I assume the chances of either of those happening is extremely small, but it's not zero, unfortunately.

Tesla has been hacked more than once. Lucky for them it was not Blackhat hackers.

https://www.usatoday.com/story/tech/2017/07/28/chinese-group-hacks-tesla-second-year-row/518430001/
 

zhackwyatt

Well-Known Member
Joined
Dec 18, 2019
Threads
14
Messages
1,603
Reaction score
2,616
Location
Arizona
Vehicles
'21 InfBlu Prem MMEx Past: '13 C-Max '98 Explorer
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
Technically you wouldn't use a hash, you would use a digital signature (which makes use of a hash).

The updates, or ability to update, are not the security problem. It's the active network connection that is the problem. Even if they didn't offer the update ability, the connection will still be there for maps, charger status, telemetry, etc. You can't make anything 100% secure, but you can do due diligence and design the system in a secure manner/architecture.
 

ChasingCoral

Well-Known Member
First Name
Mark
Joined
Feb 3, 2020
Threads
376
Messages
12,403
Reaction score
24,517
Location
Maryland
Vehicles
GB E4X FE, Leaf, Tacoma, F-150 Lightning ordered
Occupation
Retired oceanographer
Country flag
There's no street view. What you lose without premium connectivity is the aerial/satellite overlay and, as noted, media streaming and traffic visualizations. However, navigation still uses traffic information for routing.

I don't intend to subscribe to the premium package when my trial period is over, since I don't use any of those things.
Based on the In-Dealership Training manual, it looks like the full navigation features are only good for 3-years without subscription. You may lose real-time traffic and other advanced info after that:

Voice-Activated Touchscreen Navigation System
  • - Three years of service
  • - EV Trip Planner
  • - Live Traffic
  • - Predictive Destinations and Route Guidance
 

hharold

Member
Joined
May 13, 2020
Threads
0
Messages
10
Reaction score
9
Location
Netherlands
Vehicles
Mercedes
Country flag
Will it be possible to connect the MME to the home wi-fi when parked at home?
Or will all the OTA updates be done via some kind of onboard SIM card?
Sponsored

 
 




Top